For anyone concerned about the Facebook/Cambridge Analytica scandal last year, this is a development which you may want to keep an eye on.
The scope of the legislation is limited, because it only applies to European Parliament elections. It is also easy to imagine that there may be real difficulty in establishing a link between the data breach and the deliberate influence (or attempt to influence) an election.
But this represents the first serious attempt that I have seen by a government to try to combat the misuse of personal data for electoral purposes. If successful it may mark a turning point in the battle to regulate the use of personal data in the political sphere. If it fails, the prospect is bleak: as improper influence and misuse of data continue to increase, this will inevitably be accompanied by an erosion in the public's confidence in the democratic process itself.
It is no surprise, therefore, that the ICO has been undertaking significant research into this area in the wake of the Cambridge Analytica investigation. With their recent publication of recommendations for this issue to be addressed in the UK, there will be keen interest in seeing whether the European Parliament's attempts to address these issues can be made to work.
The EU is bringing in new rules to prevent the misuse of personal data in EP elections. EU ambassadors today endorsed an agreement reached between the Council presidency and the European Parliament last week on changes to the 2014 regulation governing the statute and funding of European political parties and foundations. The new rules will allow for financial sanctions to be imposed on European political parties and foundations that deliberately influence, or attempt to influence, the outcome of EP elections by taking advantage of breaches of data protection rules. The EU institutions are working rapidly to have the rules in place before the EP elections this spring.