As follow-up action to the Facebook-Cambridge Analytica scandal, MEPs call for a full audit on Facebook and new measures against election meddling.

In a resolution adopted on Thursday, MEPs urge Facebook to allow EU bodies to carry out a full audit to assess data protection and security of users’ personal data, following the scandal in which the data of 87 million Facebook users was improperly obtained, and misused.

MEPs say that Facebook did not only breach the trust of EU citizens, “but indeed EU law”. They recommend that Facebook make changes to its platform to comply with EU data protection law.

Measures against election manipulation

MEPs note that the data obtained by Cambridge Analytica may have been used for political purposes, by both sides in the UK referendum on membership of the EU and to target voters during the 2016 American presidential election.

They highlight the urgency of countering any attempt to manipulate EU elections and to adapt electoral laws to reflect the new digital reality.

To prevent electoral meddling via social media, MEPs propose:

applying conventional “off-line” electoral safeguards online: rules on spending transparency and limits, respect for silence periods and equal treatment of candidates;

making it easy to recognise online political paid advertisements and the organisation behind them;

banning profiling for electoral purposes, including use of online behaviour that may reveal political preferences;

that social media platforms should label content shared by bots, speed up the process of removing fake accounts and work with independent fact-checkers and academia to tackle disinformation;

investigations should be carried out by member states with the support of Eurojust, into alleged misuse of the online political space by foreign forces.

The resolution summarises the conclusions reached following last May’s meeting between leading MEPs and Facebook CEO Mark Zuckerberg, and the three subsequent hearings. It also references the data breach suffered by Facebook on 28 September.

“This is a global issue, which has already affected our referenda and our elections. This resolution sets out the measures that are needed, including an independent audit of Facebook, an update to our competition rules, and additional measures to protect our elections. Action must be taken now, not just to restore trust in online platforms, but to protect citizens’ privacy and restore trust and confidence in our democratic systems,” said Civil Liberties Chair Claude Moraes (S&D, UK).

Citizens and businesses will be left in legal limbo if the European Commission acts on MEPs’ calls to suspend the EU-Privacy shield, warned ECR MEP Dan Dalton.

Dalton is concerned that unfortunately some MEPs saw this resolution as an opportunity to score political points and damage our cooperation with the U.S, when the positive way forwards would have been to try and learn lessons and to continue dialogue that ultimately ensures the agreement is fully implemented.

“Authorities must investigate alleged breaches of our data protection laws, as is happening with Facebook in relation to Cambridge Analytica, and prosecute if appropriate. We have seen before the consequences of suspending international agreements such as the EU-US Privacy Shield and the uncertainty it causes. Today’s vote was nothing more than political grandstanding from the same people who claim they are guarding the data rights and privacy of European citizens. They should be honest and admit that in the absence of the privacy shield agreement, citizens’ rights to data protection and redress would in reality be seriously diminished. People will be in complete legal limbo,” he said.