Belgium: Mayor violates GDPR for voting campaigns

Belgium: Mayor violates GDPR for voting campaigns

An architect came into contact with a mayor in the process of a subdivision modification. On this occasion, the architect transmitted multiple Email addresses of compliants to the mayor’s office. On the day before communal elections, the mayor used the “reply” feature to send an electoral message to said compliants.

According to the GDPR, any data is only allowed to be processed in association with the task it was originally obtained for. The mayor recieved the Email addresses as part of a subdivision modification. Any use of these Email addresses is, without additional consent by the owners of these addresses, illegal. As a result, the Data Protection Authority fined the mayor for 2.000€. Even though the fine is small, it sends a message. Data controllers have to be carefull with the data they recieve. This also applies to those that work in public positions.

Sources: Data Protection Authority

Decision data:
28.05.2019

Country:
Belgium

Type of Issue:
Illegal data processing

Number of involved data records:
unknown

Special category of data involved:
No

Fine:
€ 2,000,-

Reference: