Transfer of personal data by Poland’s Ministry of Digital Affairs in connection with carrying out tasks related to the holding of presidential elections

29.4.2020

Priority question for written answer P-002607/2020/rev.1
to the Commission
Rule 138
Andrzej Halicki (PPE)

As a result of the restrictions on the operation of common courts in Poland necessitated by the COVID-19 pandemic, Polish citizens are currently not guaranteed the right to effective legal remedy before a court, as referred to in Article 79(1) of the General Data Protection Regulation (GDPR), which would allow them to assert their rights before an independent court without having to rely on the decisions of the national supervisory authority. 

On the basis of the legal provisions introduced to combat COVID-19, namely Article 99 of the Act of 16 April 2020 on special support instruments in connection with the spread of the SARS-CoV-2 virus, Poczta Polska S.A. submitted a request on 20 April 2020 to the Ministry of Digital Affairs for the transfer of data from the PESEL register, which contains the detailed personal data of Polish citizens. The Systems Management Department of the Ministry of Digital Affairs released the data requested in the application on 22 April 2020. Poczta Polska is a joint stock company, not a part of the government administration. Data from the PESEL database are not equivalent to data from the electoral register. These datasets are separate and different.

In a situation in which the personal data protection rights of millions of Polish citizens have probably been violated and no other means can be used to protect those rights, could the Commission say whether, in its opinion, the above‑described data transfer methodology is compatible with the EU’s GDPR rules?