The Dutch Data Protection Authority (DPA) investigated 24 interactive vote prior to the recent elections that took place in the Netherlands on March 15, 2017. They found that various vote compasses processed sensitive personal data of individuals, such as their religious and political views, without obtaining their prior consent. This is in breach with the Dutch Data Protection Act (DDPA), even if the information is being processed for research and statistics. In order to be compliant, the vote compass would have to provide voters with clear and sufficient information, and the given consent must be specific, as well as given freely. Following the warning given by the DPA, all 24 vote compasses adjusted their methods, and are no longer in breach with the DDPA.
During an earlier investigation, the DPA had found that 14 vote compasses did not use a secured platform. The DPA urged all 14 owners of these platforms to make the necessary changes within one week in order to be compliant with the DDPA. Following this warning, 4 out of the 14 vote compasses were removed. The remaining 10 met the requirements set by the DPA.