EU leaders on Thursday pressed tech giants to fully protect Europeans’ personal data after the scandal over information harvested from Facebook that some in Brussels warn also threatens democracy.
The leaders of the 28-nation European Union stressed privacy concerns rather than broader political fears, including whether a similar breach may have influenced the shock 2016 Brexit vote in Britain.
The summit host said leaders discussed the misuse of Facebook data by British firm Cambridge Analytica, which played a role in US President Donald Trump’s election campaign.
‘It was clear to all the leaders that citizens’ privacy and data should be fully protected,’ European Council President Donald Tusk told a press conference in Brussels.
‘We take this issue very seriously. The EU and national legislation must be respected and enforced,’ said Tusk, a former Polish premier who echoed a written summit statement.
Those remarks neither reflected the political concerns Tusk raised in the run-up to the summit nor those that others expressed Thursday on the EU summit sidelines.
As the leaders met, European Parliament President Antonio Tajani pressed Facebook chief Mark Zuckerberg to take him up on his invitation to speak to the elected body.
Tajani warned it would be a ‘big mistake’ for him not to answer questions from an elected body that regulates a market of 500 million people, many of them Facebook users. 
‘We want to know if during the American elections and during the referendum on the Brexit, people used data for changing the position of the citizens,’ the Italian politician told reporters.
Tajani said he was still waiting for Zuckerberg to reply to his invitation to speak to the parliament.
Speaking across the street from the summit venue, EU Justice Commissioner Vera Jourova had understood the leaders were also tackling the ‘political implication’ of the data breach and its possible impact on democracy.
Jourova, who recalled ‘manipulation and brainwashing’ when her native Czech Republic was under communist rule, said the Facebook case is ‘much more serious’ than a data breach.
‘Because here we witness the threat to democracy,’ Jourova told reporters after returning from talks in Washington about data protection, including the Facebook case.
‘It is endangering the free electoral choice… of the people in Europe,’ said Jourova, who is not on Facebook.
‘Master of their own privacy’
Jourova suggested Facebook used the circumstances of modest snowfall as an excuse not to meet with her in Washington.
Jourova planned to send Facebook a letter on Friday asking the firm to ‘fully obey European law’ and show ‘social responsibility’ by fighting hate speech.
When Tusk announced Wednesday that the Facebook case was added to the summit agenda at the last minute, he said leaders would tackle issues ‘undermining trust in our democracies through fake news or election meddling’.
He said this was ‘particularly relevant in view of the recent revelations about Cambridge Analytica.’
But the formal summit statement was narrower.
‘Social networks and digital platforms need to guarantee transparent practices and full protection of citizens’ privacy and personal data,’ the statement said.
‘EU and national legislation must be respected and enforced.’
EU leaders will further discuss the data privacy issue at a summit in the Bulgarian capital Sofia in May, it added.
The European Commission, the EU executive where Jourova serves as commissioner, and the European Parliament, have called for investigations into the Facebook scandal.
During her US visit, Jourova warned that Europe’s General Data Protection Regulation would make it ‘very, very expensive’ for violators once the legislation enters force on May 25.
‘We want to give the people back the chance to be the masters of their privacy,’ under the new legislation, Jourova said back in Brussels.
But she said that only individual member states rather than the EU as a whole could consider penalties because the current breach happened before the new legislation. 
Jourova said the breach also likely happened before an EU-US Privacy Shield adopted in 2016, under which firms face penalties if they do not meet EU standards of protection.