First out of the blocks, it emerged that Sinn Féin has been compiling a database of perceived voting intentions, together with its apparent use of social media to identify voters as people who could be talked round along with their approximate location.

Later in the week, it emerged that that data had been held in London, only to be transferred to Germany on foot of Britain exiting the EU.

In being hauled over the coals for possessing a centralised political database of voter intentions, Sinn Féin revealed one fact but also missed a salient point.

The fact is that Sinn Fein didn’t understand GDPR. If it did, it would have had a Data Protection Officer in place, plus a Data Protection Impact Assessment for the voter database, neither of which it possessed until the Data Protection Commissioner started asking questions.

The missed point was that the party hadn’t really done much wrong. 

Storing data elsewhere in the EU (first in London, then Germany), is not in any way problematic (in fact, if the system in question is better than what’s available at home, it is even to be encouraged). 

While some may have taken issue with it, that is still legal. Sinn Fein seemingly wasn’t aware of that, and presumed it had done something wrong, thus making it look guilty.

And guilt in public relations terms is 90% optics.

On Friday, however, things took a turn for the farcical. Fine Gael, Sinn Fein’s greatest political rivals at present, had been stoking the flames of the database story all week. The party’s Seanad leader Regina Doherty tweeted “neither King nor Kaiser” when it finally emerged the Sinn Fein Abu database was being stored in Germany, a reference to Sinn Fein’s citizen army origins. 

Then it emerged that many of the websites of Fine Gael’s own public representatives were non-compliant with GDPR. One by one, sites went offline, only to resurface hours later with newly-minted privacy policies and cookie disclaimers.

We are now, however, heading down a slippery slope where a story that should have been a non-event could potentially snowball into something that affects all Irish political parties.

TJ McIntyre, associate professor in the Sutherland School of Law at University College Dublin, an expert in data protection and retention, said it is not surprising to learn that political parties have breached GDPR rules.

"Drawing attention to the issue by any one party is kind of like organising a circular firing squad," he said.

The DPC’s show of interest in the Sinn Féin story spells trouble for all concerned. By all accounts, the party has been remarkably compliant with the data regulators’ train of interrogation. It installed a DPO in double-quick time, and the DPC is now considering its hastily drawn-up DPIA for the database.

A key question for Sinn Féin is via what legal basis has it been using the voter data it possesses. The problem here is that Ireland’s Data Protection Act 2018, the piece of legislation used to enact GDPR in Irish law, goes a deal further than the GDPR itself in allowing for political processing of personal data. In fact, such processing is effectively prohibited under the European regulation.

Section 48 of the Irish Act states that such processing can be legal “in the course of electoral activities”. But surely electoral activity implies the time of an election, not the months and years in between?

And if that is the case then are such political data banks illegal?

If the DPC were to decide that, then the operation of the whole electoral system here could be called into question.

What will save the system’s bacon is pragmatism. The DPC is underfunded and under-resourced as it is, without having to deal with an enormous investigation of the Irish political process.

Its official line is that Sinn Féin has been prompt in its response to the regulator’s queries.

“We received responses and comprehensive documentation yesterday and will be assessing them over the coming days," Deputy Commissioner Graham Doyle said on Friday.

Meanwhile, it’s understood that the regulator has no immediate plans to start investigating other parties as to their own GDPR situation.

If the Sinn Fein case stays to the fore for very much longer that will change. 

As one senior source put it last week: “there are no benefits to mutually assured destruction”.

This is a story that all political parties and none need to disappear, and fast.