Ireland

Custers, Bart; Sears, Alan M.; Dechesne, Francien; Georgieva, Ilina; Tani, Tommaso; van der Hof, Simone

doi:10.1007/978-94-6265-282-8_6

Bart Custers¹³,
Alan M. Sears¹³,
Francien Dechesne¹³,
Ilina Georgieva¹³,
Tommaso Tani¹³ &
…
Simone van der Hof¹³

Part of the book series: Information Technology and Law Series ((ITLS,volume 29))

1360 Accesses

Abstract

This chapter focuses on privacy and data protection in Ireland. The first section deals with the general situation regarding privacy and personal data protection. The second section deals with national government policies. The third section deals with laws and regulations. The fourth section deals with implementation. The fifth section deals with regulatory authorities and enforcement.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Chapter: USD 29.95; Price excludes VAT (USA)

eBook: USD 69.99; Price excludes VAT (USA)

Hardcover Book: USD 89.99; Price excludes VAT (USA)

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Notes

1.
McGee v. Attorney General [1974] IR 284; Kennedy and Arnold v. Attorney General [1987] IR 587.
2.
http://thesovereigninvestor.com/asset-protection/ireland-sets-big-tech-internet-privacy-policies/.
3.
https://www.quora.com/Why-have-Google-and-Facebook-chosen-Dublin-for-their-European-headquarters. See also https://qz.com/124133/the-reason-american-tech-firms-like-ireland-isnt-just-the-low-taxes/.
4.
CJEU 6 October 2015, case C-362/14, Facebook/Schrems, ECLI:EU:C: 2015:650.
5.
Case number C-293/12. Court of Justice of the European Union. 8 April 2014.
6.
http://www.cso.ie/en/releasesandpublications/er/isshh/informationsocietystatistics-households2015/.
7.
Eurobarometer 431 2015, p. 109.
8.
Eurobarometer 431 2015, p. 110.
9.
Eurobarometer 431 2015, p. 113.
10.
Consent Country Report Ireland 2012, p. 3.
11.
Eurobarometer 431 2015, p. 10.
12.
Eurobarometer 431 2015, p. 29.
13.
Eurobarometer 431 2015, p. 32.
14.
Eurobarometer 431 2015, p. 40.
15.
Vodafone Survey on Big Data 2016, p. 79.
16.
Consent Country Report Ireland 2012, p. 4.
17.
Consent Country Report Ireland 2012, p. 33.
18.
Consent Country Report Ireland 2012, p. 4.
19.
Consent Country Report Ireland 2012, p. 4.
20.
Consent Country Report Ireland 2012, p. 4.
21.
Consent Country Report Ireland 2012, p. 4.
22.
Eurobarometer 431 2015, p. 92.
23.
Eurobarometer 431 2015, p. 95.
24.
Eurobarometer 431 2015, p. 98.
25.
Consent Country Report Ireland 2012, p. 4.
26.
Consent Country Report Ireland 2012, p. 3.
27.
Consent Country Report Ireland 2012, p. 39.
28.
“Deputy Terence Flanagan asked the Minister for Public Expenditure and Reform Information on Brendan Howlin Zoom on Brendan Howlin if there are service level agreements between Government Departments regarding the sharing of data, for example, between the Revenue Commissioners and the Department of Social Protection; and if he will make a statement on the matter.” http://oireachtasdebates.oireachtas.ie/debates%20authoring/debateswebpack.nsf/(indexlookupdail)/20131120~WRO?opendocument#WRO00800.
29.
http://oireachtasdebates.oireachtas.ie/debates%20authoring/debateswebpack.nsf/(indexlookupdail)/20131106~W?opendocument#W03000.
30.
http://www.independent.ie/irish-news/politics/labour-brings-two-separate-bills-targeting-online-bullying-31149776.html.
31.
One of the more recent initiatives is a report by the Law Reform Commission which is accompanied by a draft bill. http://www.irishexaminer.com/ireland/new-laws-to-combat-online-abuse-such-as-cyberbullying-and-revenge-porn-422963.html.
32.
https://www.thejournal.ie/cyber-bullying-ireland-1162881-Nov2013/.
33.
http://www.independent.ie/irish-news/politics/labour-brings-two-separate-bills-targeting-online-bullying-31149776.html.
34.
https://www.finegael.ie/our-priorities/.
35.
https://www.fiannafail.ie/the-issues/.
36.
http://www.sinnfein.ie/policies.
37.
https://www.labour.ie/manifesto/.
38.
See previous footnotes for the primary policy issues of each party.
39.
https://www.fiannafail.ie/?s=data+protection.
40.
Labour Party Manifesto, p. 101, available at https://www.labour.ie/download/pdf/labour_manifesto_2016.pdf.
41.
https://www.dataprotection.ie/docs/13-10-2016-Data-Protection-Commissioner-welcomes-Budget-2017-increase-in-funding/1601.htm.
42.
http://www.taoiseach.gov.ie/eng/publications/publications_2015/government_data_forum.html. Within the Department of the Taoiseach there is the Data Protection Division, but it is not clear what their responsibilities are. The website merely has links to the minutes of the Government Data Forum meetings. See http://www.taoiseach.gov.ie/DOT/eng/Work_Of_The_Department/Data_Protection_Division/Data_Protection_Division.html.
43.
Based on survey results (see Sect. 1.3.4).
44.
Based on survey results (see Sect. 1.3.4).
45.
Based on survey results (see Sect. 1.3.4).
46.
Based on survey results (see Sect. 1.3.4). For example, see McIntyre 2014a, b, 2015; Lillington 2015; Weckler 2015a, b; The Independent 2015.
47.
Edwards 2014.
48.
Deegan 2016; Edwards 2014.
49.
Cullen 2009.
50.
Kennedy 2008.
51.
Mulligan 2014.
52.
Edwards 2016a, b.
53.
Weckler 2016.
54.
‘61% of organisations had data breach in 2016 – survey’, RTE.ie, https://www.rte.ie/news/2017/0119/846140-data-breaches/.
55.
See Collins v FBD Insurance Plc [2013] IEHC 137 (14 March 2013), available at http://www.bailii.org/cgi-bin/format.cgi?doc=/ie/cases/IEHC/2013/H137.html&query=(fbd), which awarded damages of €15,000 in relation to data protection, however the award was overturned on appeal to the High Court; and Mc Keogh v John Doe 1 & Ors [2012] IEHC 95 (26 January 2012), available at http://www.bailii.org/cgi-bin/format.cgi?doc=/ie/cases/IEHC/2012/H95.html&query=(mc)+AND+(keogh), which was settled.
56.
Based on survey results (see Sect. 1.3.4).
57.
Based on survey results (see Sect. 1.3.4) [summary of survey responses from experts].
58.
Digital Rights Ireland Limited, Income and Expenditure Account for the year ended 31 December 2015.
59.
These cases are mentioned in more detail below.
60.
https://www.digitalrights.ie/about/.
61.
http://www.taoiseach.gov.ie/eng/Work_Of_The_Department/EU_Division/Membership_of_the_Government_Data_Forum.html.
62.
http://www.iccl.ie/articles/surveillance--democracy-privacy-rights-in-the-digital-age-symposium-.html.
63.
https://www.digitalrights.ie/about/.
64.
http://curia.europa.eu/juris/document/document.jsf?text=&docid=150642&pageIndex=0&doclang=en&mode=lst&dir=&occ=first&part=1&cid=196677.
65.
DPC 2015, p. 3.
66.
DPC 2015, p. 13.
67.
https://www.dataprotection.ie/docs/Data-Protection-CCTV/m/242.htm.
68.
The GDPR and You, General Data Protection Regulation, Preparing for 2018, Data Protection Commissioner of Ireland, at pp. 9–10, available at https://www.dataprotection.ie/docimages/documents/The%20GDPR%20and%20You.pdf.
69.
More information on the Government Data Forum can be found just below.
70.
DPC 2015, p. 15.
71.
http://www.taoiseach.gov.ie/eng/publications/publications_2015/government_data_forum.html; http://merrionstreet.ie/en/News-Room/Releases/Minister_Murphy_launches_Government_Data_Forum_.html.
72.
http://www.taoiseach.gov.ie/DOT/eng/Work_Of_The_Department/Data_Protection_Division/Data_Protection_Division.html.
73.
http://www.taoiseach.gov.ie/eng/Taoiseach_and_Government/About_the_Ministers_of_State/Minister/MoS_Murphy_s_Press_Releases/Dara.html.
74.
http://www.internetsafety.ie/website/ois/oisweb.nsf/page/safety-en.
75.
http://www.internetsafety.ie/website/ois/oisweb.nsf/page/safety-guideparents-en.
76.
http://www.internetsafety.ie/website/OIS/OISWeb.nsf/page/EJST-A9FDX61194628-en.
77.
http://www.internetsafety.ie/website/OIS/OISWeb.nsf/page/EJST-A9FF9312165228-en.
78.
http://www.internetsafety.ie/website/OIS/OISWeb.nsf/page/EJST-A9FFC512214628-en.
79.
http://www.internetsafety.ie/website/OIS/OISWeb.nsf/page/EJST-A9FFEQ12255628-en.
80.
https://www.dataprotection.ie/docs/Guidance-Material-Menu-Page/m/219.htm.
81.
https://www.dataprotection.ie/docs/Training-and-Public-Awareness/b/805.htm.
82.
https://dataprotection.ie/docs/A-guide-to-your-rights-Plain-English-Version/r/858.htm.
83.
https://dataprotection.ie/docs/Are-you-a-Data-Controller/y/43.htm.
84.
Based on survey results (see Sect. 1.3.4).
85.
https://www.dataprotection.ie/docs/Law-On-Data-Protection/m/795.htm.
86.
[2013] IEHC 137.
87.
Section 1(4).
88.
Kelleher 2015, p. 91.
89.
[2012] IEHC 264.
90.
Case C-582/14.
91.
Section 10(1)(b)(ii).
92.
Weckler 2015a, b.
93.
Based on survey results (see Sect. 1.3.4). Case C 201/14, Bara and others v. Președintele Casei Naționale de Asigurări de Sănătate, Casa Naţională de Asigurări de Sănătate and Agenţia Naţională de Administrare Fiscală (ANAF).
94.
http://www.iclg.co.uk/practice-areas/data-protection/data-protection-2016/ireland#chaptercontent1.
95.
Carney and Bohan 2016.
96.
Lavery 2018.
97.
http://www.iclg.co.uk/practice-areas/data-protection/data-protection-2016/ireland#chaptercontent1.
98.
See the list in S.1 [No. 25.] DPActs.
99.
S. 2B DPActs.
100.
https://www.linklaters.com/en/insights/data-protected/home.
101.
https://www.dataprotection.ie/docs/Self_Regulation_and_Codes_of_Practice/m/98.htm.
102.
https://www.dataprotection.ie/docs/Data_Security_Breach_Code_of_Practice/1082.htm.
103.
https://www.linklaters.com/en/insights/data-protected/home.
104.
https://www.dataprotection.ie/docs/Data-security-guidance/1091.htm.
105.
https://www.dataprotection.ie/docs/Data-security-guidance/1091.htm.
106.
For the full list, see https://www.dataprotection.ie/docs/Self_Regulation_and_Codes_of_Practice/m/98.htm.
107.
http://www.iclg.co.uk/practice-areas/data-protection/data-protection-2016/ireland#chaptercontent6.
108.
See for instance the Association of Data Protection Officers, https://dpo.ie/about.
109.
http://www.iclg.co.uk/practice-areas/data-protection/data-protection-2016/ireland#chaptercontent6.
110.
Based on survey results (see Sect. 1.3.4).
111.
Based on survey results (see Sect. 1.3.4).
112.
Based on survey results (see Sect. 1.3.4).
113.
Based on survey results (see Sect. 1.3.4).
114.
Based on survey results (see Sect. 1.3.4).
115.
Based on survey results (see Sect. 1.3.4).
116.
Carney and Bohan 2016.
117.
Breach Notification Guidance, https://www.dataprotection.ie/docs/Data-Breach-Handling/901.htm.
118.
Based on survey results (see Sect. 1.3.4).
119.
Based on survey results (see Sect. 1.3.4). Data Protection Commissioner, ‘2013 Privacy Sweep Results’, 2013, https://www.dataprotection.ie/documents/GPEN2013.pdf.
120.
Data Protection Commissioner, ‘Global Privacy Sweep Raises Concerns about Mobile Apps’, 2014, https://www.dataprotection.ie/docs/10-09-14-Global-Privacy-Sweep-raises-concerns-about-mobile-apps/i/1456.htm.
121.
Data Protection Commissioner, ‘Annual Report 2017’, 2018, https://www.dataprotection.ie/docimages/documents/DPC%20Annual%20Report%202017.pdf, p. 14.
122.
Consent Country Report Ireland 2012, p. 37.
123.
Consent Country Report Ireland 2012, p. 37.
124.
Based on survey results (see Sect. 1.3.4).
125.
https://www.dataprotection.ie/docs/About-the-office-of-the-DPC/b/1032.htm.
126.
Data Protection Commissioner, ‘Annual Report 2017’, 2018, https://www.dataprotection.ie/docimages/documents/DPC%20Annual%20Report%202017.pdf, p. 5.
127.
DPC 2015, p. 4.
128.
As discussed in Sect. 6.3.
129.
https://www.dataprotection.ie/docs/Powers-of-the-Data-Protection-Commissioner/e/96.htm.
130.
https://www.dataprotection.ie/docs/Powers-of-the-Data-Protection-Commissioner/e/96.htm.
131.
http://www.iclg.co.uk/practice-areas/data-protection/data-protection-2016/ireland#chaptercontent14.
132.
See Sect. 6.3.
133.
Data Protection Commissioner, ‘Annual Report 2017’, 2018, https://www.dataprotection.ie/docimages/documents/DPC%20AR2015_FINAL-WEB.pdf.
134.
Edwards 2016a, b. See also Logue 2016.
135.
Data Protection Commissioner, ‘Annual Report 2017’, 2018, https://www.dataprotection.ie/docimages/documents/DPC%20Annual%20Report%202017.pdf, p. 13.
136.
These relate to data protection breaches by Telefonica Ireland Limited, Arizun Services Ireland Limited and Aer Lingus. See DPC 2015, p. 7.
137.
Based on survey results (see Sect. 1.3.4). Such measures may include “correcting the data, blocking the data from use for certain purposes, supplementing the data with a statement which the Commissioner approves, or erasing the data altogether”. See Powers of the Data Commissioner, Data Protection Commissioner of Ireland, available at https://www.dataprotection.ie/docs/Powers-of-the-Data-Protection-Commissioner/e/96.htm#The Commissioner's Power to Enforce Compliance with the Act.
138.
Data Protection Commissioner, ‘Annual Report 2017’, 2018, https://www.dataprotection.ie/docimages/documents/DPC%20Annual%20Report%202017.pdf, p. 13.
139.
Ibid., p. 12.
140.
Data Protection Commissioner, ‘Annual Report 2017’, 2018, https://www.dataprotection.ie/docimages/documents/DPC%20Annual%20Report%202017.pdf, p. 16.
141.
https://www.irishtimes.com/news/ireland/irish-news/private-investigator-fined-7-500-over-data-protection-breaches-1.2824210.
142.
Based on survey results (see Sect. 1.3.4).
143.
Based on survey results (see Sect. 1.3.4).
144.
Collins v FBD Insurance Plc [2013] IEHC 137 (14 March 2013), available at http://www.bailii.org/cgi-bin/format.cgi?doc=/ie/cases/IEHC/2013/H137.html&query=(fbd).
145.
Digital Rights Ireland Ltd v Minister for Communication & Ors [2010] IEHC 221 (05 May 2010). [2010] 3 IR 251, [2010] IEHC 221, available at http://www.bailii.org/cgi-bin/format.cgi?doc=/ie/cases/IEHC/2010/H221.html&query=%28digital%29+AND+%28rights%29+AND+%28ireland%29.
146.
Based on survey results (see Sect. 1.3.4). See e.g. Collins v FBD Insurance Plc [2013] IEHC 137 (14 March 2013), available at http://www.bailii.org/cgi-bin/format.cgi?doc=/ie/cases/IEHC/2013/H137.html&query=(fbd).
147.
Based on survey results (see Sect. 1.3.4).
148.
Based on survey results (see Sect. 1.3.4).
149.
Based on survey results (see Sect. 1.3.4).
150.
Based on survey results (see Sect. 1.3.4). Edwards, ‘Independence of Data Protection Commissioner Questioned’.
151.
Based on survey results (see Sect. 1.3.4). Lillington 2015.
152.
Based on survey results (see Sect. 1.3.4). Hawkes 2016, pp. 446 and 454.
153.
McGeveran 2016.
154.
Fry 2016.
155.
Based on survey results (see Sect. 1.3.4). Taylor 2016.

References

Carney A, Bohan A (2016) Chapter 14 – Ireland. The Privacy, Data Protection and Cybersecurity Law Review. Law Business Research
Google Scholar
Consent Country Report Ireland (2012) Consumer sentiment regarding privacy on user generated content (UGC) services in the digital economy. https://www.consent.law.muni.cz/
Cullen P (2009) Bord Gáis Failed to Say Stolen Laptop Data Not Encrypted. The Irish Times, 19 June 2009, http://www.irishtimes.com/news/bord-g%C3%A1is-failed-to-say-stolen-laptop-data-not-encrypted-1.787045
Deegan G (2016) Cyber attack victim firm Loyaltybuild in Clare has €18m loss, Irish Examiner, 2 February 2016, http://www.irishexaminer.com/business/cyber-attack-victim-firm-loyaltybuild-in-clare-has-18m-loss-379472.html
DPC (2015) Annual Report of the Data Protection Commissioner of Ireland, available at https://www.dataprotection.ie/docimages/documents/DPC%20AR2015_FINAL-WEB.pdf
Edwards E (2014) Loyaltybuild Reopens for Business after Huge Data Breach. The Irish Times, 12 March 2014, http://www.irishtimes.com/news/consumer/loyaltybuild-reopens-for-business-after-huge-data-breach-1.1722266
Edwards E (2016a) Civil Service Payroll System to Be Audited Following Data Breach. The Irish Times, 20 June 2016, http://www.irishtimes.com/news/ireland/irish-news/civil-service-payroll-system-to-be-audited-following-data-breach-1.2691360
Edwards E (2016b) Data Protection Commissioner Helen Dixon Accuses Lawyers of “digital Ambulance Chasing”. The Irish Times, 7 July 2016, http://www.irishtimes.com/business/technology/data-protection-commissioner-helen-dixon-accuses-lawyers-of-digital-ambulance-chasing-1.2712459
Eurobarometer Survey 431 (2015) Attitudes on Data Protection and Electronic Identity in the European Union. Brussels, June 2015
Google Scholar
Fry W (2016) Europe for Big Data, November 2016, http://www.williamfry.com/docs/default-source/reports/william-fry-europe-for-big-data-report.pdf?sfvrsn=0
Hawkes B (2016) The Irish DPA and Its Approach to Data Protection. In: Wright D, De Hert P (eds) Enforcing Privacy. Springer International Publishing, Cham, p. 446 and p. 454, http://link.springer.com/10.1007/978-3-319-25047-2_18
Google Scholar
Kelleher D (2015) Privacy and Data Protection Law in Ireland. Bloomsbury Professional, Haywards Heath
Google Scholar
Kennedy E (2008) Victims of BoI Laptop Theft Treble to 31,500. Independent.ie, 29 April 2008, http://www.independent.ie/irish-news/victims-of-boi-laptop-theft-treble-to-31500-26442003.html
Lavery P (2018) Ireland issues Data Protection Bill to implement the GDPR. Privacy Laws & Business, Issue 151, February 2018
Google Scholar
Lillington K (2015) Strong Data Protection Laws Better for EU than Sniping. The Irish Times, 23 April 2015, http://www.irishtimes.com/business/technology/strong-data-protection-laws-better-for-eu-than-sniping-1.2185370
Logue F (2016) Data Protection Chief Must Not Distance Herself from Complainants. The Irish Times, 9 August 2016, http://www.irishtimes.com/business/technology/data-protection-chief-must-not-distance-herself-from-complainants-1.2750669
McGeveran W (2016) Friending the Privacy Regulators. Social Science Research Network, Rochester, NY, 5 August 2016, https://papers.ssrn.com/abstract=2820683
McIntyre TJ (2014) Why Ireland Must Protect Privacy of Irish Emails and Internet Usage from Surveillance. The Irish Times, 20 December 2014, http://www.irishtimes.com/opinion/why-ireland-must-protect-privacy-of-irish-emails-and-internet-usage-from-surveillance-1.2044384
McIntyre TJ (2014) The State Must Be More Mindful of Your Private Data. Independent.ie, 21 August 2014, http://www.independent.ie/opinion/the-state-must-be-more-mindful-of-your-private-data-30524449.html
McIntyre TJ (2015) Europe Has Failed in Duty to Protect Citizens over Web Privacy Threat. Independent.ie, 7 October 2015, http://www.independent.ie/opinion/comment/europe-has-failed-in-duty-to-protect-citizens-over-web-privacy-threat-31589481.html
Mulligan J (2014) Massive Data Breach at Paddy Power Bookmakers. Independent.ie, 31 July 2014, http://www.independent.ie/business/irish/massive-data-breach-at-paddy-power-bookmakers-30474614.html
Taylor C (2016) Ireland Seen as Contender for Data-Driven Investments. The Irish Times, 16 November 2016, http://www.irishtimes.com/business/technology/ireland-seen-as-contender-for-data-driven-investments-1.2870112
The Independent (2015) Data Office Still Underfunded despite €1m Boost in Budget. Independent.ie, 21 October 2015, http://www.independent.ie/business/technology/news/data-office-still-underfunded-despite-1m-boost-in-budget-34126722.html
Vodafone Survey on Big Data (2016) Big Data: A European Survey on the Opportunities and Risks of Data Analytics. http://www.vodafone-institut.de/bigdata/links/VodafoneInstitute-Survey-BigData-Highlights-en.pdf
Weckler A (2015a) Safe Harbour Is Gone but Europe Is Still Afraid to Tackle the US on Privacy. Independent.ie, 8 October 2015, http://www.independent.ie/business/technology/safe-harbour-is-gone-but-europe-is-still-afraid-to-tackle-the-us-on-privacy-31591450.html
Weckler A (2015b) German Jeers at Irish Data Privacy May Help Us. Independent.ie, 31 May 2015, http://www.independent.ie/business/technology/news/german-jeers-at-irish-data-privacy-may-help-us-31266778.html
Weckler A (2016) Tsunami of Data Breaches Strikes Irish Companies as Half Report Incidents. Independent.ie, 21 January 2016, http://www.independent.ie/business/technology/tsunami-of-data-breaches-strikes-irish-companies-as-half-report-incidents-34382305.html

Download references

Author information

Authors and Affiliations

Leiden Law School, eLaw (Center for Law and Digital Technologies), Leiden University, Leiden, The Netherlands
Bart Custers, Alan M. Sears, Francien Dechesne, Ilina Georgieva, Tommaso Tani & Simone van der Hof

Authors

Bart Custers
View author publications
You can also search for this author in PubMed Google Scholar
Alan M. Sears
View author publications
You can also search for this author in PubMed Google Scholar
Francien Dechesne
View author publications
You can also search for this author in PubMed Google Scholar
Ilina Georgieva
View author publications
You can also search for this author in PubMed Google Scholar
Tommaso Tani
View author publications
You can also search for this author in PubMed Google Scholar
Simone van der Hof
View author publications
You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Bart Custers .

Rights and permissions

Reprints and permissions

Copyright information

About this chapter

Cite this chapter

Custers, B., Sears, A.M., Dechesne, F., Georgieva, I., Tani, T., van der Hof, S. (2019). Ireland. In: EU Personal Data Protection in Policy and Practice. Information Technology and Law Series, vol 29. T.M.C. Asser Press, The Hague. https://doi.org/10.1007/978-94-6265-282-8_6

Download citation

DOI: https://doi.org/10.1007/978-94-6265-282-8_6
Published: 01 March 2019
Publisher Name: T.M.C. Asser Press, The Hague
Print ISBN: 978-94-6265-281-1
Online ISBN: 978-94-6265-282-8
eBook Packages: Law and CriminologyLaw and Criminology (R0)

Publish with us

Policies and ethics