SCL Event Report: Irish Group Data Protection Seminar

February 9, 2015

Speaking on the day, Dara Murphy TD, the Minister of State at the Departments of the Taoiseach and Foreign Affairs with Special Responsibility for European Affairs and Data Protection, noted that ‘Data Protection Day is the ideal opportunity to remind ourselves as a society of the need to take the protection of personal data seriously. Organisations right across the public and private sectors, and individuals themselves, all have a responsibility in relation to the protection of privacy. New EU rules, once agreed, will update our laws for the digital era, and we must prepare for the changes. Government has placed data protection policy firmly on the political agenda and signalled its ambition for Ireland to lead in this area‘.

Helen Dixon, the Data Protection Commissioner, gave an overview of the activities of the Office of the Data Protection Commissioner in 2014 and set out the aims of the ODPC for 2015.

In a first for the ODPC, the directors of a company were prosecuted in 2014 for their part in the commission of data protection offences by their company.  The Commissioner noted that, following this prosecution, there has been a marked increase in queries around ensuring directors’ compliance with data protection legislation.

The Commissioner referred to an increase in what has been termed ‘Social Licence Deficit’ in 2014. Essentially, this relates to a divergence which occurs whereby the level of compliance with data protection by a public body increases while the level of trust placed in that body by the persons whose data is processed declines. The Commissioner highlighted the role the ODPC intends to play in engaging more with public bodies on this issue and assisting in including an effective consideration of this Social Licence in future data protection decision making processes.

Concluding with some statistics from 2014, the Commissioner confirmed that the number of breach notifications relating to low-level breaches, particularly from the financial services sector, remained high in 2014.

Turning attention to the year ahead, the Commissioner confirmed that there will be significant changes within the ODPC, which is to undergo its most significant expansion to date.  The Commissioner stated that there will be a considerable recruitment drive in 2015, more than doubling staff and budget, and the ODPC will re-establish a Dublin office.

An update on the significant trends and planned reforms in the area of data protection law was provided on the day by John O’Connor, Partner at Matheson and head of the firm’s Technology and Commercial Contracts group. Included in the presentation was a progress report on the European Union General Data Protection Regulation.  Mr O’Connor also referred to the increased need for international co-operation in the area of data protection to keep pace with and to avoid fettering the advance of technology, stating that ‘there is now a prevailing view that Europe and the US need to lead the way to agree common standards for legitimate Government surveillance and access to data without unnecessarily infringing on the data privacy rights of individuals. This EU / US solution needs to be found quickly and ideally would include new minimum data privacy standards for all personal data transferred to the US from the EU because it threatens to negatively impact the evolution of cloud services, social media, e-commerce and “big data” analytics‘.