Deputy Patrick Costello, Green Party Spokesperson for Justice and TD for Dublin South-Central, has written to the Oireachtas Justice Committee to examine the role of the Data Protection Commission (DPC) and whether it is fit-for-purpose in its current form. He was speaking following today’s news that the regulator is using an outdated IT system for its work and is not equipped for its role.
Speaking on the matter, Deputy Costello said: “Today’s story in the Financial Times that staff in DPC are using Lotus Notes to carry out their work and have not implemented a new system to carry out growing GDPR demands is incredibly concerning, particularly given the importance of the Irish DPC in Europe.
“Since getting elected, I have raised concerns on several occasions that our DPC is not equipped with the funding and resources to effectively investigate concerns about personal privacy and data protection and to keep pace with the growing volume of their workload. Last year, a report by Brave, a privacy-focused browser company, found that there are 21 tech specialists working in our Data Protection Commission. Considering the rising complaints from members of the public and the complexity of cases involving giant multinational tech companies, this is nowhere near enough. To know that they are also using an outdated IT system on top of these concerns is incredibly worrisome.
“Ireland is the single most important Data Protection Commission in all of Europe and the roadblock to meaningful enforcement of the GDPR due to the majority of big tech firms being based here including Facebook, Google, and Twitter. However, despite this, the Data Protection Commission is acutely strained and this lack of appropriate funding and resources is affecting Ireland’s credibility on the world stage. The scale of the responsibility Ireland has as the home to big tech companies is unprecedented and one that needs to be treated with the utmost seriousness. There can be no flexibility or half-hearted measures when enabling the DPC to protect the data of EU citizens. The scale of the responsibility Ireland has as the home to big tech companies is unprecedented and one that needs to be treated with the utmost seriousness. There can be no flexibility or half-hearted measures when enabling the DPC to protect the data of EU citizens.
“I have been speaking with the Chair of the Oireachtas Committee on Justice, Deputy James Lawless, who is on board with the need to examine the process of the Dara Protection Office and the lengthy delays in investigations. Their office has utterly failed in its attempts to regulate Real Time Bidding and private companies such as Twitter and Facebook, and it is imperative that the Justice Committee now examines this and whether the Data Protection Commission is in anyway fit-for-purpose in its current form. As the DPC’s importance continues to grow, we must ensure we provided it with every support to carry out its role,” concluded Deputy Costello.