Green Party TD for Dublin South-Central, and the Green Party Spokesperson for Justice, has called for the appointment of three Data Protection Commissioners in Ireland along with a review of policy and procedures. He was speaking following this evening’s meeting of the Oireachtas Justice Committee in Leinster House where concerns around Ireland’s handling of data protection were being discussed.
Commenting on the matter, Deputy Costello said: “Evidence in this evening’s Justice Committee made clear the case for necessary action to improve data protection regulation in Ireland. I will be writing to the Minister for Justice calling for the appointment of three Data Protection Commissioners in order to help address the serious and concerning failures in our ability to protect people’s right to privacy and data protection, not only here but across Europe.
“Committee witnesses spoke of the poor or sometimes non-existent procedures in place to tackle GDPR complaints, with it often taking weeks or even months to get an acknowledgement from the DPC that a complaint has indeed been made and complaints often appearing to be handed off between officials. Fred Logue of FP Logue Solicitors also raised the need to have a functional separation of the administrative and quasi-judicial work. The appointment of three Data Protection Commissioners would help to address this: one for the administrative, one for the quasi-judicial, and a third designated Chairperson to provide strategic management.
“We need now to review policies and procedures to ensure greater clarity for everyone, and it is imperative that this happens quickly. An independent review of the commission’s processes as called for by the ICCL to ensure effective enforcement could empower the Commission. Commissioner Dixon herself acknowledged that there could be improvements in this area, and a review independent of the commission and of government would be beneficial for all.”
“Considering the sheer amount of data we all create in today’s world, ensuring the efficient enforcement of data protection is too serious a matter to get wrong. Presently, it is clear that the DPC is completely under-funded and under-resourced, echoed only recently by the Advocate General of the Court of Justice of the European Union who issued an opinion that a data protection complaint against Facebook does not only have to be taken to the Irish DPC, but instead that all data protection authorities across the EU may take a case against the social media giant. Considering the majority of big tech have their headquarters in Ireland, this does not bode well for Ireland’s reputation for handling GDPR complaints.
“It is vital that we ensure that our DPC is adequately resourced to deal with the seriousness and complexity of the work it is required to do. There can be no half-hearted measures when ensuring protection of data of EU citizens,” concluded Deputy Costello