Speaking at the launch of the annual report from the Office of The Data Commissioner for 2016, Helen Dixon recently highlighted the current state of play for data protection in Ireland
58% increase in data privacy complaints over the last year
The total level of overall complaints last year rose to a record level of 1,479, rising from 932 in 2015. However Helen also highlighted that in addition to those complaints her office had also received almost 35,000 other queries as public awareness of data protection issues increases.
“Disappointingly, compliance with individuals’ access rights to their personal data remains low,” said Ms Dixon.
A busy year engaging with multinationals based in Ireland
Ms Dixon said that she expected investigations into WhatsApp and Yahoo to conclude in 2017. In the WhatsApp case, the Irish office is seeking to determine whether consent was properly sought from users when WhatsApp updated its terms of service and privacy policy in August 2016 to including references to the sharing and matching of WhatsApp user data with Facebook user data.
The Yahoo investigation centres around a massive data breach affecting the personal details of 500m Yahoo users.
Irish state bodies need to understand their legal obligations
The regulator highlighted some serious concerns she has about compliance with data protection law by Irish state bodies.
“State bodies need to comprehend that the obligations in law, and the requirement to be accountable for their processing of personal data, rest with them and they cannot simply legislate to transfer their obligations to the independent regulator,” she said.
Massive expansion of the Irish Data Protection Office to deal with GDPR
Meanwhile, the DPC office is to double its staff to 130 people and is to seek a second new Dublin office.
The regulator’s office, which is responsible for overseeing some of the biggest tech companies in the world, has expanded from 30 people in 2013 to 70 people now. However, Ms Dixon says that the relentless pace of work means that further expansion is required.
“Such is the rate of our recruitment programme that an additional nearby premises is now being sought by the DPC to house the further staff members who will join the DPC over the next two years, bringing our Dublin-based staff to around 130,” said Ms Dixon.
The extra resources are partially necessary, she says, to prepare for one of the biggest legal events in data protection history next year, when the General Data Protection Regulation takes effect.