Information Technology

Photo of Davinia Brennan

The Government Chief Whip, Seán Kyne TD, has published the Government’s legislation programme for Summer 2019.  The updated programme follows on from the special programme launched in January 2019 which focused on Brexit. We have set out below the key data protection and technology-related legislation coming down the tracks.

Priority Legislation

  • Communications (Retention of Data) Bill –  This Bill will repeal and replace the Communications (Retention of Data) Act 2011 which requires data generated by mobile phones to be retained by telecommunications service providers for two years, and allows An Garda Síochána and certain other State agencies to access such data for criminal investigative purposes. The Heads of Bill were published last October 2017, following publication of Mr Justice Murray’s Review of the Law on the Retention of and Access to Communications Data, which found that many features of the 2011 Act are precluded by EU law. The Irish High Court also recently held, in Dwyer v Commissioner of An Garda Siochána [2018] IEHC 685; [2019] IEHC 48, that certain sections of the 2011 act are incompatible with EU law.


Continue Reading

Photo of Conor McEneaney

The Scottish Courts have given an interesting decision in relation to IT contracts, relating to the allocation of delivery risk between supplier and customer and the importance of doing what it says in the contract.

In David MacBrayne Limited v Atos IT Services (UK) Limited (2018), Atos, a supplier, had entered into an agreement with

Photo of Davinia Brennan

The Law Reform Commission has published an Issues Paper on Privilege for Reports of Court Proceedings under the Defamation Act 2009. The Paper examines and make recommendations on whether changes should be made to the Defamation Act 2009 relating to absolute privilege for reports of court proceedings. Section 17 of the Defamation Act 2009 currently provides that there is absolute privilege (i.e. complete immunity) from a defamation action where the claim is about a “fair and accurate report of proceedings” heard in any court in Ireland, Northern Ireland, or certain European and international courts.

Continue Reading

Photo of Daniel Harrington

The Minister for Communications, Denis Naughten, has confirmed that plans to appoint a Digital Safety Commissioner for Ireland (DSC) will go ahead in 2018. The DSC will act as an ‘Internet regulator’, with powers of enforcement and responsibility for a ‘notice and takedown’ regime, to ensure the online safety of Internet users.

Continue Reading

Photo of Chris Stynes

On 26 July 2017 the Court of Justice of the European Union (CJEU) delivered its Opinion that the draft Passenger Name Record (PNR) Agreement between the EU and Canada is not compatible with the EU Charter of Fundamental Rights (the Charter) and may not be concluded in its current form. The Opinion follows a referral by the European Parliament to the CJEU and is the first time the Court has been requested to examine the compatibility of an international agreement with the EU Charter.

Continue Reading

Photo of Chris Stynes

The Article 29 Working Party (WP29) has recently provided its Opinion 2/2017 on data processing at work. The Opinion, adopted on 8 June 2017, highlights the risks and challenges of processing employees’ personal data in light of new technologies. While the Opinion focuses on the current data protection regime, it also considers some of the obligations arising under the General Data Protection Regulation (GDPR) from 25 May 2018.

Continue Reading

Photo of Davinia Brennan

The Article 29 Working Party (WP29) (consisting of data protection regulators from the 28 Member States) has adopted an Opinion 01/2017 on the proposed e-Privacy Regulation, which will repeal and replace the e-Privacy Directive. Whilst the WP29 welcomes the proposal, it identifies several points of concern, and sets out how the proposal can be improved.

Continue Reading

Photo of Davinia Brennan

In Rolf Anders Daniel Pihl v Sweden, the European Court of Human Rights (ECHR) agreed with Swedish authorities that a non-profit association was not liable for anonymous defamatory comments posted on its blog. The ECHR held that the Swedish authorities’ refusal to hold the owner of the blog liable for the anonymous defamatory online comment did not violate the European Convention on Human Rights (the Convention).

Continue Reading

Photo of Davinia Brennan

The Department of Justice and Equality have published a policy document on amending the law relating to the interception of communications. The purpose of interception legislation is to assist in the fight against organised crime and to protect the security of the State.

Irish legislation relating to interception is out-of-date and needs to be amended to provide for lawful interception of email and other forms of communication over the internet. Interception is controlled, to a limited extent, by the Postal and Telecommunications Services Act 1983, and the Interception of Postal Packets and Telecommunications (Regulation) Act 1993. That legislation is restricted to Telecoms and Postal Service providers (i.e. voice calls, text messages and postal packets). 

The Government intends to introduce approximately 50 amendments to the current regime, with the primary aim of ensuring that communications services delivered over the internet are covered by our lawful interception legislation.  Accordingly, the definition of “information society services” will be amended to cover “internet referencing services, social media“, and “any other entity providing a publicly available means of communication over an electronic communications network.” The definition of “interception” will also be amended to reflect modern communications characteristics.  It will essentially be “an action, the effect of which is to make some or all of the content of a communication available to a person“. 


Continue Reading