On 7 December 2015, the EU Council reached an informal agreement with the EU Parliament on the draft Network and Information Security (NIS) Directive.The draft Directive sets out cybersecurity obligations for operators of essential services in the healthcare, banking, energy and transport sectors, and also digital service providers (including e-commerce platforms, search engines, social networks, internet payment gateways, and cloud services). These operators will be required to take measures to manage cyber risks and report major security incidents.
In its ongoing effort to raise awareness of individuals’ privacy rights, the Office of the Data Protection Commissioner (ODPC) has published a press release on their website on the "Electoral Register and ‘Opting Out’ of the Edited Register".
Every year, the Department of the Environment, Community and Local Government encourages individuals to register to vote or to check that their details are up to date on the Electoral Register in advance of the 25 November deadline. In line with publicising such rights, the ODPC wishes to draw attention to the Edited Electoral Register and how it relates to direct marketing.
Unmanned Aerial Vehicles, or Drones, as they are more commonly known, have traditionally been regarded as a military tool, frequently featuring in media reports on US military action as well as TV dramas such as ‘Homeland’ and ‘House of Cards’. They are however, being increasingly put to a much broader spectrum of uses.
Drones have been used by humanitarian organisations to deliver food and medical supplies to crisis-stricken areas. Following typhoon Haiyan in the Philippines, drones were used by international relief agency Medair to map terrain and create a detailed system of 3D aerial images of the region to make relief efforts more efficient. Amazon’s Prime Air development project has also garnered a lot of attention for its goal to use drones to deliver goods to customers in 30 minutes or less. Drones are also now available to buy in electronics stores and are used to capture videos and photographs by amateur and professional photographers.
On 14 May 2015, the Private Security (Licensing and Standards) (Private Investigator) Regulations 2015 (S.I. No 195 of 2015) were signed into law. The Regulations mark the outcome of a Private Security Authority (PSA) public consultation conducted last January following high profile prosecutions for breaches of data protection law in the …
The Data Protection Commissioner, Helen Dixon, spoke at the Society for Computers and Law’s ‘The Evolution and Reform of Data Protection’ event this morning. The Commissioner gave an overview of the activities of the Office of the Data Protection Commissioner (ODPC) in 2014 and set out the aims of the ODPC for the year ahead.
There has been much debate during 2014 about the effectiveness of the US Safe Harbour regime. Many EU commentators have queried its effectiveness, pointing in particular to the lack of enforcement over the years by the Federal Trade Commission (FTC), the body which effectively is charged with dealing with complaints that companies are not in compliance with their public representations of adherence to the Safe Harbour principles.
Continue Reading SnapChat Signs Up to 20 Years of Data Protection Audits
The Law Reform Commission (LRC) has launched a consultation process reviewing Irish law on cyber-crime affecting personal safety, privacy and reputation, including cyber-bullying. It addresses harassment conducted through cyber-technology, and other harmful communications through the use of internet enable devices such as smartphones, tablets and PCs.
The Issues Paper, published by the LRC today, …
The Office of the Data Protection Commissioner (ODPC) recently released the results of the second Global Privacy Sweep. Twenty-six privacy enforcement authorities, including Ireland, participated in the Sweep, which examined 1,211 apps. The theme of the Sweep, Mobile Privacy, was chosen due to many privacy enforcement authorities having identified mobile apps as a key area of focus in light of the privacy implications for customers.
The Office of the Data Protection Commissioner (ODPC) recently released the results of the second Global Privacy Sweep. Twenty-six privacy enforcement authorities, including Ireland, participated in the Sweep, which examined 1,211 apps. The theme of the Sweep, Mobile Privacy, was chosen due to many privacy enforcement authorities having identified mobile apps as a key area …
The CJEU in Joined Cases C-141/12 and C-372/12 has clarified the scope of a data subject’s right of access to a copy of their personal data. The CJEU’s ruling may serve to lighten the burden of access requests on organisations. It confirms that the Data Protection Directive 1995 (the Directive) does not establish a right of access to any specific document or file in which personal data are listed or used, nor does it specify the material form in which personal data must be made accessible. Member States enjoy a margin of discretion to determine the form in which to make personal data accessible, so long as it is intelligible. Accordingly, the CJEU found that the Dutch authorities, in this case, had met their legal obligations under data protection law by extracting from the relevant documents the personal data relating to the data subject.