Photo of John Cahir

John Cahir

Subscribe to John Cahir's Posts
Contact:Read more about John Cahir

The Government has published the long anticipated Online Safety and Media Regulation Bill 2022 which it has hailed as a “watershed moment as we move from self-regulation to an era of accountability in online safety”.

Online safety is one of the headline items, and it will be overseen by the newly-established Media Commission (Coimisiún na Meán). The Bill also seeks to implement a number of other key legislative reforms including the transposition of the revised Audiovisual Media Services Directive and the alignment of the regulation of video on-demand services with traditional broadcasting.

The publication of this Bill follows input from and engagement with key stakeholders from the public, NGOs, companies and government organisations over the course of the last three years.

We have summarised some of the key aspects of the Bill below.Continue Reading Online Safety & Media Regulation Bill 2022

The Irish government has moved swiftly to plug a perceived gap in protection under Irish data protection law that had raised doubts about whether Irish law was fit for purpose as a governing law under EU approved standard contractual clauses (SCCs).

On 4 June 2021, the European Commission adopted new SCCs, which became effective on 27 June 2021. The parties are free to agree an EU member state governing law applicable to their SCCs. However, Clause 17 of the new SCCs, on its face, posed a problem for Ireland. It stated that: “These Clauses shall be governed by the
Continue Reading Irish Government Plugs Gap in Protection under SCCs

The Court of Justice of the European Union has delivered its eagerly awaited decision, in Schrems II (Case C-311/18).

Why is the case important?

Schrems II calls into the question the ability of companies to lawfully transfer data from the EU to the United States (US) and other countries.

The GDPR contains strict rules on transferring data from the EU to third countries, and this case deals with the compatibility of these rules with surveillance laws in other countries.

What has the Court decided?

The headline outcome is that:

  • The Privacy Shield decision is invalid with immediate effect – this means that companies can no longer rely on a Privacy Shield certification when transferring personal data to the US.
  • Standard contractual clauses (SCCs) are valid – but their use is subject to certain pre-conditions and ongoing obligations.

Continue Reading Schrems II – The Verdict

As part of their lockdown exit strategy, governments around the world are launching Apps with contact tracing functions. The idea behind these Apps is that users will be alerted when another App user has tested positive to Covid-19, thereby enabling them to take appropriate action, such as self-isolating or undergoing testing.

It remains to be seen how effective contact tracing Apps will be in the fight against Covid-19, but it is clear that in order for the Apps to work, they need to be widely downloaded and used. The popularity, acceptance, and use of the Apps will undoubtedly depend on
Continue Reading Contact Tracing Apps – A Privacy Primer

By any measure, 2018 was a historic year for data protection law with the coming into effect of the GDPR on 25 May 2018.  Ireland plays an important role in the regulation and enforcement of data protection law and decisions of the Irish courts have had a disproportionate impact on European data protection jurisprudence. With the introduction of the one-stop-shop mechanism under the GDPR it is to be expected that this trend will continue in the years ahead.  This briefing note highlights the key data protection legislative developments and Irish court decisions over the past year.

Go to Publication
Continue Reading Irish Data Protection Law – 2018 in Review

Ireland succeeded in enacting the Data Protection Act 2018 prior to today’s GDPR deadline, with the President signing the Act into law yesterday. The Act implements derogations permitted under the GDPR and represents a major overhaul of the regulatory and enforcement framework.  This briefing note analyses the key provisions under the Act and its likely impact on businesses operating from Ireland.

Go to Publication

 
Continue Reading Ireland passes Data Protection Act 2018

News reports have confirmed that on Wednesday 26 July, after a public consultation period on the issue, the Irish Government have agreed to set the digital age of consent at 13 years of age. Article 8 of the General Data Protection Regulation (GDPR) provides that a child under the age of 16 cannot consent to the processing of their personal data without the express consent of their parents. EU Member States have been granted the discretion to set a lower age under the GDPR provided that it is no lower than 13.

The decision follows consideration of a submission made
Continue Reading Digital Age of Consent agreed by Irish Government

The Court of Justice of the European Union (CJEU) has handed down a reference for a preliminary ruling in Case C-610/15 (Stichtin Brein v Ziggo BV, XS4ALL Internet BV), holding that making available and managing an online platform for sharing copyright-protected works may constitute an infringement of copyright.
Continue Reading CJEU issues ‘The Pirate Bay’ judgment