The number of data protection cases investigated last year was more than double the figure for 2005, the Data Protection Commissioner Bill Hawkes revealed today.
Launching the Office of the Data Protection Commissioner's annul report for 2006, Mr Hawkes said one of the main focus's for 2006 had been the "gradual erosion of the individual's private space and the need to address this through an emphasis on the right of the individual to choose what personal information s/he discloses and to have some control over how it is used".
There were 658 complaints investigated by the office in 2006 compared with 300 in 2005.
This large increase in the numbers of complaints received was to some extent accounted for by increased complaints of breaches of the Privacy in Electronic Communications Regulation (SI 535 of 2003) which relate mainly to cold calls at home and unsolicited text messages to mobile phones.
This category of complaints accounted for 39 per cent of all complaints received followed by access rights 28 per cent, disclosure 11 per cent, direct marketing 6 per cent and accuracy of information 5 per cent. 65 per cent of the complaints received in 2006 were settled informally, 7 per cent were upheld or partially upheld and 28 per cent were not upheld.
The Office of the Data Protection Commissioner received over 20,000 enquiries during the year while its website, www.dataprotection.ie, was accessed over 69,000 times from Ireland.
The Commissioner's Report gives details of a number of his investigations into the use of personal data and presents them as case studies in his Annual Report. Among the issues considered by the Commissioner during 2006 were:
- Unsolicited direct marketing and the sanctions available to the Office to address intrusive practices including contact he had with the telecommunications companies Opera Telecom, Talk Talk, Newtel, Gaelic Telecom and Global Windows and Home Improvements;
- Some interesting cases which he had to decide on in relation to the obligation on the media to respect their data protection obligations and the limits of the applicable public interest exemption in this area under the Data Protection Acts;
- The gathering of excessive personal data by both public and private bodies including Ulster Bank;
- The failure during the reporting period of the leading computer manufacturer DELL to properly ensure that its direct marketing practices were fully compliant with the Acts particularly in relation to recording individual's preferences not to receive any further material;
- The failure by Caredoc (a medical facility in Carlow) to comply with a request for access to a child's personal data;
- The failure of the Barcode Night Club of WestWood Club in Clontarf to comply with an access request for CCTV footage; and
- The use of the powers of the Office of the Data Protection Commissioner to oblige Ashbury Taverns of Wexford to comply with an access request.