Data Protection Commissioner to recruit new staff

Regulator to ‘immediately’ begin hiring for new roles with 45 extra jobs to be created in total

The Data Protection Commissioner’s office is to immediately begin recruiting 18 new staff for its planned new Dublin office and will eventually more than double its current staff by hiring 45 new people.

A near-doubling of its funding allocation from the Government this year, bringing its budget to almost €3.65 million, was welcomed by the new commissioner Helen Dixon.

Resourcing of the office, which is responsible for regulating the European offices of large multinationals such as Facebook, LinkedIn and Apple, has been the subject of robust criticism in recent years.

In particular, its location above a supermarket in Portarlington, Co Laois, and the lack of a Dublin-based office has been widely commented on.


It currently has 28 staff in Portarlington, where it has been located since the major programme of decentralisation of government agencies a decade ago.

In one of her first public speeches as Data Protection Commissioner since she took up the role three months ago, Ms Dixon said that whatever about criticisms of the office’s location above a supermarket, she thought criticism that it was based exclusively in Portarlington were “probably merited”.

Addressing the Institute of International and European Affairs (IIEA) in Dublin, Ms Dixon said her office needed a premises in Dublin in order to effectively deal face to face with the many government headquarters and companies located in the capital.

The commissioner said the Office of Public Works was currently seeking a suitable city centre premises for the office but it was likely this would not be sourced and fitted out before the end of the year.

In the meantime, the new Dublin-based staff being recruited from this month would be based in a temporary office.

Ms Dixon noted the negative comment she had been met with at various privacy events throughout the world since she came to the job, succeeding Billy Hawkes when he retired late last year.

At one event, there was a view of Ireland that it sought to attract the big software multinationals with "questionable tax incentives" and that her office retained those jobs by "softly regulating them in data protection terms".

“The overwhelming direction of views, particularly expressed by our European peers, is not complimentary,” she said.

“While we have allies in countries like the UK and Luxembourg who fall subject to some of the same criticisms, it does seem to me we occupy a very special place on the list and it’s possibly because of some of the companies that we are regulating here in Ireland.”

Ms Dixon said she believed most of the criticisms cited were “issues of perception rather than of substance”.

“Although the issue of the adequacy of resourcing of the office of the Data Protection Commissioner in Ireland is certainly one that is difficult to argue with.”

Ms Dixon said if these issues remained unaddressed they would begin to affect companies based in Ireland.

“Certainly the companies that I’ve interacted with so far don’t want to be softly regulated; they certainly don’t want to be incompetently regulated and they don’t want to have to fight a perception that that’s the case.”

Unaddressed, the criticisms would also affect Ireland's ability to be a lead regulator under the proposed new European data protection regulation, and they would affect the confidence of data subjects (citizens) in Ireland and Europe.

Ms Dixon said she believed some of the criticisms were undoubtedly manifestations of a “wider political rivalry”.

“ Ireland’s corporate tax regime has long been the subject of comment and debate.”

To the extent that data protection was now spoken about as a tool of industrial policy, there was some “spill-over” of the rivalry in this area.

The commissioner said there was very little she could do to address this other than to demonstrate her office was “ strongly independent of government” in the performance of its functions and in the decisions it takes.

“I firmly believe that this has always been the case.”

Noting that her office had stronger powers in many respects compared to other data protection authorities, she said the prosecution of two company directors last year for their role in data protection offences had not gone unnoticed.

There had been a “flurry” of visits to her office by companies since that event, she said.

Separately, the commissioner’s office said on Wednesday that it was satisfied the Department of Education had a “legitimate and proportionate” purpose for requesting personal details on primary school pupils for a new national database.

It was consulted on the plan in December 2013.

It emerged on Tuesday that the department is seeking to use pupils’ PPS numbers as a ‘unique identifier’ and that it will retain some of their personal information, including information on ethnicity and religion, up to their 30th birthdays.