Data Protection Bill and human rights

 

Sir, – As organisations and legal practitioners working for the protection and advancement of digital privacy in Ireland, we welcome the Data Protection Bill currently passing through Dáil Éireann.

The Bill is primarily aimed at ensuring effective implementation of the EU General Data Protection Regulation (GDPR), which will enter into force in all EU countries on May 25th.

We have significant concerns that the Bill in its current iteration has failed to give full articulation to the underlying purpose of the GDPR – to safeguard basic human rights, including privacy and freedom of expression online.

We therefore urge adoption of the following amendments to the Bill: ensure that the Data Protection Commission continues to be obliged to investigate all complaints; ensure that all investigations continue unimpeded when the Data Protection Commissioner transfers to the new Data Protection Commission; provide for an open competition appointment process for the new three-person Data Protection Commission and seek agreement for the European Data Protection Board to nominate a person to the selection panel; ensure access to information by removing the freedom of information exemption for the Data Protection Commission; remove blanket exemptions for the processing of personal data revealing political opinions and prohibit processing of this data by private entities without explicit consent; ensure heightened accountability of the Minister when creating regulations for the processing of personal data for reasons of substantial public interest; and, in the event of a data breach, ensure that data subjects are provided with all the pertinent information upon request and without restriction.

We have raised the privacy concerns prompted by the Bill and shared specific amendments with Senators and TDs. We applaud the efforts of the Senators, and particularly Senator Mary Alice Higgins, who worked with the Minister in the Seanad to ensure the inclusion of strong privacy protections and are continuing to work with TDs to strengthen the legislation further.

As Ireland continues to emerge as a technology industry leader in Europe, it is crucial that we also lead with robust digital rights protections.

The Data Protection Bill is an opportunity to implement the GDPR to the highest possible standard. We have only a small window of opportunity to do this effectively before the GDPR comes into force on May 25th. – Yours, etc,

FRED LOGUE,

Principal,

FP Logue Solicitors;

SIMON McGARR,

Director,

Data Compliance Europe;

Dr TJ McINTYRE,

Lecturer in Law,

University College Dublin;

ROSSA McMAHON,

Solicitor,

PG McMahon Solicitors;

ANTOIN Ó LACHTNAIN,

Director,

Digital Rights Ireland;

Dr MAEVE O’ROURKE,

Senior Research

and Policy Officer,

Irish Council

for Civil Liberties;

ELIZABETH FARRIES,

Information Rights

Project Manager,

International Network

of Civil Liberties

Organisations.