Thursday, February 17, 2005

Data Protection in the Republic of Ireland

While Irish law differs from UK law insofar as the Irish Constitution recognises a right to privacy, there was a need for specific legislative action in the field of privacy rights in relation to information gathering, retention and use. The 1981 Strasbourg Convention was implemented in the form of the Data Protection Act 1988.
In Data Protection Principles Section 2(6) to allow extra safeguards against misuse of confidential data on racial origin, political opinions, religious or other beliefs, physical or mental health, sexual life or criminal convictions, but no regulations have been made.
Personal data held for direct marketing purposes is obviously subject to these provisions, but the Act goes further by allowing data subjects a right to have such data deleted within 40 days of a request for deletion being made.
However, there are the exemption from the non-disclosure provisions. The principles which regulate non disclosure are relaxed for certain kinds of data by Section 8. Restrictions in the Act do not apply to data.
  • certified by a senior member of the police or defence forces as being required to safeguard the security of the state,
  • for criminal investigation purposes or taxation or other fiscal purposes.
  • protection the International Relations of the State
  • required urgently to prevent infury or other damage to a person or serious loss or damage to property
  • required by law or court order
  • for the purpose of obtaining legal advice or in legal proceedings
  • to an agent of the data subject
  • made with the consent of the data subject.

The Data Protection Commissioner is charged with enforcing the Act by investigating complaints, sponsoring codes of practice, prosecuting offenders, supervision the registration process, and generally raising awareness and understanding about data protection. The attitude of the Commissioner's office is generally non-confrontational and prosecutions for offeces have not been initiated.

Citation: Clark, Robert (1996) 'Data Protection in the Republic of Ireland', 1 The Journal of Information Law and Technology (JILT).


Post a Comment

<< Home