16th July 2015
The publication of the Annual Report of the Office of the Data Protection Commissioner is a timely occasion to review the issue of Data Protection within an international context.
Over the past number of months the Irish Times have printed two interesting reports titled “Strong data protection laws better for EU than sniping”, and “Technology giants defend US’s privacy protection regime”. These two reports by Karlin Lillington draw together a number of strands surrounding EU and US Data Protection issues that are currently in play. Two particular themes are now evident; firstly, there seems a general condescending attitude to the Irish Data Protection regulatory system – in particular the Data Protection Commission, and secondly a lack of understanding about the US Data Protection regime.
It is possible to question the motivations of Germany’s interior minister Thomas de Maizière in his criticism of Ireland’s Data Protection regulatory system, repeatedly stating “We don’t want the same disaster as we saw in the financial system some years ago.” Such statements may have as much to do with Ireland attracting and retaining top quality Foreign Direct Investments companies such as Google, Paypal and Facebook than with any particular Data Protection concerns.
We all want robust Data Protection laws and their implementation is an important regulatory support within the Irish economy. The Data Protection Commissioner has a good record of applying the current EU and Irish regulation consistently. Indeed, back in January a Circuit Civil Court Judge outlined in relation to a decision by the Data Protection Commission that fair procedures were followed, the Commission had taken into account the arguments relating to the case and that reasons were given for the final decision.
The lack of understanding about the US Data Protection regime from the EU standpoint is evidenced by Facebook’s privacy officer Erin Egan’s statement that there is “a very robust privacy regime [in the US]” and the difficult Safe Harbour discussions that are currently under way, between the US and the EU.
This situation is not in the interest of ensuring adequate and workable Data Protection regulations not only in Ireland but for every citizen in the EU. It is my opinion that rather than criticising the Irish Data Protection regime, officials from other countries would be better served discussing matters directly with “Big Data” companies and engaging with the US authorities as equal partners.
John Nealon, Chairman, Data Destruction Division of the Irish Security Industry Association.