LAW ON DATA PROTECTION

Data Protection Acts
The main Irish law dealing with data protection is the Data Protection Act 1988.  The 1988 Act was amended by the Data Protection (Amendment) Act 2003.  An informal consolidated version of the two Acts is available.

The 2003 Amendment Act brought our law into line with the EU Data Protection Directive 95/46/EC.

All Sections of the Acts are in force, except Section 4 (13) (enforced subject access).

Electronic Privacy Regulations
The ePrivacy Regulations 2003 (S.I. 535) deal with data protection for phone, e-mail, SMS and Internet use.  They give effect to the EU e Privacy Directive 2002/58/EC. These regulations have been amended by SI 526 of 2008.   An informal consolidated verison of the regulations is available.

SI 192 of 2002 – which has been replaced by SI 535 – is available for reference.

Regulations under the Data Protection Acts
Fees
S.I. 658 of 2007 - The fee you must pay for Registration and for Prior Checking
S.I. 347 of 1988 - The fee that an organisation may charge you for an Access Request( €6.35) and the fee for a certified copy of a Register entry (€2.54)

Registration
S.I. 657 of 2007  - Who must register
S.I. 351 of 1988  - Registration Forms
S.I. 350 of 1988  - Period of Registration (1 year)

Restrictions on Right of Access
S.I. 82 of 1989 - Health data
S.I. 83 of 1989 - Social Work data
S.I. 95 of 1993 - Functions of the Financial Regulator and of the Consumer Agency. Various functions performed by auditors etc under the Companies Acts
S.I. 81 of 1989 - Information on adopted children and information the Public Service Ombudsman gets during an investigation

S.I. 421 of 2009  - Functions of the Director of Corporate Enforcement and inspectors appointed by High Court or Director of Corporate Enforcement

Prior Checking of Processing

S.I. 687 of 2007 - Processing of genetic data in connection with employment

Other Laws
Cross-Border Bodies
British-Irish Agreement Act, 1999, Section 51 - Data protection in cross-border bodies