The new DPC website is currently under construction. Our latest guidance in relation to GDPR, which comes into effect on 25th May, 2018, can be found at gdprandyou.ie and via pages on this website starting with "NEW" as per the navigation pane on the left. All other material on this site relates to the previous legislative regime under the Data Protection Acts 1988-2003 ("the Acts"). While the Acts may continue to apply in some circumstances, as of 25th May, 2018 the GDPR is the primary piece of legislation governing data protection.

Data Protection Commission

Data Protection Commissioner launches his Annual Report for 2011

The Data Protection Commissioner, Billy Hawkes, today launched his report for 2011.  The Commissioner draws attention to the shift in the nature and type of complaints received by his Office with individuals concerned about the security of their personal data and the uses made of that data by software and technology applications.  He has also highlighted the increased demand on the resources of his Office as a result of the location of the world's largest technology players in Ireland and the potential for reputational damage for the country if his Office is not in a position, due to resource issues, to perform its statutory responsibilities.


During 2011 the Office opened 1,161 complaints for investigation.  This was a record high number of complaints and it compares with 783 complaints in 2010.  Complaints concerning access rights (562) accounted for nearly half of the overall total reflecting a growing level of public awareness of the right of access to a copy of personal data.


The report includes case studies of a number of specific investigations including:

?         Prosecution of Vodafone, UPC, Eircom, O2 and Regine Ltd for marketing offences

?         Excessive data collection by Swan Leisure Centre

?         Unlawful use of CCTV by Westwood Swimming Ltd to monitor an employee

?         Financial institutions seeking to restrict the right of access to credit assessments

?         Complaints about solicitors and private investigators not complying with access requests

Data Security Breaches

Last year for the first time the number of data breach notifications outstripped the number of complaints opened for investigation with 1,167 data security breach incidents reported to the Office up from 410 in 2010.  The Commissioner does not see this as an actual increase in the number of breaches occurring, rather a raised awareness of the need to notify his Office.  The Commissioner reports on serious data security breach incidents that occurred in 2011 involving the HSE (see pages 13 and 14 of the Report).


The report lists the 28 audits undertaken in 2011 and details the audit of Facebook Ireland, the most extensive and resource intensive audit yet undertaken by the Office.  Also included are the preliminary findings of an investigation of external agency access to personal data held by the Department of Social Protection which has given rise to concerns.

General Election Related Complaints

The Office dealt with nearly 100 complaints or queries from individuals who received unwanted contact from candidates for election or political parties in the course of the General Election in 2011.  As of 1 July, 2011 a previous exemption from normal data protection requirements for such contacts by electronic means is now removed. As a result, the Commissioner is no longer restricted from investigating complaints in this area and he has already issued a warning to a political party about the sending of unsolicited marketing text messages in the course of the Presidential Election campaign.


Note:  The Annual Report is available for download in PDF format from the Data Protection Commissioner's website www.dataprotection.ie

Media Queries to:      Catriona Holohan

Telephone                    (057) 868 4800

Fax                              (057) 868 4757

Email                           media@dataprotection.ie

Website                       www.dataprotection.ie