The new DPC website is currently under construction. Our latest guidance in relation to GDPR, which comes into effect on 25th May, 2018, can be found at gdprandyou.ie and via pages on this website starting with "NEW" as per the navigation pane on the left. All other material on this site relates to the previous legislative regime under the Data Protection Acts 1988-2003 ("the Acts"). While the Acts may continue to apply in some circumstances, as of 25th May, 2018 the GDPR is the primary piece of legislation governing data protection.

Data Protection Commission


Media Release

Embargo Tuesday 11 April 2006 - 10.00 am

Media have an obligation to respect the right to privacy and must be able to justify the publication of details of a person's private life, balancing the right to privacy with a public interest test.

Annual Report for 2005 published

During the course of 2005 a number of complaints were made to my office about the publication of material relating to the private life of individuals. Although the media can avail of exemptions under the Data Protection Acts 1988 & 2003 designed to permit them to conduct their legitimate business, any reliance on the publication being in the public interest must be balanced with an individual's right to privacy.

In a wide ranging report on his Office's activities for 2005 the Commissioner indicated that

? Privacy Survey found that privacy came second only to crime in its importance to Irish people and that there is an increase in awareness of the office with 50% of people being aware of the existence of Data Protection Commissioner. Public presentations, privacy audits, advertising and the production of a training DVD/CD all proactively increased awareness.

? The right to privacy and the ongoing fight against terrorism and organised crime continue to focus attention on data protection in police and judicial matters. Appropriate consideration must be paid to the right to privacy when new measures to combat crime are being devised.

? First SPAM prosecution results in first conviction of an Irish company for engaging in unsolicited marketing communications.

? New facility to opt-out from receiving unwanted marketing calls ("cold calls") launched with the assistance of ComReg. Teething problems experienced by major phone companies.

? Publication of complete planning application files on local authority websites compromises privacy rights. Files should be published only with the minimum necessary personal data.

? Decentralisation will result in a 90% turnover of staff over coming months as the office prepares to decentralise to Portarlington later this year. Maintaining a high quality of service delivery during this period will be a key objective of the Commissioner.

? Transfer of data outside of European Economic Area is restricted. Commissioner gives first formal authorization using EU Model Contracts and is actively involved in assisting companies develop Binding Corporate Rules.

Complaints Investigated

The Commissioner's Report gives details of his investigations into complaints made by individuals and organisations, who were concerned about the use of personal data. Among the issues considered by the Commissioner were:

? Use of Biometric system in the workplace. Employer's needs had to be balanced with employees' right to privacy. Need for a privacy impact assessment before such measures are introduced. Any such system must meet a test of proportionality.

? Restricted access to medical reports held by a Life Assurance Company. Can a claim of legal privilege override a person's right to be given a copy of his/her own personal data?

? The right of access may still be exercised even if a matter is currently before the High Court.

? Cross marketing of an MBNA credit card by Stein Travel. Not a compatible use of data.

? Excessive information being asked for by AIB when person applying for deposit account. Information exceeded that necessary to fulfil anti-money laundering obligations.

? Placement of CCTV cameras on LUAS line unduly interfered with privacy of residents. Camera operating system adjusted to take account of privacy rights.

? Patient complained that hospital had disclosed personal data to National Treatment Purchase Fund. However, disclosure was compatible with purpose of provision of health care.

? Persistent unsolicited marketing phone calls made by Optic Communications. Failed to respect objections of data subjects. Ceased marketing operations.

? Collection of phone numbers in entertainment venues prone to abuse. Inaccurate recording of numbers and condition of person when offering consent had to be addressed.

Enquiries and Complaints

The number of enquiries with his Office was in the region of 15,000 while its website, https://www.dataprotection.ie, recorded many 'hits' during the year.

The number of formal complaints concluded in 2005 was 389 while 300 new complaints were received (385 in 2004). Complaints mainly concerned access rights (35%), direct marketing (33%), disclosure (14%) and accuracy (7%). The Commissioner indicated that 27% of complaints were upheld, 28% were not upheld, while 45% were resolved informally.


Registrations with his office rose by 8% to 5,933 (fee income of €573,000 compared to €531,000 in 2004) due to a more proactive approach.

[Note: The Annual Report is available for download in PDF version from the Data Protection Commissioner's website: www.dataprotection.ie]

Media Queries
Mr Seán Sweeney
Telephone (01) 874 8544
Fax (01) 874 5405
Email mailto:ssweeney@dataprotection.ie