Digital Rights Ireland (DRI) intend to serve legal proceedings on the Government in the coming days, claiming that the Office of the Data Protection Commissioner (ODPC) has acted in breach of EU law by failing to ensure that the Data Protection Commissioner (DPC) exercises her role independently. The High Court is to be asked to make a referral to the EU’s highest court for a ruling on whether the DPC is truly independent under EU law.
The legal papers claim that the DPC, Helen Dixon is integrated with the Department of Justice and that she and her office’s employees are civil servants. They also allege that she has failed to act independently in policing databases of citizens created in recent years by both Irish Water and the Department of Education.
The ODPC has come under repeated criticism from some EU sources for being “soft” on regulation, partly because of the number of jobs firms such as Apple, Google, Facebook and LinkedIn support here, an allegation that has always been denied by the ODPC.
DRI confirmed this morning it had instructed its lawyers to serve legal papers on the Irish Government stating that, “Ireland’s position as the EU’s centre for technology multinational companies makes it critical for the protection of all EU citizens’ rights that the state has a world class data protection regulatory regime,”. It noted a series of cases decided by the CJEU had stressed the critical importance of a truly independent data protection authority – the Schrems case on Safe Harbour and its ruling that the lack of such an independent watchdog was cited as one of the most significant differences between the EU and US privacy systems.
DRI claims that the ODPC does not meet the criteria set down by the EU case law for true independence, resulting in the need for it to turn to the courts to uphold the fundamental rights of Irish and EU citizens alike.
Perhaps fittingly, today is annual International Data Protection Day. Speaking to mark the event, Helen Dixon has said that there is a need for better compliance with data protection law by the Irish public sector, and the need to improve the legislative process to ensure greater deliberation and scrutiny of issues that interfere with the fundamental right to data protection.