The Data Protection Commissioner has today launched his twenty third annual report. The report begins by addressing the expanding role of the Data Protection Commissioner in Ireland as people become increasingly concerned about how their personal data are being stored and shared.
According to the report there were a record high number of complaints (up almost 50%) and a significant proportion these were in relation to access rights. For the first time the number of data breach notifications (up 300% on 2010) was greater than the number of complaints opened for investigation. This is credited by the Data Protection Commissioner to the introduction of the Data Security Breach Code of Practice and a raised awareness of the need to notify the Commissioner’s Office in the event of a breach occurring.
The report lists the 28 audits undertaken last year and provides a detailed account of the audit of Facebook Ireland, a 3 month investigation undertaken by the Commissioner’s Office with the technical support of University College Dublin. A number of case studies are detailed in the report including the prosecution of several telecommunications operators for marketing offences and a leisure centre’s use of CCTV to monitor an employee.
International influence in Ireland is also addressed in the report. The report also acknowledges the extra powers and responsibilities that the European Commission’s draft Data Protection Regulation would impose upon the Commissioner’s Office. Complaints related to the General Election of 2011 as well as new challenges such as cloud computing are also highlighted in the report.