Complaints down, but major revelations around state intelligence agencies focus attention on privacy rights
The Data Protection Commissioner’s (DPC) Report for 2013 shows that while complaints were down overall compared to the previous year, 910 versus 1,349, there was a marked concentration of complaints around requests for access.
More than half (57%) of complaints investigated in 2013 related to difficulties gaining access to personal data held by organisations, with 517 complaints in this category.
A breakdown of the complaints show that electronic direct marketing accounted for less than a quarter (22.4%), while most other complaints were in the low single percentages, such as unfair obtaining of data (2.3%) and excessive data requested (1.1%).
According to the report, the DPC office dealt with 1,577 data breach notifications, which included the LoyaltyBuild case, but also an instance of a departing employee taking a client list to a new employer and the first notifications by telecommunication companies via the new online reporting mechanism laid down in European Commission Regulation 611/2013.
It was a momentous year for data protection, as the full extent of the activities of US and European intelligence agencies in relation to citizen data was revealed.
“This has sparked an important and welcome debate on the proper balance between national security and privacy considerations for the 21st Century,” says the DPC report.
The DPC carried out 44 audits and inspections in 2013, representing an increase of 10% on the previous year.
Notable among the audits was that of An Garda Síochána, the commencement of the audit of Linked-In Ireland and a Global Privacy Internet Sweep that reviewed web sites in terms of privacy policies conducted by a number of Data Protection Authorities internationally.
Enforcement notices were issued to 10 bodies in 2013, most relating to right of access, said the report. Most notable among these were a solicitor, Ian Mallon Solicitors, the insurance company Axa Insurance Limited, and the Irish Prison Service. A selected information notice was issued to ESB Electric Ireland.
The report comes as an EU privacy panel headed by Isabelle Falque-Pierrotin, has made strong recommendations that there should be more consultation between member country data protection offices and the EU. The implication is that individual countries, where the likes of a major social media company is headquartered, would no longer be solely responsible for the enforcement of data protection policy. (TechCentral.ie)
Read Full Report Here: Data Protection Commissioner’s Report for 2013