Follow: Email

On February 24, 2022, the Irish Data Protection Commission (“DPC”) published its 2021 annual report setting out its activities and outcomes for last year (see press release here and the full report here).  At 120 pages long, it is detailed and specific, and in places, comes with a targeted and reflective commentary.  Overall, it provides readers with useful insights into the work of a supervisory authority at the forefront of Europe’s data protection whirlwinds.

Addressing the Critics

The DPC introduces the report with commentary that is critical of the narrative that equates the size of fines imposed under the EU General Data Protection Regulation (“GDPR”) with regulatory efficacy.  This is the elephant in the room tackled up front.  It is a narrative that has been repeated against the DPC in recent times by critics complaining about the level of control (or lack thereof) that the DPC exercises over large technology platforms, many of which have established their center of EU operations in Ireland.  In response to this sentiment, the DPC refers to the ongoing work of European data protection authorities to identify a set of performance metrics to quantity regulatory output across all Member States, stating that “such metrics must, however, move past both superficial totting exercises and assumptions to the effect that the bigger the fine, the greater the change of behaviour it will herald.”

Further, to illustrate the varying levels of complexity that the report refers to, the DPC cites to the example of a decision that ran to “several hundred pages and touch[ed] on the complex operating processes of large multinational organisations, impacting on millions of people” in contrast with another decision comprising “a two-line treatment of a comparatively simple issue that has minimal ramifications for data subjects in general.”

About More Than The GDPR

While cognizant that the control enjoyed by large technology platforms may need to be tackled by more than a single regulatory discipline, whether “data protection, competition law or content regulation”, there is, according to the DPC, “no question” that the GDPR is and will remain the best-available framework in Europe for protecting personal data.  However, in recognizing the limitations of the GDPR, the DPC goes on to say it is not the role of the DPC or any other supervisory authority to “target all manifestations” of platform power.

Given the suite of forthcoming EU laws and frameworks seeking to address data-related issues, the DPC also emphasizes the importance of cross-regulatory structures to deal with the type of issues already escalated by the one-stop-shop mechanism under the GDPR.
Continue Reading Irish Data Protection Commission Publishes 2021 Annual Report

The fragility of Northern Ireland politics continues to prove problematic in dealing with Brexit. The on-going efforts of the UK government to redefine the Northern Ireland Protocol agreed with the EU last December is testament to that. Such efforts may be politically appealing in advance of UK local elections next May, but they too are

The European Commission Vice President and Co-Chair of the Europe-UK Joint Committee, Maroš Šefčovič,  spoke to a meeting of the Irish Institute of International and European Affairs yesterday about the Ireland/Northern Ireland protocol.  He spoke of the political risk and the efforts being made to reach a compromise between the EU and the UK on

The Irish authorities are currently preparing a number of interesting pieces of new legislation – some to simply deal with Covid or to comply with European requirements, others relating to more domestic issues and a number will implement international obligations.  However surprisingly few are Brexit related.

Traditionally there are an average of over 60 new

Ireland is beginning to emerge from the shades of Covid with almost full opening of the economy now planned for October 22nd.  It brings with it some significant changes to working lives, education and business and while the signals are optimistic, caution is in the air.

The Irish have followed a conservative approach to the

Lobbying.  The descriptor we use for seeking to influence key decision makers. It’s been a part of commercial life for centuries and many societal structures were and are built on it such as the medieval guilds, modern trade associations, and a myriad of other bodies who exist to influence, persuade and argue.  Law firms too. 

The 1998 Good Friday Agreement (also known as the Belfast Agreement), which brought to an end three decades of inter-communal violence, also heralded the advent of 23 years of increased cross-border trade and cooperation as well as an increase in Irish exports to the UK.  That ease of access and trade was facilitated by the