data protection

Subscribe to data protection via RSS

The Office of the Data Protection Commissioner (the ODPC) has released a guidance note on connected toys (the Guidance Note). The Guidance Note highlights the possible data protection issues that might occur when children and parents use toys with microphones and cameras that have an ability to connect to the internet.

The ODPC warns of certain potential issues with the personification of connected toys, in particular dolls. Some of these toys provide an interactive experience by reacting to selected words. This may give the impression of an emotional response to what the child says or does. In some instances, these toys are enabled to collect and record these “conversations” between the child and the connected toy on apps, smartphones or tablets. The ODPC cautions that some of these connected toys’ terms and conditions allow these potentially sensitive recordings to be shared with other companies and used for the basis of targeted advertising.Continue Reading Child’s Play: The Office of the Data Protection Commissioner releases Guidance Note on Connected Toys

Following the Brexit Referendum and the uncertainty now surrounding the future of data flows between the UK and the remaining EEA States, the UK Information Commissioner’s Office has published an update on its blog: “GDPR still relevant for the UK“. The update emphasises the importance of the GDPR to many organisations in the UK and notes:

“With so many businesses and services operating across borders, international consistency around data protection laws and rights is crucial both to businesses and organisations, and to consumers and citizens. The ICO’s role has always involved working closely with regulators in other countries

Continue Reading ICO states that GDPR is still relevant for the UK

The US Second Circuit Court of Appeals, overturning an earlier court ruling from a lower court, has held that the US Government cannot compel Microsoft to hand over emails stored on a server in Dublin in a narcotics case. The decision is a milestone victory for privacy rights and will be greatly welcomed by US technology companies storing data abroad. It should also provide reassurance to European citizens that their data will be protected by European data protection laws and the US legal system will respect their privacy rights.Continue Reading Microsoft wins landmark US appeal against search warrant for emails stored in Ireland

Under Section 26 of the Data Protection Acts 1988 and 2003, an appeal before the courts is provided for against a decision of the Data Protection Commissioner in relation to a complaint under Section 10(1)(a) of the Acts. The scope and applicable review standard for such an appeal was one of two key issues which came before the Supreme Court in the recent case of Nowak v. The Data Protection Commissioner (Judgment of O’Donnell J delivered on 28th April 2016).Continue Reading Nowak v. The Data Protection Commissioner: Data subjects’ right of appeal and testing the boundaries of “personal data”

The Office of the Data Protection Commissioner (ODPC) has contacted Dublin City Council in relation to its data protection concerns surrounding the City Council’s new anti-litter poster initiative. As part of the initiative the City Council had erected a billboard in the north inner city featuring CCTV images of 12 people who appear to be engaging in illegal dumping around the Amiens Street-Five Lamps area. Although the faces were slightly blurred due to the quality of the CCTV footage, the City Council stated that the people would be able to identify themselves from the images, as most likely
Continue Reading ODPC contacts Dublin City Council regarding anti-litter posters

In advance of the forthcoming Dáil elections, the Office of the Data Protection Commissioner (ODPC) has issued guidance to candidates for election and their representatives on canvassing, data protection and electronic marketing (the Guidance). Publication of the Guidance follows the ODPC’s previous efforts to boost awareness of individuals’ privacy rights in this area (see previous blog here).

The Guidance includes an overview of the provisions in relation to unsolicited marketing and cookie use as contained in the EC (Electronic Communications Networks and Services) (Privacy and Electronic Communications) Regulations 2011 (S.I. 336 of 2011). It also emphasises

Continue Reading ODPC Issues Guidance on Canvassing, Data Protection and Electronic Marketing

In its ongoing effort to raise awareness of individuals’ privacy rights, the Office of the Data Protection Commissioner (ODPC) has published a press release on their website on the "Electoral Register and ‘Opting Out’ of the Edited Register".

Every year, the Department of the Environment, Community and Local Government encourages individuals to register to vote or to check that their details are up to date on the Electoral Register in advance of the 25 November deadline. In line with publicising such rights, the ODPC wishes to draw attention to the Edited Electoral Register and how it relates to direct marketing. Continue Reading ODPC Raises Awareness of Right to Opt-Out of the Edited Electoral Register

On 1 October, the Court of Justice of the European Union (CJEU) handed down its judgement in the Weltimmo case (Case C‑230/14), a decision which could have important ramifications for the data protection obligations of companies operating across multiple EU member states. The CJEU effectively held that where a company has a representative in a country and operates services directed at that country, the company can be held accountable by that country’s data protection authority despite not being formally established in that country.Continue Reading CJEU publish important decision on territorial application of data protection law

As has been reported widely in the world media, the Court of Justice of the European Union (CJEU) this week declared the EU-US Safe Harbour regime to be invalid. The decision has understandably given rise to a lot of concern among European businesses that transfer data to the US.

In this blog post, we seek to answer the main questions that are being asked following the CJEU ruling. Continue Reading Data in Disarray: The Aftermath of the Safe Harbour Decision