I posted yesterday about my complaint to the Irish Data Protection Commission about the cross border data transfers of an international not-for-profit organisation. This is a topic I’ve looked at myself in the past in some detail when I was volunteering with a similar organisation doing similar things. About five years ago I mapped out …
As I write this I am listening to an IAPP webinar on LinkedIn Live discussing Article 49 derogations for data transfers outside the EU. There is some consternation in the discussion about the narrow interpretations that are applied in relation the derogations under Article 49. It’s great to see the IAPP discussing the limitations of …
We are living in strange times. And I’m not just talking about Covid, forest fires, or the potential discovtaery of signs of alien life on Venus. No, I’m talking about the bizarro-world scenario of Max “Europe vs Facebook” Schrems joining common cause with (checks notes) Facebook against the Irish Data Protection Commission over (checks notes …
So, 81 people attended a Golf Society event in a hotel in Clifden during a time when the country was losing control again on a pandemic, largely through community transmission. At the time, the public health REGULATIONS (not guidance) were that events like this could permit a maximum of 50 people. Weddings had been cancelled. …
Mea Minima Culpa – Politicians, Rubber Chicken, and Pandemics Read More »
Back at Easter, Wexford County Council announced they were using drones to help police travel restrictions in respect of Covid-19. Cameras mounted on drones constitute a form of mass surveillance over a public area. As such, Article 35 of GDPR requires that a DPIA be undertaken. Full stop. Failure to do so is a contravention …
It’s been just over a year since I wrote anything on this blog. That’s too long. So I’ll be writing some stuff today and tomorrow about my experiences using FOI to identify where mandatory procedural aspects of Data Protection law are not being followed by public bodies and the response of the Data Protection Commission …
Over the past few days, the Irish Times has carried a larger volume than usual of the “Data Protection Commissioner is evil” letters, giving out about her “nonsensical powers” because the bad lady won’t let them do things they want to do with data about people who are/might be alive. I don’t always agree with …
The General Data Protection Regulation (GDPR) is now in the home straight, with publication of final, final text expected in Q1 of 2016 (expect something to happen towards the end of January). One of the small and subtle changes that is buried in the 209 pages of text in the most copy I have come …
The General Data Protection Regulation and “Mental Discounting” Read More »
A few weeks ago I wrote a post here about Irish Water’s Data Protection Policy, which was very poorly written and had all the hallmarks of having been cut and paste from another document (for example references to numbered clauses that were not in the Data Protection Notice). Today they have advertised on RecruitIreland.com for …
Irish Water, Data Protection, and the Cut and Paste Fairy Read More »
A few weeks ago I did a lot of research to find the specific section of legislation that authorised Irish Water to request PPSN details from people. It is Section 20 of the Social Welfare and Pensions Act 2014. So, a bit of a law was done to do a thing. But could that thing …