vLex Ireland

Don’t miss our annual Privacy Summit, scheduled for April 16. This information-packed, daylong event will bring you fully up to date on the latest, emerging issues in cybersecurity and data privacy.  The program kicks off with keynote speaker Leslie Ireland — former Assistant Secretary for Intelligence and Analysis, U.S. Department of the Treasury, and National... (See Article)

European Union Data Protection Authorities discussed enforcement priorities at the International Association of Privacy Professionals (IAPP) Data Protection Intensive. Key takeaways: CNIL: Online advertising and cookies are a focus right now. Ireland DPC: currently handling 10,000 complaints with 23 investigations into so-called big tech companies, and two investigations at the decision-making stage. An area of... (See Article)

The Food Standards Agency (FSA), which regulates foods and food businesses in England, Wales and Northern Ireland, yesterday issued its long awaited statement on CBD in foods. In January 2019, the European Commission updated the Novel Food Catalogue to state that extracts of Cannabis sativa L. and derived products containing cannabinoids are considered as novel... (See Article)

Ireland’s Data Protection Commission has published guidance on data security. Key Takeaways- The most effective means of mitigating the risk of lost or stolen personal data is not to hold the data in the first place. (See Article)

Weekly Focus Replies to Motions for Summary Judgments filed in SEC v. Telegram Cases Consolidated in Class Action Suit Against iFinex Inc Bittrex Introduces Insurance Coverage Research Report Finds the Number of Cryptocurrency Scams Rose in 2019 Research Report Indicates Regulatory Uncertainty a Barrier for Digital Asset Companies Coinbase Custody Launches in Ireland Cambodia Announces... (See Article)

Are opinions about someone personal data? Ireland’s Data Protection Commission explains. Key takeaways: An opinion can include personal data. If the opinion is not recorded — GDPR does not apply. If made or recorded for someone’s “purely personal or household” activities, with no connection to a professional or commercial activity, GDPR doesn’t apply. GDPR may... (See Article)

Supreme Court Confirms When an Employee is Entitled to Legal Representation - Precedential Decision by Judiciary or Regulatory Agency - On November 11, 2019, the Supreme Court upheld last year's decision of the Court of Appeal in the case of Iarnród Éireann/Irish Rail v Barry McKelvey. (See Article)

There is growing interest in collecting wild fungi in Ireland but this is not supported by an appreciation of the associated dangers, according to researchers. The issue constitutes a growing national health threat, wrote Dr. Douglas Hamilton and Dr. Gerard Meagher, from the department of public health, HSE Midlands in the first edition of Epi... (See Article)

1. Brace yourself (for export turbulence) 2020 could well be a year of data export turmoil – so brace yourself! The Court of Justice of the European Union (CJEU) will determine the validity of the EU Standard Contractual Clauses (SCCs) (Data Protection Commissioner v Facebook Ireland Limited, Maximillan Schrems) whilst the General Court of the... (See Article)

“No es oro todo lo que reluce”: Es esta una advertencia que debe tener muy presente aquel que lea la Opinión del Abogado General Saugmandsgaard Øe (del Tribunal de Justicia de la Unión Europea en el caso C-311/18 Data Protection Commissioner v Facebook Ireland Limited, Maximillian Schrems (“Schrems II“), hecha pública el pasado 19 de... (See Article)

On December 19, 2019, Advocate General (“AG”) Henrik Saugmandsgaard Øe handed down his Opinion in Case C-311/18, Data Protection Commissioner v Facebook Ireland and Maximillian Schrems (“Schrems II”). The AG’s Opinion provides non-binding guidance to the Court of Justice of the EU (“CJEU”) on how to decide the case. In brief, the AG recommended that... (See Article)

Q1/ Applicable legislation - (a) Have the requirements of the GDPR been addressed by introducing a new law, or by updating existing legislation? New legislation has been passed. (See Article)

Today, the Advocate General Henrik Saugmandsgaard Øe (AG) published his opinion on a case brought by privacy rights activist, Max Schrems (C-311/18, Data Protection Commissioner v. Facebook Ireland Limited, Maximillian Schrems) (Schrems II). The case concerns the validity of the standard contractual clauses (SCCs). The Court of Justice of the European Union (CJEU) press release... (See Article)

Almost half of people surveyed still wash their turkeys before cooking despite this practice being against food safety advice. Based on research in Ireland commissioned by the safefood organization, 43 percent of people wash turkey before cooking, which can spread food poisoning germs around kitchen surfaces, utensils, hands, and ready-to-eat foods. Even the smallest drop... (See Article)

A European Centre for Disease Prevention and Control project has recognized the important role of the community in public health emergency preparedness and response. The report presents findings of a case study into outbreaks of Shiga toxin-producing E. coli (STEC) at childcare facilities in Ireland. It found affected communities are key in public health emergencies... (See Article)

On 14 November 2019, the Central Bank of Ireland (the “Central Bank”) launched its Administrative Sanctions Guidance (the “Guidance”), accompanied by a key-note speech by Derville Rowland, the Director General of Financial Conduct. The speech and the Guidance mark a continuation of the Central Bank’s demands for high standards, a trend prominent in recent industry guidance including the Industry Letter on Closet Indexing (the “Industry Letter”), the oversight requirements contained in the Fund Management Companies – Delegate Oversight Consultation Paper (“CP86”) and the changes to the Fitness and Probity Regime. (See Article)

The Advocate General’s (“AG”) Opinion in Case C-311/18, Data Protection Commissioner v Facebook Ireland and Maximillian Schrems (“Schrems II”), has been delayed until the 19th December 2019.  (The original publication date was set for the week before, on the 12th December.) The primary question before the European Court of Justice (“ECJ”), and the AG, in Schrems... (See Article)

The Minister of Finance has passed new Regulations, the Data Protection Act 2018 (section 60(6)) (Central Bank of Ireland) Regulations 2019, permitting data subjects’ rights under Articles 12-22 and Article 34, and controllers’ obligations under Article 5 GDPR, to be restricted to the extent necessary and proportionate to allow the Central Bank of Ireland (CBI)... (See Article)

More than half of Salmonella infections in Ireland last year were associated with international travel, according to a recent report. During 2018, 363 people had salmonellosis including 349 confirmed and 14 probable compared to 414 in 2017 based on figures from the Health Protection Surveillance Centre (HPSC), Ireland’s agency for the surveillance of communicable diseases... (See Article)

In September 2019, the Central Bank of Ireland (the Central Bank) published CP130, a consultation paper on the proposed regulatory framework (the Framework) for the treatment, correction and redress of errors in investment funds (the Consultation). It is proposed that the Framework will apply to fund management companies acting for Irish authorised Undertakings for the Collective Investment in Transferable Securities (UCITS), Alternative Investment Funds (AIFs), Irish domiciled fund management companies acting for non-Irish authorised funds and non-Irish fund management companies acting for Irish authorised funds (each, a Fund Management Company). The deadline for submitting responses to t (See Article)

Ireland’s Data Protection Commission has issued a guidance note on the right of access under the General Data Protection Regulation. Key takeaways: Requests to access data are the majority of complaints received. If reasonably necessary to clarify the request, you may request that the requester specify the information or processing activities they want access to.... (See Article)

The Irish Data Protection Commission has issued guidance on cloud computing. Here are key takeaways for companies and cloud providers: You must remain in control of the personal data you collect. You must have a written agreement with the cloud provider meeting with the requirements of Article 28 of the General Data Protection Regulation. Before... (See Article)

The Irish Data Protection Commission has issued guidance on data breach notification under GDPR. Key takeaways: A personal data breach is a security incident that negatively impacts the confidentiality, integrity, or availability of personal data, with the consequence that the controller is unable to ensure compliance with the principles for processing personal data as outlined in Article 5 of the General Data Protection Regulation. (See Article)

We heard recently from French Data Protection Authority CNIL on the topic of Data Protection Impact Assessments (DPIAs). Now, Ireland’s Data Protection Commission has issued its own Guidance Note on DPIAs under The General Data Protection Regulation. (See Article)

The Supreme Court of Ireland recently examined the extent of the obligation on employers, under Irish Employment Equality legislation, to put in place “appropriate measures” to adapt a place of work to reasonably accommodate disabled employees. (See Article)

The EU-UK agreement reached on 17 October 2019 ("Agreement") revises the Irish backstop with a new protocol on Ireland/Northern Ireland ("NI protocol"). (See Article)

A resource has been added LexBlog Ireland

The Irish Data Protection Commission (DPC) does not have any power to order an organization to pay compensation to an affected data subject. In the case of administrative fines, any funds collected from these fines go to the state exchequer. (Ver Artículo)

A resource has been added Ireland

On 16 September 2019, the Central Bank of Ireland (the “Central Bank”) sent a letter to the Irish funds industry outlining the timeframes for receipt of (i) new fund applications and (ii) post-authorisation amendments that have approval deadlines before Christmas or year-end (the “Year-End Letter”). (See Article)