Irish Data Protection Commissioner To Audit Major Social Media Companies

Author:Mr John O'Connor

The Irish Data Protection Commissioner (the "DPC") has stated his intention to carry out scheduled audits of major social media companies that have operations in Ireland. Commissioner Billy Hawkes said that many such companies had their European headquarters in Ireland and therefore they fell under his jurisdiction as Irish Data Protection Commissioner He added that Ireland had a significant responsibility to the rest of Europe in this regard.

Under the Data Protection Acts 1998 and 2003, the DPC has powers to carry out data protection audits and inspections to ensure compliance with the law and to identify possible breaches. Each year the Commissioner decides the office's target sectors for audit for that year. Scheduled audits are intended to provide some forewarning to the operators in the sector and to give them an opportunity to address any perceived issues and perhaps to commence engagement with the DPC's office.

The DPC plans to conduct a scheduled audit of a leading international social media company this year and we understand the DPC is in discussions with the company in relation to when that will commence and the scope of that audit. Whilst the DPC's staff numbers and budget have increased in anticipation of more audits, we would nonetheless anticipate that the audits will be undertaken one at a time rather than in parallel with each other.


To continue reading