1 RELEVANT LEGISLATION AND COMPETENT AUTHORITIES
1.1 What is the principal data protection legislation?
Data Protection Acts 1988 and 2003 ("DPA").
1.2 Is there any other general legislation that impacts data protection?
Freedom of Information Act 2014
This gives a legal right for persons to access information held by a body to which FOI legislation applies; to have official information relating to himself/herself amended where it is incomplete, incorrect or misleading; and to obtain reasons for decisions affecting himself/ herself.
The Protected Disclosures Act 2014 (the "Whistle-Blowers Act")
This has introduced legislation in relation to whistle-blowers in Ireland for the first time.
S.I. No. 541/2014 - Criminal Justice (Mutual Assistance) Act 2008 (Commencement) Order 2014
This enacts Part 3 of the Criminal Justice (Mutual Assistance) Act 2008 which provides for various forms of mutual legal assistance to foreign law enforcement agencies.
S.I. No. 658/2007 - Data Protection (Fees) Regulations 2007
This outlines the fee for registration and for prior checking.
S.I. No. 657/2007 - Data Protection Act 1988 (Section 16(1)) Regulations 2007
This outlines the organisations that will be required to register with the ODPC.
S.I. No. 83/1989 - Data Protection (Access Modification) (Social Work) Regulations, 1989
Outlines specific restrictions in respect of social work data.
S.I. No. 351/1988 - Data Protection (Registration) Regulations, 1988
This outlines the details that must be contained in forms for registration with the ODPC.
S.I. 350 of 1988 - Period of Registration
This outlines the period that registration lasts for (1 year).
S.I. No. 347/1988 - Data Protection (Fees) Regulations, 1988
The fee that an organisation may charge for an Access Request (6.35) and the fee for a certified copy of a Register entry (2.54).
1.3 Is there any sector specific legislation that impacts data protection?
S.I. No 337 of 2014 - Data Protection Act 1988 (Commencement) Order 2014 and S.I. No 338 of 2014 - Data Protection (Amendment) Act 2003 (Commencement) Order 2014
This makes it unlawful for employers to require employees or applicants for employment to make an access request seeking copies of personal data which is then made available to the employer or prospective employer. This provision also applies to any person who engages another person to provide a service.
S.I. No. 336/2011 - European Communities (Electronic Communications Networks and Services) (Privacy and Electronic Communications) Regulations 2011 ("E-Privacy Regulations")
This deals with specific data protection issues relating to use of electronic communication devices, and particularly with direct marketing restrictions.
S.I. No 421 of 2009 - Data Protection Act 1988 (Section 5(1)(D)) (Specification) Regulations 2009
This outlines the exemption from the DPA of the use of personal data in the performance of certain functions of the Director of Corporate...