The International Comparative Legal Guide To: Data Protection 2015

Author:Mr John O'Connor and Anne-Marie Bohan


1.1 What is the principal data protection legislation?

Data Protection Acts 1988 and 2003 ("DPA").

1.2 Is there any other general legislation that impacts data protection?

Freedom of Information Act 2014

This gives a legal right for persons to access information held by a body to which FOI legislation applies; to have official information relating to himself/herself amended where it is incomplete, incorrect or misleading; and to obtain reasons for decisions affecting himself/ herself.

The Protected Disclosures Act 2014 (the "Whistle-Blowers Act")

This has introduced legislation in relation to whistle-blowers in Ireland for the first time.

S.I. No. 541/2014 - Criminal Justice (Mutual Assistance) Act 2008 (Commencement) Order 2014

This enacts Part 3 of the Criminal Justice (Mutual Assistance) Act 2008 which provides for various forms of mutual legal assistance to foreign law enforcement agencies.

S.I. No. 658/2007 - Data Protection (Fees) Regulations 2007

This outlines the fee for registration and for prior checking.

S.I. No. 657/2007 - Data Protection Act 1988 (Section 16(1)) Regulations 2007

This outlines the organisations that will be required to register with the ODPC.

S.I. No. 83/1989 - Data Protection (Access Modification) (Social Work) Regulations, 1989

Outlines specific restrictions in respect of social work data.

S.I. No. 351/1988 - Data Protection (Registration) Regulations, 1988

This outlines the details that must be contained in forms for registration with the ODPC.

S.I. 350 of 1988 - Period of Registration

This outlines the period that registration lasts for (1 year).

S.I. No. 347/1988 - Data Protection (Fees) Regulations, 1988

The fee that an organisation may charge for an Access Request (€6.35) and the fee for a certified copy of a Register entry (€2.54).

1.3 Is there any sector specific legislation that impacts data protection?

S.I. No 337 of 2014 - Data Protection Act 1988 (Commencement) Order 2014 and S.I. No 338 of 2014 - Data Protection (Amendment) Act 2003 (Commencement) Order 2014

This makes it unlawful for employers to require employees or applicants for employment to make an access request seeking copies of personal data which is then made available to the employer or prospective employer. This provision also applies to any person who engages another person to provide a service.

S.I. No. 336/2011 - European Communities (Electronic Communications Networks and Services) (Privacy and Electronic Communications) Regulations 2011 ("E-Privacy Regulations")

This deals with specific data protection issues relating to use of electronic communication devices, and particularly with direct marketing restrictions.

S.I. No 421 of 2009 - Data Protection Act 1988 (Section 5(1)(D)) (Specification) Regulations 2009

This outlines the exemption from the DPA of the use of personal data in the performance of certain functions of the Director of Corporate...

To continue reading