The GDPR affects all businesses and was enacted on 25 May 2018. It has introduced substantial changes to data protection law, and businesses should ensure they have taken the necessary steps to comply with the new rules.
Contact UsThe report provides an overview of key developments in various areas of law as well as featuring significant legal changes anticipated for 2020.
Asset Management & Investment FundsThe Minister of Finance has passed new Regulations, the Data Protection Act 2018 (section 60(6)) (Central Bank of Ireland) Regulations 2019, permitting data subjects’ rights under Articles 12-22 and Article 34, and controllers’ obligations under Article 5 GDPR, to be restricted to the extent necessary and proportionate to allow the Central Bank of Ireland (CBI) to carry out certain functions.
TechnologyThe Data Protection Commission (DPC) has published guidance which seeks to answer some of the most frequently asked questions in relation to Data Subject Access Requests (DSARs).
GDPRDo new regulations permit the CBI to restrict individuals’ data protection rights?
Asset Management & Investment FundsThe Government Chief Whip, Seán Kyne TD, has published the Government’s Legislation Programme for Autumn 2019. The Programme lists 32 priority Bills; 27 Bills currently before the Houses of the Oireachtas, and 69 Bills where preparatory work is underway.
TechnologyLast month, the UK Information Commissioner (ICO) released a statement announcing an investigation into the use of facial recognition technology (FRT) in public spaces and expressing concern over its "potential threat to privacy" and "people's…most sensitive personal data". The ICO reassured individuals that it "will not hesitate to use our investigative and enforcement powers to protect people's
GDPRThe UK Information Commissioner’s Office (ICO) has amended its guidance on the time limit for responding to a subject access request (SAR).
GDPROn Friday 16 August, the Data Protection Commission (DPC) published its findings on certain aspects of the Public Services Card (PSC). The DPC found that seven out of eight of its findings were adverse to the positions advanced by the Department of Employment and Social Protection (DEASP) and that there is and has been non-compliance with the applicable provisions of data protection law.
TechnologyIn the past two days, the UK Information Commissioner’s Office (ICO) has issued (potential) GDPR fines of £183.39m and £99.2m on British Airways (BA) and Marriott International Inc., respectively. These are the first fines to be issued by the ICO under the GDPR, and the biggest fines issued by an EU Data Protection Authority (DPA) to date. As the fines affected individuals in multiple Member S...
TechnologyThe EDPB has released new draft guidelines 2/2019 on the contractual necessity legal basis for processing personal data in the context of the provision of online services to data subjects. The guidelines emphasise the narrow scope of the contractual necessity legal basis. A controller must be able to demonstrate that the processing is ‘objectively necessary’ for a purpose that is ‘integral’ to...
TechnologyOn 3 April 2019, the Joint Committee on Justice and Equality met to discuss the implementation of the GDPR with Ms Anna Morgan (Deputy Commissioner), Ms Jennifer O’Sullivan (Deputy Commissioner), and Mr Cathal Ryan (Assistant Commissioner). The Commissioners discussed a range of issues, including the enforcement powers used by the Data Protection Commission (DPC) post-GDPR, the difficulties wit...
TechnologyThe much-anticipated text of the Government's Gender Pay Gap (GPG) Information Bill (the Bill) has now been published. In amending the Employment Equality Acts 1998-2015, the Bill envisages that the Minister for Justice and Equality (the Minister) will make additional regulations that will require certain Irish employers to report and publish details of both their GPG and gender bonus gaps. In...
Employment
