Today is International Data Protection Day, and Digital Rights Ireland is marking it with the announcement that it has instructed its lawyers to serve legal papers on the Irish government, challenging whether the office of the Irish Data Protection Commissioner is truly an independent data protection Authority under EU law.
In a statement, DRI says that Ireland’s position as the EU’s centre for technology multinational companies makes it critical for the protection of all EU citizens’ rights that the state has a world class data protection regulatory regime.
A series of cases from the CJEU, the EU’s top court, have stressed the critical importance of a truly independent data protection authority. Most recently, in the Schrems case on Safe Harbour, the lack of such an independent watchdog was cited as one of the most significant differences between the EU and US privacy systems.
DRI’s case is that Ireland has failed to properly implement EU data protection law, or to follow the requirements of the Charter of Fundamental Rights by failing to ensure the Irish DPC is genuinely independent from the Government.
“Ireland’s DPC has a key role in Europe’s data protection landscape. From our 2014 case overturning data retention to the Schrems case, to the Microsoft v USA warrant case Ireland is the critical jurisdiction for the protection for the rights of citizens across the EU.
“Ireland’s Data Protection Authority doesn’t meet the criteria set down by the EU case law for true independence.
“As the Irish government has refused to acknowledge this to date, we are turning to the courts to uphold Irish and EU citizen’s Fundamental Rights.”