4 February 2021
The EU’s Parliamentary Committee on Civil Liberties, Justice and Home Affairs (LIBE), composed of over 50 MEPs, has prepared a hard-hitting motion against the Irish Data Protection Commission (DPC), calling on the European Commission to launch an infringement procedure against Ireland for failing to enforce the GDPR.
Dr Johnny Ryan, data rights expert and Senior Fellow at the Irish Council for Civil Liberties, said:
“This move echoes what we’ve been saying for some time, namely that the continuing inaction by the DPC jeopardises data rights across the EU bloc, and indeed risks making a mockery of the EU’s world-leading data protection legislation. It’s crucial that the government allocate more staff and resources to the DPC.”
In its call, the LIBE Committee slams Ireland’s lack of GDPR enforcement:
“Several complaints against breaches of the GDPR filed on 25th May 2018, have not yet been decided by the Irish Data Protection Commissioner… [the LIBE Committee] strongly condemns the attempt of the Irish Data Protection Authority to shift the costs of the judicial procedure to Maximilian Schrems, which would have created a massive chilling effect; [and] calls on the Commission to start infringement procedures against Ireland for not properly enforcing the GDPR”.
There is growing concern that the DPC is not up to the task of regulating the big tech companies headquartered in Dublin. It is the chief regulator of these companies under the GDPR. Recently, an opinion from the European Court of Justice pointedly described “persistent administrative inertia”. Speaking in the context of the DPC’s failure to enforce against Facebook, ECJ Advocate General Bobek described the situation as:
“a Lead Supervisory Authority [which]- for lack of expertise and/or staff, or for whatever other reason – fails to take any meaningful action in order to investigate possible breaches of the GDPR and, where appropriate, enforce its rules”.
ICCL has written to the Irish government on a number of occasions calling for adequate resourcing of the office, including the appointment of two more commissioners, to address these concerns. Most recently, we wrote to the Justice Minister, the Taoiseach and the Minister for Finance to say that this continuing infringement of fundamental rights would also have an economic cost. While the current logic runs that keeping Big Tech onside and in Dublin brings economic benefits, we argue that Ireland is being bypassed as a global regulatory centre because of its failure to enforce the rules.
Already other European data protection bodies are side-stepping Dublin’s authority to enforce the GDPR. There was huge disquiet among these bodies at the meagre fine of €450k the DPC issued against Twitter just before Christmas. The Dublin location of the one-stop shop proposed by the Digital Services Act now hangs in the balance.
The LIBE is expected to formalise its draft motion at a meeting this afternoon.
ENDS/
Full text of statement from LIBE:
https://www.europarl.europa.eu/meetdocs/2014_2019/plmrep/COMMITTEES/LIBE/RE/2021/02-04/1222135EN.pdf
Watch today’s Committee meeting:
https://www.europarl.europa.eu/committees/en/libe/home/highlights
Letter from ICCL to Minister for Justice, Taoiseach and Minister for Finance: https://www.iccl.ie/news/iccl-alerts-irish-government-of-strategic-economic-risk-from-failure-to-uphold-the-gdpr/
The Irish Council for Civil Liberties (ICCL) is Ireland’s oldest independent human rights campaigning organisation. We monitor, educate and campaign to secure human rights for everyone in Ireland.
For comment: Dr Johnny Ryan, Senior Fellow ICCL
For media queries: sinead.nolan@iccl.ie