Submission to Irish Dept of Justice re: Data Protection Regulation

Castlebridge prepared this submission to the Irish Department of Justice based on our review of the EU Commission's proposed text for the EU Data Protection Regulation.

In our submission we raised comments and concerns about:

  • Disconnected emphasis in Governance, with Data Protection Officers being placed under high burdens while Data Protection Authorities were potentially under resourced or inappropraitely resourced.
  • The role of the Data Protection Officer
    • Measures to ensure independence and to protect DPOs against liability or prejudicial actions by their employers simply for doing their jobs to the best of their abilities
    • The need to have a standardised, quality assured, training syllabus for Data Protection Officers
  • The risk of "double jeopardy" for Data Controllers in the "One Stop Shop" mechanism
  • The issues surrounding biometrics
  • The role of Privacy Impact Assessments and the exemptions that were proposed for Public Authorities in "the Public Interest"

This was just one of a number of Regulatory submissions that we were involved in preparing, with submissions from a number of other Irish organisations either being written by Castlebridge for clients, or having had direct input from us as participants in working groups.