EU ministers to consider warnings first, sanctions later, for data breaches

Irish data protection commission denies it is weak on sanctions

European Union justice ministers will consider a "two-strikes" rule for data breaches.

The Irish Presidency of the European Council on Monday published a paper on the protection of citizens' personal data that will be discussed at Justice and Home Affairs Council in Dublin on Thursday and Friday.

The paper asks European justice ministers to consider whether sanctions, such as fines, "should be optional or at least conditional upon a prior warning or reprimand."

According to European digital rights group EDRi, such a system would not protect citizens' fundamental rights. "Warnings would have to be issued first, after citizens' fundamental rights were abused, giving companies and state authorities carte blanche to breach our rights until -- at the earliest -- the data protection authority twice found a company to be in breach of the law. In other words, do what you want, the worst that can happen is that you will receive a warning," said the organization in statement on its website.

EDRi cited the case of the Irish Data Protection Commissioner's investigation into the Irish police force's PULSE database as an example of what can go wrong under such a plan. "Based on the current situation in Ireland, companies can do whatever they want with personal data, without fear of sanction," said the organization.

But the Irish Data Protection Commissioner's office on Tuesday strongly denied these allegations.

In 2007, the Irish Data Protection Commissioner (DPC) agreed to allow the Garda Síochána -- the Irish police force -- to self-regulate the operation of its database, which contains substantial amounts of private and sensitive information. However, despite several complaints to the DPC and official reports stating that abuses were taking place, the DPC waited until 2012 to audit the PULSE database.

EDRi said that "from what we can tell, the DPC chose yet again not to take enforcement action against the ongoing breaches of citizens' fundamental rights. In the meantime, we can only assume that the abuses continue unabated."

Police were accused of running background checks on people their family members are involved with and checking the accident history of cars they're thinking of buying. One police officer was found to have accessed personal data of her ex-boyfriend.

However the office of the DPC told IDG News Service on Tuesday that EDRi was incorrect in a number of respects. "This office has had continuous engagement with An Garda Síochána over the period with a result that significant improvements in data protection compliance have taken place. A rudimentary Internet search or perusal of this office's website would have indicated the actual actions taken. In the past year alone, this office has successfully taken 195 criminal prosecutions against 11 data controllers. As demonstrated by the above, if stronger action is warranted against any organization, it is taken," said spokeswoman Ciara O'Sullivan.

Follow Jennifer on Twitter at @BrusselsGeek or email tips and comments to jennifer_baker@idg.com.

Join the PC World newsletter!

Error: Please check your email address.

Tags business issueslegalgovernment

Our Back to Business guide highlights the best products for you to boost your productivity at home, on the road, at the office, or in the classroom.

Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Jennifer Baker

IDG News Service
Show Comments

Essentials

Microsoft L5V-00027 Sculpt Ergonomic Keyboard Desktop

Learn more >

Lexar® JumpDrive® S57 USB 3.0 flash drive

Learn more >

Mobile

Lexar® JumpDrive® S45 USB 3.0 flash drive 

Learn more >

Exec

Audio-Technica ATH-ANC70 Noise Cancelling Headphones

Learn more >

HD Pan/Tilt Wi-Fi Camera with Night Vision NC450

Learn more >

Lexar® JumpDrive® C20c USB Type-C flash drive 

Learn more >

Lexar® Professional 1800x microSDHC™/microSDXC™ UHS-II cards 

Learn more >

Budget

Back To Business Guide

Click for more ›

Most Popular Reviews

Latest News Articles

Resources

PCW Evaluation Team

Michael Hargreaves

Windows 10 for Business / Dell XPS

I’d happily recommend this touchscreen laptop and Windows 10 as a great way to get serious work done at a desk or on the road.

Aysha Strobbe

Windows 10 / HP Spectre

Ultimately, I think the Windows 10 environment is excellent for me as it caters for so many different uses. The inclusion of the Xbox app is also great for when you need some downtime too!

Mark Escubio

Windows 10 / Lenovo Yoga

For me, the Xbox Play Anywhere is a great new feature as it allows you to play your current Xbox games with higher resolutions and better graphics without forking out extra cash for another copy. Although available titles are still scarce, but I’m sure it will grow in time.

Kathy Cassidy

STYLISTIC Q702

First impression on unpacking the Q702 test unit was the solid feel and clean, minimalist styling.

Anthony Grifoni

STYLISTIC Q572

For work use, Microsoft Word and Excel programs pre-installed on the device are adequate for preparing short documents.

Featured Content

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?