Greetings from New Hampshire!
I write to you from the other side of the pond, where I am spending the week with IAPP global.
The smaller EU member states have been very active of late in the privacy space; I referenced Belgium’s as well as The Netherlands’ enforcement intent recently. This week, it's Ireland again in the spotlight. Ireland Office of the Data Protection Commissioner (ODPC) published its annual report on Tuesday, the first with Privacy Commissioner Helen Dixon at the helm, outlining the ODPC’s activities for 2014. The report details a surge in reported data breaches during 2014, as companies and institutions declared more and more errant use of data. Nine prosecutions for data protection offences were actioned; 38 audits carried out, and the ODPC received 960 complaints related to data privacy issues.
Historically, the country’s low corporate tax rates—in large part—have made it the first port of call for American firms looking toward international expansion. This did not escape the digital “new kids on the block”; the likes of Facebook, Twitter and Apple have all established their non-U.S. headquarters in Ireland. This of course has had a far-reaching and positive impact on the Irish economy and, in particular, created an important EU role for the nation’s data protection authority.
The Irish position has been viewed contentiously in other parts the EU, as a number of other European regulators have launched investigations of their own into the data practices of American tech firms. Some European policy-makers would have you believe that the presence of tech giants in Ireland is due to a perceived lax stance on privacy policing and enforcement. I would, on the other hand, tend to suggest that Ireland is a rather attractive place to do business in general, taking into consideration a broad range of parameters. One only has to look at the relative success of other industry investments to see this. The debate is a sensitive one for multiple reasons, and, understandably, there are questions being asked.
Dixon, Ireland’s privacy chief, says the country’s central role in the EU’s tough data protection rules is unlikely to change. “Ireland will be the leading regulator when dealing with U.S. tech companies,” Dixon said. “We want to work actively with other regulators. But we will be the lead.”
Ireland’s regulator has planned additional audits of tech firms this year as a matter of good governance and in a continued effort to ensure EU’s data rules—not to imply any particular wrongdoing per se. With the recent doubling of resources, and a geographical proximity to the tech decision-makers, it seems that Ireland is standing by its statements.
If you want to comment on this post, you need to login.