On 3 April 2019, the Joint Committee on Justice and Equality met to discuss the implementation of the GDPR with Ms Anna Morgan (Deputy Commissioner), Ms Jennifer O’Sullivan (Deputy Commissioner), and Mr Cathal Ryan (Assistant Commissioner). The Commissioners discussed a range of issues, including the enforcement powers used by the Data Protection Commission (DPC) post-GDPR, the difficulties with verifying parental consent in relation to the provision of information society services to children, and the DPC’s experience of resolving…

The Government Chief Whip, Seán Kyne TD, has published the Government’s legislation programme for Summer 2019.  The updated programme follows on from the special programme launched in January 2019 which focused on Brexit. We have set out below the key data protection and technology-related legislation coming down the tracks. Priority Legislation Communications (Retention of Data) Bill –  This Bill will repeal and replace the Communications (Retention of Data) Act 2011 which requires data generated by…

The EDPB has published its first review of the implementation of the GDPR, in particular the functioning of the cooperation and consistency mechanism. The GDPR requires EU Data Protection Supervisory Authorities (SAs) to cooperate in order to provide a consistent application of the GDPR. The EDPB concludes that nine months after the entry into force of the GDPR, the cooperation and consistency mechanism is working well. All one-stop-shop cases have so far been resolved…

The European Data Protection Board (EDPB) has adopted an Opinion on the interplay of the e-Privacy Directive 2002/58 with the GDPR. The Opinion was adopted in response to a request made by the Belgian Data Protection Authority (DPA) to clarify: (i) the material scope of the e-Privacy Directive and the GDPR; (ii) the interplay of each set of rules and extent to which processing can be governed by both; (iii) the competence, tasks and powers…

The Advocate General of the Court of Justice of the EU (CJEU) has delivered an Opinion in the Planet49 case (Case C-673/17), finding that a pre-ticked checkbox giving consent for cookies does not constitute valid consent under the e-Privacy Directive 2002/58 read in conjunction with the Data Protection Directive 95/46 or the GDPR.…

The Data Protection Commission (DPC) has published its Annual Report for 25 May-31 December 2018. As always, the Report reveals some interesting statistics and case studies. In the coming months, the DPC expects to conclude a number of statutory inquiries, which it launched in 2018, into multinational technology companies with EU headquarters situated in Ireland. The DPC anticipates that the conclusion of those inquiries will provide precedents for better implementation of the principles of…