Comments on: Data Retention – Should it be left to a private agreement between the State and Telcos? http://www.digitalrights.ie/2009/09/25/data-retention-should-it-be-left-to-a-private-agreement-between-the-state-and-telcos/ Civil, Legal and Human Rights in a Digital Age Fri, 23 Jul 2010 13:08:53 +0000 http://wordpress.org/?v=2.9 hourly 1 By: Francis Kirby http://www.digitalrights.ie/2009/09/25/data-retention-should-it-be-left-to-a-private-agreement-between-the-state-and-telcos/comment-page-1/#comment-127090 Francis Kirby Fri, 26 Mar 2010 12:44:16 +0000 http://www.digitalrights.ie/?p=223#comment-127090 The interplay between the Data Protection Acts and the FOI Acts is very relevant. The Data Protection Commissioner uses a very broad concept of “personal data”. The Information Commissioner uses a very narrow concept of “personal information”. As the FOI Acts override the Data Protection Acts, “personal data” which is protected by the Data Protection Acts can be released using the Information Commissioner’s very narrow concept of “personal information”. The Oireachtas could not have intended to give protection to a broad concept of “personal data” only to have that protection removed by the Information Commissioner’s narrow interpretation of “personal information”. Furthermore the Data Protection Acts apply to public bodies AND non-public bodies. The FOI Acts apply only to public bodies. So, while “personal data” in non-public bodies is fully protected, “personal data” in public bodies is not fully protected because of the Information Commissioner’s very narrow concept of “personal information”. The Oireachtas could not have intended that scenario. The interplay between the Data Protection Acts and the FOI Acts is very relevant.

The Data Protection Commissioner uses a very broad concept of “personal data”.

The Information Commissioner uses a very narrow concept of “personal information”.

As the FOI Acts override the Data Protection Acts, “personal data” which is protected by the Data Protection Acts can be released using the Information Commissioner’s very narrow concept of “personal information”.

The Oireachtas could not have intended to give protection to a broad concept of “personal data” only to have that protection removed by the Information Commissioner’s narrow interpretation of “personal information”.

Furthermore the Data Protection Acts apply to public bodies AND non-public bodies. The FOI Acts apply only to public bodies.

So, while “personal data” in non-public bodies is fully protected, “personal data” in public bodies is not fully protected because of the Information Commissioner’s very narrow concept of “personal information”. The Oireachtas could not have intended that scenario.

]]>