The Gazette 1990

GAZETTE

A PRIL 1990

The Data Protection Commis- sioner states that, so far, the number of formal complaints received is small. The approach the Commissioner has adopted is to deal with each complaint as informally as possible in the first instance. This means contacting the data controller concerned, re- questing his observations and asking him for assistance in re- solving the complaint. The pattern of most of the complaints received for the period ending December 31, 1989 indicates a misunderstanding of the law rather than any deli- berate policy of infringing privacy rules. However, the Commissioner has stated that some complaints reveal that certain data controllers are rather casual about their obli- gations. This was particularly the case in the area of credit informa- tion and credit ratings. The Data Protection Act, 1988, the Com- missioner stresses, has as im- portant a role to play in the area of credit as in any other areas as a means of ensuring that personal information kept about individuals is obtained and processed fairly, is accurate, relevant, and up-to-date. REPORT OF MAR T IN C OMM I T T EE TO ENQU I RE I NTO CERTA IN ASPEC TS OF CR I M I NAL PROCEDURE The Committee appointed by the Minister for Justice and Minister for Communications, Mr. Ray Burke T.D. in November 1989 and chaired by His Honour Judge Frank Martin published its report in March 1990. The members of the Committee were Mr. Henry Abbott BL, Mr. Edwin Alkin BL, Office of the Attorney General, Mr. Hugh Sreenan, Assistant Commissioner, Garda Síochána, Mr. Patrick Terry, Depart- ment of Justice, and Mr. Frank Ward, Solicitor. Mr. Paul Murray, Department of Justice, acted as secretary to the Committee. The Report states in its intro- duction that it is an unfortunate but undeniable fact that over the years miscarriages of justice have taken place from time to time. As long as human nature remains fallible, there can be no guarantee that no miscarriages of justice will occur in the future.

LAWBR I EF Edited by/Eamonn G. Hall, Solicitor.

DATA PROT EC T I ON The first annual report of the Data Protection Commissioner, Mr. Donal C. Linehan for the period ending 31st December 1989 is available from the Office of the Data Protection Commissioner, Earl Court, Adelaide Road, Dublin 2, (telephone 01-765622). In the re- port Mr. Linehan states that unlike many national data protection laws, which require all who keep or process personal data to have a licence or to be registered, the Irish Act opts for a system of selective registration under which only cer- tain selected categories of persons have to register. These include public sector bodies, financial in- stitutions, insurance companies, data controllers whose business consists wholly or mainly in direct marketing, providing credit refer- ences or collecting debts, data controllers who keep personal data relating to racial origin, political opinions, religious or other beliefs, physical or mental health, sexual life or criminal convictions. Data processors whose business consists wholly or partly in pro- cessing personal data for data controllers are also required to register. The information in the public register includes, in general, the kind of personal data kept, the purposes for which they are kept and the persons to whom the data may be disclosed. Members of the public are en- titled to inspect the register free of charge at the Office of the Data

Protection Commissioner, Earl Court, Adelaide Road, Dublin 2 at any time during office hours. Any individual person who be- lieves that a data controller keeps personal data on computer (the data need not necessarily refer to him) is entitled to ask that data controller if he keeps such data. If he does, the individual is entitled to be given a description of the data and to be told the purposes for which the data is kept. This information must be supplied free of charge within 21 days. The main access provision re- lates to the right of an individual to ask a data controller if the data kept by him includes personal informa- tion about that individual and, if that be the case, to be given a copy of such information within 40 days. The data controller can ask for any reasonable information to satisfy himself about the identity of the individual. He is also entitled to ask for information to help in locating the information sought. The Data Protection Commis- sioner emphasised that many people felt that only those required to register are subject to the Data Protection Act, 1988. The Com- missioner states that the Act applies to all who keep personal data on computer. Thus, for ex- ample, all data controllers must obtain the information they hold fairly, ensure that it is accurate and up to date, and respond to access requests from those about whom they keep such information.

134