With the General Data Protection Regulation (GDPR) coming into effect in May 2018, a new Data Protection Bill 2017 is being drafted to ensure Ireland is fully compliant with the new regime. A General Scheme of the bill was recently released by the Government and is expected to undergo pre-legislative scrutiny during the summer 2017 legislative programme, according to the Office of the Government Chief Whip.
Future “resource intensive” cases on horizon
This General Scheme acknowledges that there is a likelihood of “resource intensive” cases on the horizon due to the large amount of multinational companies based in Ireland and the requirement for a one-stop-shop mechanism for data protection under GDPR. For this reason the General Scheme outlines that Irish legislators will need to ensure the Office of the Data Protection Commissioner is adequately resourced and should conduct an “examination of the need to make provision for the appointment of additional commissioners” in order to tackle the “anticipated additional workload arising from the GDPR”. Additionally these additional Commissioners (which will not exceed three) would then serve under one “Chairperson Commissioner” with all three of them having a shared responsibility to “act as the supervisory authority for the purposes of the GDPR” under a newly reorganised Data Protection Commission.
The General Scheme will now undergo pre-legislative scrutiny and then cabinet approval before being sent to the Oireachtas for consideration, meaning there is still significant scope for change.
What is clear at this early stage though is that Irish legislators intend to amplify the existing data protection powers ahead of the GDPR coming into effect to ensure the Irish office is adequately resourced to handle its considerable responsibility.
This is the first article in a series on the General Scheme for the Data Protection Bill 2017.
For further information, visit William Fry’s dedicated website to the GDPR, PrivacySource, which includes in-depth analysis and practical tips on preparing for the GDPR.
Contributed by David Cullen