As the phone-hacking scandal in the UK continues to escalate, we turn our attention to some relevant Irish law considerations.
The unauthorised accessing of mobile phone users’ voicemails would be a clear breach of the Data Protection Acts 1988 and 2003 (the DP Acts). In addition to civil liability, it is a criminal offence to obtain unauthorised access to personal information and to disclose it to a third party. As the DP Acts only apply to information about living individuals, there is no recourse under this legislation for the families of deceased victims of phone-hacking.
Although the Data Protection Commissioner has stated that his office has not received complaints about potential voicemail hacking in Ireland, he initially proposed to mobile operators that remote access to voicemail should be removed, unless a customer specifically requested it. For further information, click here. The Commissioner recently welcomed various steps taken by mobile operators to ensure voicemail is appropriately protected, for instance requiring customers to reset the default pin.
The Electronic Privacy Regulations
The new e-Privacy Regulations introduced in July 2011 require providers of electronic communication services to implement safeguards ensuring data is accessed only by authorised persons. Security breaches must be notified to subscribers without delay. It is arguable that this will require those telephone operators currently applying default passwords to voicemail services to alert customers about the unsecure nature of their data and potential vulnerability to hacking.
A further criminal sanction is provided by the Postal and Telecommunications Services Act 1983 (the 1983 Act). It is an offence to intercept telephone data, including listening to, recording, or acquiring the substance of a telecommunications message without consent. Given that the 1983 Act was drafted to apply to messages in the course of transmission, it is arguable that stored messages, like voicemails, are not included. On the other hand, it could be argued that the unauthorised accessing of a voicemail itself gives rise to a new transmission for which there is no consent. Given the huge leaps forward in communications technology since the 1983 Act was first introduced, perhaps it is no surprise that there is a lack of clarity on how that legislation would apply to technologies which simply did not exist in 1983.
Contributed by John Magee.
Back to Legal News