Hawkes said that he had concerns about the way that personal data is handled by public service bodies.
“I would mention here again particular concern about data leakage from parts of the public sector, particularly to private investigators. Investigations we have carried out have also shown that knowledge of the person’s Personal Public Service (PPS) number greatly facilitates such leakage, it underlines again the need to treat the PPNS with the care that it deserves.”
“I have always had a particular concern as commissioner,” said Hawkes, “about the public services’ handling of personal data, not least because as citizens we are often obliged by law to hand over such data. We have noted an increasing tendency to expand the scope of such collection and sharing of data without a corresponding focus on data security and data governance.
“I believe that as citizens, we should be mindful that proportionality is seen to apply in this area and that where collection and sharing can be justified in the public interest it should be accompanied by clearer oversight arrangements.
“And I must make clear I am entirely unsatisfied with the oversight arrangements that apply in parts of the public sector, particularly as regards data originating in the Department of Social Protection.”
Hawkes said that overall, the area of privacy and data protection faces some interesting conundrums in the balance of privacy, protection and the benefits of convenience and social interaction.
“We continue to devote significant resources to our audit activity,” said Hawkes. “It is a particularly useful tool when dealing with the complex issues thrown up by international internet companies which have established their global headquarters in Ireland. Following on our audit of Facebook Ireland, our follow up audit as well, we are nearing completion of an audit of LinkedIn Ireland. We expect during the year to move on to audit other companies in this area, such as Apple Ireland.”
The DPC is also continuing its domestic organisation audits, and will soon publish a major audit of An Garda Síochána.
This is resource intensive, said Hawkes, and options are being explored for a balance of internal resources, outsourcing and self-certification.
Mark Rasdale of law firm A&L Goodbody highlighted several other issues that are coming down the line in this field. Rasdale described how the rapidly developing field of augmented reality, as represented by devices and services such as Google Glass, may soon further complicate privacy and data protection. For example, the Face to Data (f2D) concept could mean that a person wearing a device such as Google Glass could use facial recognition to identify a person encountered in public, resolve all available data on that person and use that to post online material, all without either the knowledge or consent of the subject.
TechCentral Reporters
Subscribers 0
Fans 0
Followers 0
Followers