Data complaints to be investigated

The Office of the Data Protection Commissioner has confirmed it will begin examining allegations that data from Irish Facebook users has been passed on to the US National Security Agency (NSA).

The move follows an official complaint from the Europe v group. A similar complaint, regarding Apple, was also lodged and follows the disclosure by former NSA contractor Edward Snowden of the NSA’s role in compiling individuals’ data as part of an operation known as Prism.

Europe V has launched actions against the European subsidiaries of Facebook, Apple, Microsoft, Skype, and Yahoo.

As Facebook and Apple are based here, the actions were lodged in Ireland.

The group claims the legal actions are on foot of alleged co-operation by Facebook and others with the US under Prism — primarily through the transfer of user data from its European subsidiaries to its American parent, with the information than allegedly passed on to the NSA.

Yesterday, a spokeswoman for the Office of the Data Protection Commissioner confirmed the complaints had been received.

“We are investigating it in accordance with our normal complaints procedure.”

She said the complaints related to a “legally complex area”, adding the office had also received some queries from members of the public over the security of online data following the Snowden revelations.

Europe V had previously lodged 22 complaints against Facebook in Ireland over what it said were breaches of basic privacy rules.

The Office of the Data Protection Commissioner has carried out two audits of Facebook, in 2011 and 2012, making recommendations as to how the company could become compliant with data protection rules.

Following the audit last year, the commissioner said he was satisfied with the steps taken by the company.

It is understood the claims involving Apple relate to iMessage and iCloud, although a spokesman for the group said they did not know and simply wanted it investigated.

At the centre of the Europe V claims, is the issue of EU data protection law and whether it is being adequately observed.

In a statement, the group said: “If a European subsidiary sends user data to the American parent company, this is considered an ‘export’ of personal data. Under EU law, an export of data is only allowed if the European subsidiary can ensure an ‘adequate level or protection’ in the foreign country. After the recent disclosures on the Prism programme such trust in an ‘adequate level of protection’ by the involved companies can hardly be upheld.”

© Irish Examiner Ltd. All rights reserved

More in this Section

Enda Kenny warns nurses that strike ‘will not help anyone’

Expert calls for Garda unit to tackle online terrorist radicalisation and recruitment

Bank inquiry forced to dump key sections to get report out before general election

Cork man, 25, charged with mum’s murder

You might also like

Breaking Stories

Irish Water set aside €2bn to deal with sewage issues

Security alert issued in Derry

International White Ribbon Day raises awareness of domestic abuse

Elderly man dies in Dublin house fire


Gay Byrne was a canny operator who allowed women be heard

Shopping for classic clothes with vintage queen extraordinaire Irene O’Brien

Johnny Depp is looking like the real gangster James ‘Whitey’ Bulger in Black Mass

GAEMTECH: Games Mania are bringing retro consoles and games back into the mainstream

More From The Irish Examiner