Data complaints to be investigated

The Office of the Data Protection Commissioner has confirmed it will begin examining allegations that data from Irish Facebook users has been passed on to the US National Security Agency (NSA).

The move follows an official complaint from the Europe v group. A similar complaint, regarding Apple, was also lodged and follows the disclosure by former NSA contractor Edward Snowden of the NSA’s role in compiling individuals’ data as part of an operation known as Prism.

Europe V has launched actions against the European subsidiaries of Facebook, Apple, Microsoft, Skype, and Yahoo.

As Facebook and Apple are based here, the actions were lodged in Ireland.

The group claims the legal actions are on foot of alleged co-operation by Facebook and others with the US under Prism — primarily through the transfer of user data from its European subsidiaries to its American parent, with the information than allegedly passed on to the NSA.

Yesterday, a spokeswoman for the Office of the Data Protection Commissioner confirmed the complaints had been received.

“We are investigating it in accordance with our normal complaints procedure.”

She said the complaints related to a “legally complex area”, adding the office had also received some queries from members of the public over the security of online data following the Snowden revelations.

Europe V had previously lodged 22 complaints against Facebook in Ireland over what it said were breaches of basic privacy rules.

The Office of the Data Protection Commissioner has carried out two audits of Facebook, in 2011 and 2012, making recommendations as to how the company could become compliant with data protection rules.

Following the audit last year, the commissioner said he was satisfied with the steps taken by the company.

It is understood the claims involving Apple relate to iMessage and iCloud, although a spokesman for the group said they did not know and simply wanted it investigated.

At the centre of the Europe V claims, is the issue of EU data protection law and whether it is being adequately observed.

In a statement, the group said: “If a European subsidiary sends user data to the American parent company, this is considered an ‘export’ of personal data. Under EU law, an export of data is only allowed if the European subsidiary can ensure an ‘adequate level or protection’ in the foreign country. After the recent disclosures on the Prism programme such trust in an ‘adequate level of protection’ by the involved companies can hardly be upheld.”

© Irish Examiner Ltd. All rights reserved

More in this Section

Pub gets red card for illegal showing of Sky soccer games

Limerick man was en route to Iraq to fight IS

Coach driver suffered heart attack while driving CIT’s camogie team

42 babies born to girls age 15 and under in 2015

Breaking Stories

Gardaí make arrest after six separate raids in three counties that unearth illegal drugs

Colum Eastwood becomes first SDLP leader to address UUP conference

Government urged to help keep Northern Ireland within EU

Gardaí release 'notable detections' as 341 drivers caught speeding on National Slow Down Day


4 sherry recipes for special occasions

Graham Norton on life off camera and his debut novel Holding

Remembering the iconic Audrey Hepburn

Malta, Italy, is a gem in the heart of the Med

More From The Irish Examiner