Data commissioner ‘entirely unsatisfied’ with departments’ oversight policies
Mr Hawkes said he was “entirely unsatisfied” with the oversight arrangements which operate in many Government departments.
Addressing a conference on data protection in Dublin, he singled out the Department of Social Protection for criticism over the quality of its data governance.
He expressed concern about the leaking of data by parts of the public sector, particularly to private investigators. He said knowledge of an individual’s PPS number facilitated the leakage of such personal information.
Mr Hawkes said everyone should be concerned about how many organisations failed to treat the issue of data protection seriously.
A record number of 44 audits were carried out last year with a major audit of Apple’s base in Cork due to take place in 2014.
A major audit of data protection compliance by An Garda Síochána is due to be published soon which will include an examination of how records are accessed on the Pulse system.
Mr Hawkes said he has always been concerned about how the public service handles personal information because of the amount of data citizens are obliged to hand over to state bodies.
The conference, which was held to mark European Data Protection Day, heard there had been a notable trend towards an increase in the collection and sharing of such data without a corresponding focus on data security and governance.
Mr Hawkes said that proportionality must apply where the collection and sharing of personal information is justified. However, he stressed it needed to be accompanied by “clear oversight arrangements”.
He urged those in the public service responsible for data protection compliance to gear up their operation to ensure stricter enforcement of both existing and future legislation.
He expressed hope that revelations by NSA whistleblower Edward Snowden and a recent court case brought by Digital Rights Ireland would help to strike a better balance between data protection rights and the need for surveillance.
He also welcomed the results of a recent survey commissioned by his office which showed the privacy of personal information was considered more important than the protection of consumer rights or ethics in public office.
Irish people regard their medical records as the most important information in terms of privacy followed by records of their financial history and their PPS number.
Some 65% felt they bore the main responsibility for protection of their personal information when on social networks — the highest rate for any EU nationality.
Mr Hawkes said such a finding might explain why few complaints received by his office related to internet companies.
