ARTICLE
20 February 2013

Irish Data Protection Commissioner To Audit Major Social Media Companies

M
Matheson

Contributor

Established in 1825 in Dublin, Ireland and with offices in Cork, London, New York, Palo Alto and San Francisco, more than 700 people work across Matheson’s six offices, including 96 partners and tax principals and over 470 legal and tax professionals. Matheson services the legal needs of internationally focused companies and financial institutions doing business in and from Ireland. Our clients include over half of the world’s 50 largest banks, 6 of the world’s 10 largest asset managers, 7 of the top 10 global technology brands and we have advised the majority of the Fortune 100.
The Irish Data Protection Commissioner has stated his intention to carry out scheduled audits of major social media companies that have operations in Ireland.
Ireland Media, Telecoms, IT, Entertainment

The Irish Data Protection Commissioner (the "DPC") has stated his intention to carry out scheduled audits of major social media companies that have operations in Ireland. Commissioner Billy Hawkes said that many such companies had their European headquarters in Ireland and therefore they fell under his jurisdiction as Irish Data Protection Commissioner He added that Ireland had a significant responsibility to the rest of Europe in this regard.

Under the Data Protection Acts 1998 and 2003, the DPC has powers to carry out data protection audits and inspections to ensure compliance with the law and to identify possible breaches.  Each year the Commissioner decides the office's target sectors for audit for that year.  Scheduled audits are intended to provide some forewarning to the operators in the sector and to give them an opportunity to address any perceived issues and perhaps to commence engagement with the DPC's office.

The DPC plans to conduct a scheduled audit of a leading international social media company this year and we understand the DPC is in discussions with the company in relation to when that will commence and the scope of that audit. Whilst the DPC's staff numbers and budget have increased in anticipation of more audits, we would nonetheless anticipate that the audits will be undertaken one at a time rather than in parallel with each other.  

The DPC's comments come in the wake of the widely-publicised Facebook audit undertaken by his office. Facebook has clearly benefited from the DPC audit because it has given it a "clean bill of health" from a data protection perspective. The DPC's audit of Facebook also demonstrated that their business model is sustainable from a data protection perspective, thus underlining the importance of data protection compliance as a driver of shareholder value.

In our recent e-zine, which we dedicated to data protection to coincide with Global Data Protection Day on 28 January, we referenced the Facebook audit, DPC audits in general, the forthcoming Data Protection Regulation and more. You can view our full ezine here. We also marked Global Data Protection Day with a breakfast seminar on 28 January featuring guest speaker Irish Data Protection Commissioner Billy Hawkes. 

You can view video excerpts from the seminar here.

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.

Mondaq uses cookies on this website. By using our website you agree to our use of cookies as set out in our Privacy Policy.

Learn More