The highly anticipated text of the Irish Data Protection Bill 2018 has been published.
The Bill supplements and gives further effect under Irish law to the General Data Protection Regulation (2016/679) (the 'GDPR') as well as the Law Enforcement Directive (2016/680) and, for the most part, repeals the current Data Protection Act 1998 and 2003. While still subject to amendments by the Oireachtas before enactment, this update explores the boundaries of the current text of the Bill and points out key provisions under it.
Key points of the Bill are the particulars of the establishment of the Data Protection Commission, the setting out of certain restrictions to data subject rights and details on how the Regulation will be enforced, including the powers of the Commission to inspect and investigate and impose administrative fines as well as personal liability in some cases for contravening requirements.
The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.