The Data Protection Commissioner Billy Hawkes has warned that while the number of complaints around data protection is still considerably high, the amount of people complaining about intrusive unsolicited text messaging, marketing letters and spam is on the decline.
In his annual report looking back on 2008, Commissioner Hawkes (pictured) said the development reflects increased awareness of data protection obligations among service providers in the sector and the impact of prosecutions that have been taken.
However, the Commissioner made it clear that there have been occasions, despite amicable attempts to resolve issues, when he has had to resort to taking businesses to court for infringing people’s rights under the Data Protection Acts 1988 and 2003.
He said that the number of data-security breaches has declined due to increased awareness in both private and public sectors. Some 36 of the organisations reporting data-security breaches in 2008 were private-sector organisations and 21 were from the public sector.
About half of the organisations that reported breaches could be classified as large organisations (100 staff or more). Breaches reported by these organisations most commonly related to failures to properly protect data on laptops or other devices, errors in automatic mailing systems, insufficient staff access controls and inadequate direct marketing controls.
The Data Protection Commissioner’s report also provided updates on intensive audits of data security at the Department of Social and Family Affairs over inappropriate access of personal information on citizens provided to insurance companies.
Among cases broken down in the Commissioner’s Annual Report were breaches of the Data Protection Acts related to a marketing postcard campaign launched by the insurance company 123.ie to promote its home insurance product.
Alleged unsolicited premium-rate text messages sent by Interactive Voice Technologies (IVT) were also investigated and a substantial donation to charity was made as part of an amicable resolution.
Total Fitness Ireland and the use of legal powers to ensure compliance with an access request is included in the Commissioner’s report, while BuyAsYouFly and a failure to respect opt-outs from direct marketing by email was also investigated.
Tesco was investigated over the alleged resale of an Apple iPod containing a customer’s personal data, while Dell was investigated for unsolicited marketing faxes.
By John Kennedy
Pictured: Data Protection Commissioner, Billy Hawkes