Third of Irish data controllers unfamiliar with law

18 Apr 2008

A third (33pc) of people responsible for data protection within Irish companies are “not really familiar” with data protection law, a new survey has found.

The Eurobarometer survey on Data Protection in the EU found that just 16pc of Irish data controllers felt they were “very familiar” with the data protection legislation in this country, while 42pc indicated they were “somewhat familiar”.

Across the EU, almost a third (30pc) of people responsible for data protection within companies said they are “not really familiar” with the provisions of national data protection legislation.

Just 13pc of data controllers within EU companies said they are “very familiar”, with 56pc of respondents saying they are “somewhat familiar” with the law.

Half of the data controllers who participated in the survey said they believed national legislation could not cope with the increasing amount of personal information being exchanged, with only 5pc of respondents stating that the existing legislation concerning data protection was very well suited.

Some 56pc considered their respective national data protection laws to provide “medium” protection; 28pc considered the protection level of national law in this area “high”; and 11pc indicated they thought it was “low”.

Over a third (35pc) of data controllers felt the provisions of national data protection law were too strict.

Some 38pc thought there was sufficient harmonisation of data protection laws across member states to allow personal data to be freely exchanged within the EU; 33pc did not agree that there was sufficient harmonisation.

Just over half (52pc) of the data controllers interviewed throughout the EU stated that they used privacy enhancing technologies (PETs) in their company, while 14pc responded that they did not use PETs because they had never heard of them.

Irish data controllers were below the EU average for using PETs (44pc) while 16pc had never heard of them.

Just 3pc of EU respondents said their company had received complaints from individuals whose data was currently being processed.

The action most favoured by those polled to improve and simplify the implementation of the legal framework on data protection was the call for more harmonised rules on security measures (84pc in favour). The least favoured action (56pc) was the introduction of data protection legislation specific to each sector of activity.

A majority of respondents answered that it should be possible to monitor passenger flight details (80pc), telephone calls (70pc), internet (73pc) and credit card usage (69pc), if these actions served to combat terrorism.

Some 30pc of respondents stressed that only suspects should be monitored, however, while between 19pc and 30pc wanted more stringent safeguards for this monitoring to occur, such as it being supervised by the judiciary.

The survey polled 4,835 randomly selected data controllers throughout the 27 EU member states.

By Niall Byrne