The Law Enforcement Directive (LED) differs from the General Data Protection Regulation (GDPR) in that the LED is a directive that was transposed into Irish law by way of the Data Protection Act 2018 under Part 5; note also that Part 6 of the Data Protection Act 2018 provides for enforcement of both the LED and the GDPR.

The LED applies to personal data that is processed by organisations (deemed to be ‘competent authorities’) for law enforcement purposes. The purposes for such data processing includes the prevention, detection, investigation and prosecution (PDIP) of criminal offences, or the execution of criminal penalties.

The LED can also vary from the GDPR where an individual’s data protection rights (right to access etc.) are concerned. The LED can afford organisations greater restrictions to be placed on one’s data protection rights to avoid prejudice or obstruction in potential legal proceedings and to protect freedoms and national security.