Data Protection Commission statement on increased funding of €1.6 million in 2020 Budget

09th October 2019

  • Total 2020 funding increased by €1.6 million to €16.9 million.
  • Additional funding received is less than a third of the funding requested in the DPC’s budget submission.

The Data Protection Commission (DPC) has today acknowledged the additional funding of €1.6 million allocated to the regulator, announced by the Government in Budget 2020. The increase in funding for 2020 brings the total funding allocation for the DPC to €16.9 million, representing an 11% increase on the 2019 allocation.

The Commissioner for Data Protection, Helen Dixon, in commenting on the funding received acknowledged the Brexit challenges in this Budget but stated that, “the DPC is disappointed that the additional funding allocated is less than one third of the funding that the DPC requested in its budget submission. The submission reflected a year of experience of regulating under the General Data Protection Regulation (GDPR) and highlighted the increased volumes and complexities involved. The DPC must now reassess its planned expenditure for 2020, particularly in relation to foreseen “non-pay” expenditure for which the DPC has received a zero increase in allocation.”

Since the application of the GDPR on 25 May 2018, the DPC has seen a significant increase in workload. Since 1 January 2019, over 7,000 complaints and almost 5,000 breach notifications have been received. The office has been contacted by members of the public and organisations seeking guidance over 40,000 times in the same period.

Increases in funding in recent years have allowed the DPC to recruit additional staff with various specialist backgrounds towards meeting the demands of the tasks assigned under the GDPR, bringing staffing levels to 138 at present. This funding was critical given the low base from which the DPC started in 2015 to prepare for the new EU regulation which includes the Irish DPC acting as EU lead supervisory authority in respect of the many global technology multinationals with European headquarters in Ireland. This lead EU regulatory role places the DPC at the front line of global data protection regulation.