| Data Protection Commission

Who We Are

Irish DPC submits Article 60 draft decision on inquiry into Instagram

07th December 2021

The Data Protection Commission (DPC) submitted a draft decision in an inquiry into Instagram to other Concerned Supervisory Authorities across the EU on Friday last, December 3rd. This inquiry was commenced in September 2020 and it examined certain processing of the personal data of children by Facebook Ireland Limited in the context of the “Instagram” social networking service. ...

Read more about Irish DPC submits Article 60 draft decision on inquiry into Instagram

Statement from DPC regarding allegations made in media publications on 05 and 06 and 07 December

07th December 2021

There has been considerable media coverage in recent days, alleging that the Data Protection Commission (DPC), acting in bad faith on foot of meetings it held with Facebook as part of its regulatory role, “lobbied” the European Data Protection Board (EDPB) with a view to achieving the adoption of guidelines by the EDPB on Article 6(1)(b) GDPR (‘necessity for the performance of a contract’), in ...

Read more about Statement from DPC regarding allegations made in media publications on 05 and 06 and 07 December

DPO enforcement programme – an additional 170 organisations brought into compliance

26th November 2021

The Data Protection Commission has successfully completed the most recent stage in its Data Protection Officer (DPO) enforcement programme, aimed at improving compliance with Article 37 of the GDPR. ...

Read more about DPO enforcement programme – an additional 170 organisations brought into compliance

"Children Front and Centre: Fundamentals for a Child-Oriented Approach to Data Processing”: Report on Public Consultation

19th November 2021

In December 2020, the Data Protection Commission (“DPC”) published draft guidance entitled “Children Front and Centre: Fundamentals for a Child-Oriented Approach to Data Processing” (the “Fundamentals”). ...

Read more about "Children Front and Centre: Fundamentals for a Child-Oriented Approach to Data Processing”: Report on Public Consultation

Summary of Breach Notification Form Changes

05th November 2021

Further to our communication regarding the changes relating to the breach notification form, we would like to provide further information on the requirements of the new form. To assist Data Controllers to prepare for same, the following information is being provided. ...

Read more about Summary of Breach Notification Form Changes

Confirmation of Fine – Twitter International Company

18th October 2021

The Irish Data Protection Commission (DPC) today had the decision to impose an administrative fine on Twitter International Company confirmed in the Dublin Circuit Court. The application to confirm the decision to impose an administrative fine of €450,000 was made pursuant to Section 143 of the Data Protection Act 2018. ...

Read more about Confirmation of Fine – Twitter International Company

Data Protection Commission Statement on Budget 2022

12th October 2021

Commissioner Helen Dixon welcomes the increased funding of €4.1 million, as the Data Protection Commission ramps up enforcement of EU data protection law ...

Read more about Data Protection Commission Statement on Budget 2022

Data Protection Commission statement concerning Facebook View (glasses)

17th September 2021

Facebook Ireland introduced a new wearable technology product - Facebook View - in collaboration with Ray-Ban glasses in Ireland and Italy this week. Using voice-activated controls, it allows a wearer of the glasses to record short videos and take photos for posting on social media. ...

Read more about Data Protection Commission statement concerning Facebook View (glasses)

Overview of the upcoming new breach notification web-forms

15th September 2021

The DPC has carried out a review of the breach web-forms currently being used by data controllers to notify personal data breaches in accordance with Article 33 of the GDPR and Section 86 of the Data Protection Act 2018. On foot of this review, data controllers will be required in the coming weeks to use a revised web-form. The purpose of the revised breach web-form is: ...

Read more about Overview of the upcoming new breach notification web-forms

DPC launches two inquiries into TikTok concerning compliance with GDPR requirements relating to the processing of childrens’ personal data and transfers of data to China

14th September 2021

The Data Protection Commission (DPC) has today commenced two own-volition inquiries pursuant to section 110 of the Data Protection Act 2018 in relation to TikTok Technology Limited’s (TikTok) compliance with requirements of the GDPR. ...

Read more about DPC launches two inquiries into TikTok concerning compliance with GDPR requirements relating to the processing of childrens’ personal data and transfers of data to China