Ireland fails to enforce EU data privacy law: A watchdog or lapdog?

October 4, 2021


2 min read

Sign up to our mailing list! 👇

What's going on here?

A recent report shows that Ireland’s data protection watchdog is failing to apply the EU’s privacy laws to US tech giants.

What does this mean?

Ireland’s failure to take action against these global companies is causing a bottleneck for the enforcement of EU data privacy law. The EU has strict rules regulating the use of personal data and has the power to levy harsh fines against anyone who violates its privacy law. This has led to repeated criticism from other countries and privacy campaigners. Statistics show that 98% of 164 significant complaints, which entails any unauthorised use of data,  about abuses of privacy are still waiting to be resolved by the Irish regulator. This is problematic as Dublin is the European headquarter for many US tech giants, such as Google, Facebook, Apple and Microsoft. As their headquarters are in Dublin, this makes Ireland’s Data Protection Commission responsible for holding them accountable to the relevant laws, as the lead EU regulator.

What's the big picture effect?

Ireland’s lack of action in this area has an unfortunate knock-on effect on the enforcement of GDPR against large tech companies. This is due to the fact that before the rest of the EU can take their own action against the companies, they must wait for Irish draft decisions. As Ireland is failing to deliver draft decisions on cross-border cases, this is leading to a bottleneck in the system. When compared to other countries in GDPR enforcement, Ireland is performing poorly. For example, Spain has a smaller budget for data protection but is still producing an estimated 10 times more draft decisions.

 Unsurprisingly, the lack of policing action by the Irish regulatory authority has been heavily criticised by other European countries, including Spain, France and Italy. Despite this, the EU has limited powers to act against data watchdogs at member state level and thus, it cannot force the Irish regulatory authority to deliver more draft decisions. However, the EU could potentially open infringement proceedings against Ireland if it is found that the state has not brought in effective policies to safeguard privacy rules. Therefore, it seems as though Ireland will escape an official rap on the knuckles by the EU but it is likely that there will be sustained criticism by other member states if the situation is not soon rectified.

Report written by Imogen Wilson

Share this now!

Check out our recent reports!