Parliamentary Secretary for Consumer Rights, Public Cleansing and Support for the Capital City Deo Debattista addressed a conference organised by the Data Protection Unit within the Ministry for Justice, Culture and Local Government on Data Protection Day.
The aim of this conference was to provide an overview of the past eight months in connection with procedures implemented in the context of the regulation which became applicable on 25 May 2018 and the government's work in complying with its provisions.
Deo Debattista explained that in his role as Parliamentary Secretary for Consumer Protection, his aim is to ensure that citizens' rights are protected and strengthened in conjunction with the developments and needs of society and as he reiterated in his speech,
"Data protection is an area which is strongly related to consumer rights." He explained that security practices in the workplace are encouraged in all business aspects, not least in the processing of personal data.
He added that the government is in a very particular situation in terms of data processing because clients and consumers of its services are obliged to approach the government for processes required by law. Therefore, he explained that the government's responsibility is greater and cannot fail to respect the privacy rights of its consumers and clients.
The Parliamentary Secretary said, "That is why on 25 May 2018, along with the applicability of this regulation, the government also published the Data Protection Act, as a new chapter that complements the provisions of this regulation. Along with this act, subsidiary legislation also came into force, as expected by the regulation."
The Parliamentary Secretary further elaborated on the ministry's current work on a related subject matter and mentioned the discussions regarding the ePrivacy Regulation. He explained that "This regulation is being set up with the aim of strengthening confidence and security in the Digital Single Market by updating the legal framework on electronic privacy. Whilst the GDPR regulates the processing of personal information, the ePrivacy Regulation will result in rules that organisations must follow when sending marketing material or act as transmitters in electronic communications."
Deo Debattista said that the past eight months saw a reinforcement in the implementation of the various obligations of controllers within the government and drew among other examples the controller's obligation to notify breaches of the regulation to supervisory authorities within a stipulated timeframe while at the same time taking immediate steps to control the damage which could have been imparted on data subjects.
The conference was also addressed by officers from the Information and Data Protection Commission who provided further insight into the experiences undergone by controllers in view of their new obligations; and by the Data Protection Unit who reminded participants of the guidelines drawn up by the same Unit for the benefit of all Data Protection Officers.
The participants had the opportunity to address their queries to the experts present. The Parliamentary Secretary thanked the Information and Data Protection Commissioner's Office and the Data Protection Unit within the ministry for their work.
Data protection officers and the Information and Data Protection Commissioner were present for the conference. Seamus Carroll, a representative from Ireland's Ministry for Justice was also present in order to share Ireland's experience in the context of the General Data Protection Regulation.