Government Data Forum

Department of the Taoiseach, 12 April 2017

Meeting Note

Attendance

Minister for Data Protection, Dara Murphy T.D. (Chair)

Seamus Carroll, Department of Justice and Equality

Rob Corbet, Arthur Cox

Dr Martyn Farrows, CJ Fallon

Derek Finnerty, Director, Storm Technology

Ann Henry, Chair of the IP Committee of the Law Society of Ireland

Dr. Pat O’Hara, National Statistics Board

Barry Lowry, Chief Government Information Officer

Mirek Pospisil, LinkedIn

Rebecca Radloff, Microsoft

Niamh Sweeney, Facebook

Conor Gouldsbury, Special Advisor, Department of the Taoiseach

Adrienne Harrington, Data Protection Unit, Department of the Taoiseach

Joan Hayes, Data Protection Unit, Department of the Taoiseach

Kate Flinter, Data Protection Unit, Department of the Taoiseach

Anne Flanagan, Department of Communications (on the ePrivacy item)

Aedan Hall, Department of the Taoiseach (on the ePrivacy item)

Introductory Remarks

Minister Murphy provided an overview of key developments in the data protection area since the Forum last met in February. In particular, he outlined recent developments in relation to the Privacy Shield, including Commissioner Jourová’s meetings with members of the US administration in Washington at the end of March and the first review of Privacy Shield in September.

Following her visit to the US, Commissioner Jourová stated that the key foundations of the deal remain in place. She also said that, as part of the Review process, the Commission plans to discuss additional protections as well as any relevant developments in US law.

Minister Murphy informed the members that he will be visiting Washington in April to speak on Ireland’s growing role in the transatlantic data economy at the International Association of Privacy Professional’s Global Summit. While in Washington, the Minister will be meeting with some of his counterparts in the new administration and he will take this opportunity reiterate the importance of the Shield, as well as to highlight the work that Ireland is doing in the area of data and data protection.

  1. Minutes of meeting of 23 February 2017 and matters arising

The minutes of the meeting of 23 February 2017 were approved and it was agreed that these would be published on the Department of the Taoiseach’s website.

  1. ePrivacy Regulation Proposals – WP29 Opinion

The Forum discussed the WP29’s Opinion on the ePrivacy Regulation proposals (circulated in advance). It was noted that the Opinion is generally positive but that it also highlights a number of potential issues particularly regarding how the proposals relate to the General Data Protection Regulation (GDPR) and the need to ensure consistency and complementarity in this context.

D/Communications updated the Forum on progress on the proposals and work underway at the European and national level on the proposed Regulation; particularly in relation to capturing stakeholder feedback and standardising definitions etc. D/Communications is carrying out a stakeholder consultation to inform its work on the proposals and invited the members of the Forum to provide inputs to this process.

  1. Updates

-Data Summit

D/Taoiseach outlined progress on the Data Summit, including the launch of the event website at the end of March, work to finalise the programme of speakers and activities to promote the event nationally and internationally.

In keeping with the overall aims of the event, D/Taoiseach also updated the Forum on work underway to ensure that the Data Summit showcases the range of data related activities in Ireland across the public, private and not-for-profit sectors. Work is underway with a wide range of organisations including the CSO, the Royal Irish Academy, the Digital Youth Council, Science Foundation Ireland, DataKind and Social Innovation Ireland in this regard. Preparations for the GDPR will be a core theme of the overall event, with a series of practical workshops on the GDPR integrated into the overall programme.

Minister Murphy commented on the excellent line-up of speakers already confirmed and thanked the members of the Forum for their ongoing support in organising and promoting the Data Summit.

-Data Protection Bill

D/Justice updated the Forum on the Data Protection Bill. It is intended that the draft Heads of the Bills will be submitted to Government in early May for (i) approval to draft and (ii) submission for pre-legislative scrutiny. D/Justice is aiming to publish the Bill in autumn with a view to enactment by spring 2018.

-WP29 GDPR Work Programme

The Forum discussed the WP29’s work programme in relation to the GDPR, particularly the publication of guidance on a number of key concepts in the Regulation (see below). It was noted that the WP29 has indicated that it will be refreshing its work programme as the year progresses and into 2018. It was agreed that the Forum would consider how it might input to this process at its next meeting.

-WP29 April Plenary Session – Press release and adopted guidelines on (i) Right to ‘data portability’, (ii) Data Protection Officers, and (iii) the Lead Supervisory Authority

The Forum discussed the guidance adopted by WP29 at its plenary meeting in April (circulated in advance). It was agreed that this guidance is very helpful for organisations as they work to prepare for the Regulation coming into effect.

Discussion focussed on the designation of lead supervisory authority and the importance of how this will work in practice particularly in relation to the effective operation of the one-stop-shop model.

It was noted that the WP29 had adopted draft guidance on Privacy Impact Assessments at its April meeting and it was agreed that the secretariat would circulate this to the group as soon as this is made available.

-ODPC GDPR Consultation

The Forum welcomed the ODPC consultation in relation to the GDPR and the development of guidance on consent, profiling, breach notification and certification which will feed in WP29’s work on these issues

-ODPC Annual Report 2016

The Forum noted the publication of the ODPC’s Annual Report for 2016 and welcomed the Commissioner’s statement that preparations for the GDPR are an absolute priority for the Office over the year ahead. The Forum also welcomed the Office’s ongoing commitment to an engaged approach with organisations under its remit to develop and implement data protection policies that protect the user.

-Opportunities for Ireland in the EdTech Sector

Following on from the last meeting of the Forum in February, Martyn Farrows updated the Forum on the working group established to examine the opportunities for Ireland in the EdTech sector.

  1. AOB

No items were raised under AOB

  1. Date of next meeting

It was agreed that the date for the next meeting would be set following the Data Summit.

1