News and Insights

Print this page

Search News & Insights

Matheson Update: Irish Data Protection Commissioner to audit major social media companies

PRACTICE AREA GROUP: Technology and Innovation
DATE: 14.02.2013

The Irish Data Protection Commissioner (the “DPC”) has stated his intention to carry out scheduled audits of major social media companies that have operations in Ireland.  Commissioner Billy Hawkes said that many such companies had their European headquarters in Ireland and therefore they fell under his jurisdiction as Irish Data Protection Commissioner.  He added that Ireland had a significant responsibility to the rest of Europe in this regard.

Under the Data Protection Acts 1998 and 2003, the DPC has powers to carry out data protection audits and inspections to ensure compliance with the law and to identify possible breaches.  Each year the Commissioner decides the office's target sectors for audit for that year.  Scheduled audits are intended to provide some forewarning to the operators in the sector and to give them an opportunity to address any perceived issues and perhaps to commence engagement with the DPC’s office.

The DPC plans to conduct a scheduled audit of a leading international social media company this year and we understand the DPC is in discussions with the company in relation to when that will commence and the scope of that audit.  Whilst the DPC’s staff numbers and budget have increased in anticipation of more audits, we would nonetheless anticipate that the audits will be undertaken one at a time rather than in parallel with each other.  

The DPC’s comments come in the wake of the widely-publicised Facebook audit undertaken by his office.  Facebook has clearly benefited from the DPC audit because it has given it a “clean bill of health” from a data protection perspective.  The DPC’s audit of Facebook also demonstrated that their business model is sustainable from a data protection perspective, thus underlining the importance of data protection compliance as a driver of shareholder value.

In our recent e-zine, which we dedicated to data protection to coincide with Global Data Protection Day on 28 January, we referenced the Facebook audit, DPC audits in general, the forthcoming Data Protection Regulation and more.  You can view our full ezine here.  We also marked Global Data Protection Day with a breakfast seminar on 28 January featuring guest speaker Irish Data Protection Commissioner Billy Hawkes. 

You can view video excerpts from the seminar here.


About cookies on our website

Following a revised EU directive on website cookies, each company based, or doing business, in the EU is required to notify users about the cookies used on their website.

Our site uses cookies to improve your experience of certain areas of the site and to allow the use of specific functionality like social media page sharing. You may delete and block all cookies from this site, but as a result parts of the site may not work as intended.

To find out more about what cookies are, which cookies we use on this website and how to delete and block cookies, please see our Which cookies we use page.

Click on the button below to accept the use of cookies on this website (this will prevent the dialogue box from appearing on future visits)