Individuals may be entitled to know if State has sought personal data from telecoms providers
Individuals may have a right to know if their telecoms provider has been asked for their personal data by a State agency such as An Garda Síochána, the Data Protection Commissioner has ruled.
In a decision issued two weeks ago, the watchdog said that a request by a State agency constitutes personal data which can be requested by an individual through a Subject Access Request.
The ruling was made in respect of an unnamed person, represented by FP Logue Solicitors, who asked eir in April 2016 whether fraud officers had tried to access his records.
The telecoms company refused to provide that information, citing section 5(1)(a) of the Data Protection Act 1988, which creates an exception for personal data kept for purposes including “preventing, detecting or investigating offences”.
However, the Data Protection Commissioner ruled: “I have examined whether eir validly relied upon this exemption and have reached the conclusion that it did not do so. This exemption only applies to the extent that access to [the individual’s] personal data would be ‘likely to prejudice’ any of the matters specified.”
The watchdog noted that eir had sought An Garda Síochána’s views on the matter “generally but not on the specific request in question”.
The DPC added: “The information that we reviewed in the course of our investigation did not indicate that [the individual’s] personal data was being kept for the purposes of any of the matters specified in section 5(1)(a).”