What does the DPC have to say about EU data protection and e-privacy laws?
The Irish Data Protection Commission (DPC) released its 2020 Annual Report detailing the comprehensive span of regulatory work the organisation has done in overseeing the application of EU data protection and e-privacy laws.
The report outlines and discusses the large scale inquires the DPC has undertaken such as –
- received breach notifications;
- special projects relating to children;
- special projects relating to cookies;
- the impact and challenges of Brexit; and,
- the impact and challenges of COVID-19.
The DPC Annual Report conclusions cover the period January 1, 2020 to December 31, 2020.
- DPC handled 10,151 total cases in 2020 (up 9% compared to 2019)
- DPC received 4,660 complaints from individuals under the GDPR
- the most frequent GDPR queries and complaints in 2020:
- access requests,
- direct marketing, and
- the right to be forgotten.
- the organisation received 6,628 valid security data breach notifications (up 10% compared to 2019)
- December 31, 2020: the DPC had 83 statutory inquiries (on-hand) of which 27 were cross-border ones
- the DPC received 354 cross-border processing complaints via the GDPR’s One-Stop-Shop
- December 2020: first fine in a cross-border case – Twitter International Company (€450,000)
- among the complaints filed 144 concerned electronic direct marketing of which 66 complaints related to emails
- DPC also reports a new phenomenon: both organisations and individuals are attempting to misuse the GDPR
Ireland’s Data Protection Commission currently has 27 open privacy investigations against Apple, Google and other tech companies who’ve set up an EU hub in Ireland.
Interesting fact: Facebook accounts for nine of these privacy probes with more pending into WhatsApp and Instagram.
You can download the Irish Data Protection Commission 2020 Annual Report here.