The Irish government’s proposed amendments to the Courts and Civil Law (Miscellaneous Provisions) Bill 2022 are sparking controversy. The changes aim at protecting information and correspondence shared during Data Protection Commission (DPC) investigations and complaints, preventing them from being disseminated without permission. Officials argue that this measure is necessary to prevent regulatory probes from being undermined or legally challenged due to unfair procedures. However, human rights and consumer protection organizations such as Amnesty International, the European Consumer Organisation (Beuc), European Digital Rights (EDRi), and the Irish Council for Civil Liberties have voiced their concerns about these propositions.
Rasha Abdul-Rahim, director for Amnesty Tech, has claimed that through these amendments, the Irish government seeks to stifle dissent. According to her, labeling all DPC procedures confidential not only shields big technology companies from scrutiny but also silences individuals and organizations advocating for privacy and data protection rights. She further criticised these proposals as a violation of rights such as privacy, freedom of speech, access to information, and suggested they undermine protections for internet users. The Irish Council for Civil Liberties echoed Abdul-Rahim’s sentiment by suggesting that these amendments would prevent people from openly discussing how their data might be misused by large tech firms or public bodies.
In response to this criticism, a spokesperson for the Department of Justice stated that there seems to be a misunderstanding regarding the purpose of this amendment. They clarified that it wouldn’t hinder complainants from talking about their data privacy grievances or revealing if they made a complaint with DPC. Instead, it only applies to individuals engaged with the Commission during certain statutory functions like inquiries and investigations in order protect commercially sensitive information shared during these processes.
Despite these assurances, critics remain skeptical of these legal changes’ potential impact on data protection enforcement in Europe. Ms Abdul-Rahim expressed disappointment in Ireland’s track record on upholding data privacy standards for millions of social media users across Europe and globally—pointing out its inadequacies when dealing with Big Tech companies like Meta and Google. She also admonished the Irish authorities’ attempt at shielding Big Tech from public scrutiny instead of enforcing EU General Data Protection Regulations (GDPR) fully.