Unsurprisingly similar judgment to Dwyer (GD v. Garda Commissioner), but para. 125 on ECtHR jurisprudence is new and interesting. 1/

https://twitter.com/EUCourtPress/status/1572138761160634368

Para. 125, in which the CJEU confirms that ECtHR jurisprudence is a floor, not a ceiling, for protection of rights under the Charter. 2/

The full report is here - opac.oireachtas.ie/Data/Library3/… - and, yet again, it is a joke. Quick thread. 1/

https://twitter.com/CormacJOKeeffe/status/1543162540133326848

First, since 2016 the CJEU has said that mass surveillance in the form of indiscriminate retention of telephone and internet data is illegal. No mention of this by the judge, even though it's core to his remit. 2/

Enforcing data protection, Irish style. A quick thread.
thetimes.co.uk/article/data-p… 1. In 2018 we learned that the Department of Social Protection had seriously interfered with the independence of its Data Protection Officer.

In October 2018 @DRIalerts complained to @DPCIreland.

6 months later that complaint still isn't resolved.

irishtimes.com/business/data-… 2.

Data protection twitter! A competition.

A pint or frosty beverage of your choice to anyone who can explain to me how s.41 of the Data Protection Act 2018 gets to add a whole new legal basis into Article 6 GDPR. irishstatutebook.ie/eli/2018/act/7…

1/ Perhaps it’s a restriction under Article 23 GDPR? Maybe… it’s not just a restriction of specific rights but a whole new ground. But if it is - where are the “specific provisions” and safeguards under Article 23? 2/

Quick Q&A:

1. Does it mean GD’s conviction is overturned? No. That’s a matter for the Court of Appeal.

2. Will the Court of Appeal do so? Probably not. There are exceptions for evidence gathered lawfully at the time, which becomes unlawful due to “subsequent legal developments"

https://twitter.com/Orlaodo/status/1070647289365045248

3. What about the rule that evidence must be excluded if obtained by a “deliberate and conscious” breach of rights?

This is more difficult. Does the state fail this test when it knows that there is a CJEU judgment striking down the underlying EU law? The timeline matters here.

How does Irish policing handle digital forensics? Let’s look at two cases reported today. In one, a rape of a girl by her stepfather, there was a five year delay in examining a seized computer. The second, child abuse images, saw a seven year delay. 1/ These delays are at the high end but are unfortunately typical of a system which has been chronically underfunded. Even in recent cases there seems to be a 1-2 year delay in forensic examination: kildarestreet.com/wrans/?id=2018… 2/

I spoke earlier at the #DataSummitDublin about cross-border access to data by police. It was a relatively short presentation (and I was a bit rushed by arriving late!) so there might be a couple of points worth expanding on. 1/ First - notification. A big issue in the caselaw and for surveillance oversight is whether individuals are notified that they have been put under surveillance or their data accessed. I’ve covered that here (p.12 on): researchrepository.ucd.ie/bitstream/1019… 2/

The Department of Social Protection, not content with its existing data protection problems, has now decided it wants to monitor what you're saying about it on your social networks, forums and blogs. (Hat-tip to @eire_mark who spotted this.) 1/ The Sideshow Bob rake department, as it shall henceforth be known, has a request for tender out. The website is a faff to use, and the docs long, so I've put the relevant bits in a PDF here: docdro.id/il7iRR2 2/

Almost immediately after the GDPR came into force, the Irish Department of Social Protection seriously interfered with the independence of its DPO: irishtimes.com/news/ireland/i… 1/ A journalist (@ElaineEdwardsIT) had spotted that the dept Privacy Statement acknowledged that it collects biometrics, contrary to repeated earlier denials. She contacted the dept for comment. 2/