Irish Data Protection Commission Registers over 1,300 Complaints since GDPR became Law


It has been revealed that in excess of 1,300 concerns or complaints have been submitted to the Irish Data Protection Commission (DPC) since the General Data Protection (GDPR) became enforceable on May 25.

In a statement released the DPC said that the volume of complaints being made by phone and email since May 25, from both individuals and organizations, has skyrocketed.

The watchdog said it began receiving the first complaints from individuals since the law was implemented on May 25, and also its first notifications from organisations relating to personal data breaches, which are being dealt with under the GDPR. It said: “Between May 25 and May 31, the DPC received around 700 telephone calls and over 650 emails to its information service. These include contacts from both individuals raising concerns or making complaints to the DPC and queries from organisations.”

In addition to this, there has been a marked increase in the number of personal data breaches that organisations are reporting to the DPC. In order to comply with GDPR, and avoid significant fines, organisations and companies must notify the supervisory authority (the DPC in Ireland) within 72 hours if it is discovered that a breach has occurred. 60 notifications, half of which relate to breaches that occurred after the May 25 date. If companies fail to comply with GDPR they face major fines, the most stringent of which is 4% of annual global revenue or €20m, whichever figure is higher.

GDPR was developed in order to standardise and protect the way that personal data is protected within the European Union. It must be adhered to by companies located within the EU and those external companies that are operating in the EU or managing the personal data of EU citizens. So far there, according to the DPC, there are 10 cases at review stage in line with GDPR requirements.