New Bill will allow data obtained outside legal guidelines to be used

PHONE CALL, e-mail and internet information obtained outside legal guidelines could still be used for investigations under proposals…

PHONE CALL, e-mail and internet information obtained outside legal guidelines could still be used for investigations under proposals in a new Bill on storing and accessing electronic data.

In the heads of a Bill seen by The Irish Times, a proposed clause on "Disclosure Requests" allows data that is later deemed to have been obtained outside the remit of the legislation to be used.

It states: “A disclosure request shall not be invalid by reason only of a failure to comply with this section.”

The Government originally intended to introduce the changes in the law by way of statutory instrument, which would have sidestepped the need for Dáil scrutiny or a vote on the measures.

READ SOME MORE

However, it is understood to have opted for primary legislation on data retention after receiving legal advice that the alternative approach could raise constitutional issues.

The Department of Justice also proposes to redefine serious crime from the current definition of a crime punishable by a minimum sentence of five years, to any crime with a minimum sentence of 12 months.

The proposed legislation also places data security and management requirements on the service providers that hold call and internet data, but does not state who will pay for those costs.

Service providers have complained that management of data would impose heavy costs that they would in turn have to pass on to businesses and consumers.

Independent Senator Ivana Bacik, who is Reid Professor of Criminal Law at Trinity College Dublin, questioned whether the Act could provide meaningful protections against the misuse of data. She said the clause on disclosure requests “has potential to undermine the stated purpose of the Act. Its inclusion calls into question the integrity of the framework created by the legislation since it can so easily be overridden,” she said.

The Minister for Justice would also be allowed to exclude any offence from the application of the proposed Act, subject to approval by the Oireachtas. The Oireachtas could decide to annul the order, but “without prejudice to the validity of anything previously done thereunder,” thus permitting any activity done up to that point.

“This is a very puzzling provision, especially as it appears to allow for inexplicable gaps in scrutiny, or potentially significant windows of opportunity for the Minister or gardaí, within which the statutory requirements will not apply,” Ms Bacik said.

The Act allows for scrutiny of the data retention regime by a “referee”, and states that any individual who thinks a disclosure request has been made for their data may appeal to the referee to investigate if this is so and in compliance with the Act, and allows for compensation. Ms Bacik said this right of appeal was pointless unless there was an obligation to inform the person that a disclosure request had been made.

Karlin Lillington

Karlin Lillington

Karlin Lillington, a contributor to The Irish Times, writes about technology