Introduction to Freedom of Information and Data Protection

Background

The Freedom of Information (FOI) Act 1997, effective from 21st April 1998 establishes three new statutory rights :

• a legal right for each person to access information held by public bodies;
• a legal right for each person to have official information relating to him/herself amended where it is incomplete, incorrect or misleading; and
• a legal right to obtain reasons for decisions affecting oneself.

The Act asserts the right of members of the public to obtain access to official information to the greatest extent possible consistent with the public interest and the right to privacy of individuals.

Background Information

How to Make an Application

An individual seeking access to personal data must send a written request to the Department, specifying that the request is made under the Data Protection Acts, 1988 and 2003. Application forms are available online or upon request from the FOI and Data Protection Unit of this Department. To facilitate processing of the application, the individual making the request should where possible give any details which might be needed to help the Department identify the applicant and locate the information which we may keep about him/her (e.g. relevant section of the Department with which the applicant has had interaction, previous address etc.)

An individual must indicate under which of the Registrations s/he wants a search carried out (see section entitled “Registration Details” below). An individual may request personal data held under one or more registrations. There is an access fee of €6.35 for each registration in respect of which an access request is made.

FOI and Data Protection Unit administers the Act within the Department, and applications should be sent to the following address:

Data Protection Officer
Data Protection Unit
Department of Enterprise, Trade and Innovation
Kildare Street
Dublin 2

Processing the Application

On receipt of the request, an acknowledgment is issued immediately. In cases where the individual seeking access to data has not specified the registration(s) under which they wish a search to be made the acknowledgement letter will ask the requester to specify under which registration(s) they wish a search to be made.

• The 40 day time limit is reckoned from the date on which the registration(s) under which a search is to be made have been established, and the appropriate fee has been received.
• When the registration(s) under which a search is to be made have been established, and the appropriate fee remitted, FOI Unit contacts the relevant Data Controller(s) requesting that a search be carried out for personal data which refers to the data subject.
• The retrieved data is fully examined by the Data Controller(s) and a decision in accordance with the Data Protection Act is made.
• If the Data Controller decides not to release the material, or to release only part of it, the individual is advised in writing as to the reason for that decision.

Right of Complaint

A person is notified of their right to raise the matter with the Data Protection Commissioner under S. 10(1)(a) of the Data Protection Act, 1988, in the event that they consider the provisions of the Act have been contravened. They can do this by contacting the Commissioner at Canal House, Station Road, Portarlington, Co. Laois. (Tel: 578684800, Fax: 578684757)

Registration Details

The Department is registered with the Office of the Data Protection Commissioner under a number of different headings.