Our global pages

Global home
About us
Global services/practices
- Browse full services list
- Global services/practices
  Commercial and IT
  All commercial and IT
  Commercial contracts
  Consumer
  Financial services regulation
  Intellectual property
  Outsourcing
  Payment systems and digital commerce
  Privacy, data protection and cybersecurity
  Procurement and State Aid
  Technology and licensing
  Telecommunications
  Competition, EU and trade
  All competition, EU and trade
  Abuse of dominance
  Antitrust and competition litigation
  Competition compliance and counselling
  Competition investigations
  Dawn raids
  EU and international trade law
  Export controls, sanctions and anti-money laundering
  Foreign investment and national security
  Market and sector inquiries
  Merger control
  Trade and distribution
  Construction and engineering
  All construction and engineering
  Construction disputes
  Contracts and procurement
  EPC
  Project support
  Public sector
  Real estate
  Transport
  Corporate
  All corporate
  Equity capital markets
  Corporate governance
  International Corporate Reorganizations
  Corporate secretarial services
  Investment fund formation
  Mergers and acquisitions (M&A)
  Private equity / venture capital
  Corporate counsel program
  All corporate counsel program
  Corporate crime / white collar crime and investigations
  All corporate crime / white collar crime and investigations
  Anti-bribery and corruption
  Environmental health and safety
  Export controls, sanctions and anti-money laundering
  Fraud and white collar
  Global compliance and crisis management
  Investigations
  Public inquiries
  Employment law
  All employment law
  Discrimination law
  Employment litigation and dispute resolution
  Executive employment issues
  Global contracts and policies
  Global mobility and immigration
  Human rights & modern slavery
  Labor law and trade union issues
  Personnel records and employee data privacy
  People in M&A and outsourcing
  Restructuring and redundancy
  Energy
  All energy
  Agriculture, softs and metals trading
  Clean energy
  Electric power
  Energy disputes
  Energy finance
  Energy regulations
  Energy trading
  Environmental
  Gas
  Mining
  Nuclear
  Oil and gas
  Water
  Entity management
  All entity management
  Board advice and support
  Corporate secretarial services
  Director duties
  Project management
  Worldwide Compliance
  Finance, financial services regulation and investment products
  All finance, financial services regulation and investment products
  Acquisition and leveraged finance
  Asset finance
  Asset management
  Commodities & securities litigation and regulatory enforcement
  Corporate banking
  
  Debt capital markets
  Derivatives
  Distribution / broker-dealer
  Financial services disputes
  Financial services regulation
  Funds tax
  Investment fund formation
  Islamic finance
  Project finance
  Public finance
  Real estate finance
  Reserve based lending
  Restructuring and insolvency
  Securitisation and structured finance
  Trade finance
  Insurance
  All insurance
  Captives
  Insurance and reinsurance disputes
  Insurance M&A, reinsurance and restructurings
  Insurance financing and capital markets
  Insurance regulation and compliance
  Insurance and retirement products, insurance distribution
  Investigations and enforcement
  Pension risk transfer
  Taxation
  Intellectual property
  All intellectual property
  Copyright
  Intellectual property litigation
  Media
  Patents
  Reputation management
  Technology and communications disputes
  Trademark
  Trade secret
  Konexo
  
  Where activity meets creativity
  
  Alternative legal and compliance services developed by Eversheds Sutherland
  
  Legal, compliance, corporate secretarial and HR services that connect with you in many ways. That�s Konexo. Through creative use of emerging technology and global resources, we connect your needs with real benefits, and your challenges with transformative solutions. This is where complexity meets clarity.
  
  Konexo is now present in the UK, US, Hong Kong, Singapore and Malaysia.
  
  Find out more by visiting the Konexo website
  Litigation and dispute management
  All litigation and dispute management
  Antitrust and competition litigation
  Appellate
  Class action and mass tort litigation
  Commercial litigation
  Commodities & securities litigation and regulatory enforcement
  Costs
  Construction and infrastructure disputes
  Energy & infrastructure disputes
  Financial services disputes
  Funding
  Global compliance and crisis management
  Insurance and reinsurance disputes
  Intellectual property litigation
  International arbitration
  Pensions and benefits disputes
  Product liability
  Professional liability
  Litigation technology and project management
  Real estate litigation
  Shipping and international trade disputes
  Tax controversy and litigation
  Pensions, benefits and executive compensation
  All pensions, benefits and executive compensation
  Executive compensation
  Pension plan dispute resolution
  Pension plan insurance and derisking
  Pension plan investment
  Public sector pensions
  Qualified and approved pension plans
  Real estate and planning
  All real estate and planning
  Commercial development and leasing
  
  Corporate real estate
  Data centers
  Environmental
  Institutional investment and fund formation
  Planning, consenting and permitting
  Property due diligence and transaction support
  Real estate finance and capital markets
  Real estate litigation
  Real estate tax
  Residential and private rented sector
  Tax
  All tax
  Executive compensation
  Federal tax accounting
  Financial services and financial products taxation
  Funds tax
  Indirect tax/VAT
  Insurance taxation
  International tax
  M&A and reorganizations
  Partnership taxation
  Real estate tax
  Tax controversy and litigation
  Tax-exempt organizations
  Trusts and estates
  U.S. state and local tax
Industries/sectors
- All sectors and sub sectors
- Global industries/sectors
  Construction and engineering
  All construction and engineering
  Construction and infrastructure disputes
  Contracts and procurement
  EPC
  Project support
  Public sector
  Real estate
  Transport
  Consumer
  All consumer
  Food and beverage
  Hospitality and leisure
  Retail
  Education
  All education
  Further education (UK)
  Higher education (UK)
  Schools and academies
  Energy
  All energy
  Agriculture, softs and metals trading
  Clean energy
  Electric power
  Energy disputes
  Energy finance
  Energy regulations
  Energy trading
  Environmental
  Gas
  Mining
  Nuclear
  Oil and gas
  Water
  ESG
  All ESG
  Environmental
  Social
  Governance
  ESG for Corporates
  ESG for Financial Services
  Financial services
  All financial services
  Governments and infrastructure
  All governments and infrastructure
  
  Government and strategic projects
  
  Infrastructure
  
  Transport
  Health and life sciences
  All health and life sciences
  
  Independent hospitals
  Life sciences
  Public healthcare
  Senior living and social care
  Industrials
  All Industrials
  Aerospace, defense and security
  Automotive
  Chemicals
  Manufacturing and industrial engineering
  Insurance
  All insurance
  Captives
  Insurance and reinsurance disputes
  Insurance M&A, reinsurance and restructurings
  Insurance financing and capital markets
  Insurance regulation and compliance
  Insurance and retirement products, insurance distribution
  Investigations and enforcement
  Pension risk transfer
  Taxation
  Real estate
  All real estate and planning
  Commercial development and leasing
  
  Corporate real estate
  Data centers
  Environmental
  Institutional investment and fund formation
  Planning, consenting and permitting
  Property due diligence and transaction support
  Real estate finance and capital markets
  Real estate tax
  Residential and private rented sector
  Technology, media and telecoms
  All technology, media and telecoms
  Artificial intelligence
  Data centers
  Media
  Technology
  Technology and communications disputes
  Telecoms
  Timber and agribusiness
  All timber and agribusiness
Our people
Events/webinars
- Events, webinars and training
- Legal events and training: choose a location
  Western Europe
  Legal events and training in Austria
  Legal events and training in Finland
  Legal events and training in France
  Legal events and training in Germany
  Legal events and training in Ireland
  Legal events and training in Northern Ireland
  Legal events and training in Spain
  Legal events and training in United Kingdom
  Central and Eastern Europe
  Legal events and training in Czech Republic
  Legal events and training in Estonia
  Legal events and training in Hungary
  Legal events and training in Poland
  Legal events and training in Romania
  Legal events and training in Slovakia
  Asia
  Legal events and training in China
  Legal events and training in Hong Kong SAR
  North America
  Legal events and training in United States of America
  Africa
  Legal events and training in South Africa
News and articles
Careers
- Careers with Eversheds Sutherland
- Careers: choose a location
  Western Europe
  Careers with a law firm in Austria
  Careers with a law firm in Belgium
  Careers with a law firm in Finland
  Careers with a law firm in France
  Careers with a law firm in Germany
  Careers with a law firm in Ireland
  Careers with a law firm in Italy
  Careers with a law firm in Luxembourg
  Careers with a law firm in Netherlands
  Careers with a law firm in Spain
  Careers with a law firm in Sweden
  Careers with a law firm in Switzerland
  Careers with a law firm in United Kingdom
  Central and Eastern Europe
  Careers with a law firm in Estonia
  Careers with a law firm in Hungary
  Careers with a law firm in Latvia
  Careers with a law firm in Lithuania
  Careers with a law firm in Poland
  Careers with a law firm in Romania
  Africa
  Careers with a law firm in South Africa
  Asia
  Careers with a law firm in China
  Careers with a law firm in Hong Kong SAR
  Middle East
  Careers with a law firm in Iraq
  Careers with a law firm in Jordan
  Careers with a law firm in Qatar
  Careers with a law firm in Saudi Arabia
  Careers with a law firm in United Arab Emirates
  North America
  Careers with a law firm in United States of America

Data Protection Commission publishes its 2022 Annual Report

Ireland

Privacy, data protection and cybersecurity - GDPR

07-03-2023

The Data Protection Commission (“DPC”) has today published its Annual Report for 2022 (the “Report”).

2022 marked the fourth full year of the implementation of the GDPR and saw significant effort by the DPC to ensure compliance with the GDPR across Ireland. The most frequent GDPR queries and complaints received by the DPC related to Access Requests; Fair Processing; Disclosure; Direct Marketing; and the Right to be Forgotten.

Helen Dixon, Commissioner for Data Protection, highlighted that “2022 was a year that saw significant outputs from the DPC in its efforts to drive GDPR compliance and protect the rights of those in Ireland and across the EU.” This is reflected in the statistics highlighted in the Report.

We have summarised below some initial key areas of interest from the Report and we will shortly publish a more substantive overview of the key findings from the Report.

Data Breaches

The total number of breach notifications received by the DPC in 2022 was 5,828, of which 62% related to unauthorised disclosures via post and email. Breach notifications to the DPC were down by 12% on 2021 figures.

Similar to the DPC’s Annual Report for 2021, public sector bodies and banks account for the ‘top 10’ organisations with the highest number of breach notifications, with insurance and telecom companies featuring in the top twenty.

The Report highlights again that breaches related to unauthorised disclosures were predominantly due to poor operational practices and human error. The DPC further highlighted that autofill options on email address bars have given rise to a significant number of breach notifications where emails have been misdirected.

Complaints

The DPC received 2,700 complaints from individuals under the GDPR in 2022. 42% of the complaints received related to access requests. The DPC concluded 3,133 complaints in 2022.

The DPC received 204 complaints related to electronic direct marketing in 2022. 118 complaints related to emails, 52 related to text messages, 28 in relation to cookies, and 6 complaints related to phone calls. Two telecom companies were successfully prosecuted for four separate charges of sending unsolicited marketing communications without consent.

Data Subject Access Request complaints constituted 42% of the top complaints received by the DPC in 2022. Complaints about access to personal data remain the most frequent type of complaint the DPC receives.

Inquiries

As of 31 December 2022, the DPC had 88 statutory inquiries on-hand, including 22 large scale cross-border inquiries. These large scale inquiries mostly resulted in fines, reprimands and/or orders being made under the GDPR. The DPC received 125 valid cross-border complaints (as Lead Supervisory Authority) in 2022 and concluded 246 cross-border complaints.

Enforcement Action, Imposition of Fines and Corrective Measures

The DPC levied punitive fines in excess of €1 billion, primarily against big technology firms. In November 2022, the DPC had some of its decisions to impose administrative fines, ranging from between €1,500 and €17 million, confirmed in the Dublin Circuit Court.

Future priorities

The Report notes that in 2023, we can expect the following developments:

• more decisions from the DPC and judgments from the CJEU;

• increased litigation involving the DPC;

• the beginning of the application of the DSA and DMA; and

• the commencement of the Online Safety and Media Regulation Act in Ireland.

In line with the DPC’s Regulatory Strategy for 2022-2027, the DPC will continue in 2023 to seek to pursue “the issues of greatest consequence for data subjects, drive compliance and most importantly, safeguard individuals’ rights.”

Conclusion

The full Report can be found on the DPC website here.

The Report provides useful and practical guidance for organisations on their obligations under data protection law and maintaining compliance with same. It highlights that while data controllers in Ireland continue to improve their compliance efforts, higher standards of responsiveness to individuals seeking to exercise their rights are still needed in many sectors.

Should your organisation have any data protection queries or wish to discuss any concerns, we are happy to assist and support your organisation through any issues.

For more information, plase contact,

Leona Chow, Solicitor, IP, Technology & DP – LeonaChow@eversheds-sutherland.ie

Marie McGinley
Partner
+353 1 6441 457
+353 1 6441 457

This information is for guidance purposes only and should not be regarded as a substitute for taking legal advice. Please refer to the full terms and conditions on our website.

< Go back

Eversheds Sutherland Ireland

Articles

View more articles

© Eversheds Sutherland LLP 2023. All rights reserved. Eversheds Sutherland LLP is an Irish partnership authorised by the Legal Services Regulatory Authority in Ireland to operate as a limited liability partnership (LLP) under the Legal Services Regulation Act 2015.

Eversheds Sutherland is the name and brand under which the members of Eversheds Sutherland Limited (Eversheds Sutherland (International) LLP and Eversheds Sutherland (US) LLP) and their respective controlled, managed and affiliated firms and the members of Eversheds Sutherland (Europe) Limited (each an "Eversheds Sutherland Entity" and together the "Eversheds Sutherland Entities") provide legal or other services to clients around the world. Eversheds Sutherland Entities are constituted and regulated in accordance with relevant local regulatory and legal requirements and operate in accordance with their locally registered names. The use of the name Eversheds Sutherland, is for description purposes only and does not imply that the Eversheds Sutherland Entities are in a partnership or are part of a global LLP. The responsibility for the provision of services to the client is defined in the terms of engagement between the instructed firm and the client.