Data Protection chief gets report on IBRC leak
No legal obligation for liquidators to contact affected clients
The Irish Bank Resolution Corporation (IBRC) has formally notified the Office of the Data Protection Commissioner in relation to the leaking of confidential client data from the bank.
News of the contact between the parties follows the Sunday Independent's revelation last week that the IBRC's special liquidators have identified the source of the leak which saw private banking information of businessman Denis O'Brien and numerous other high-profile IBRC clients circulated to independent TD Catherine Murphy.
While a spokesman for the special liquidators, Kieran Wallace and Eamonn Richardson of KPMG, confirmed the IBRC had met its legal obligation to inform the Data Protection Commissioner of the leaking of a number of its clients' financial details, they were unable to confirm if the affected clients had been contacted yet.
According to the code of practice it has governing breaches of personal data, the Data Protection Commissioner advises that immediate consideration should be given to informing those directly impacted.
This, the code states, "allows the data subjects to consider the consequences for each of them individually and to take appropriate measures to mitigate the impact of the breach."
The code - which is non-binding - states that in certain cases, organisations such as An Garda Siochana that might be able to assist in protecting those whose information has been compromised, should also be notified.
Given the gravity of the IBRC leaks, one senior banking figure said it would "extraordinary" for the special liquidators not to make direct contact with IBRC clients whose data may have been compromised. Even in cases where there is no discernible risk, clients should be informed, the banker said.
When the laptop computer of the IBRC's former CEO Mike Aynsley was stolen from his home in south Dublin in November 2010, the bank contacted a number of clients that it potentially affected.
This was despite the fact that the IBRC's security personnel had already determined that none of the material on the laptop could be considered "sensitive" in nature and none of it related to clients.
As revealed by the Sunday Independent last weekend, the IBRC employee behind the leak admitted culpability once he had been pinpointed by the special liquidators.
The individual is understood to be shocked by what has unfolded since the confidential information was brought into the public domain Ms Murphy in the Dail.
Sinn Fein TD Pearse Doherty has said he has further information about other major clients of IBRC that he is willing to disclose if required to convince the Government to extend the terms of reference of the inquiry into the bank.