PLANS to harmonise data protection laws throughout the European Union will only work if regulators are properly funded and states accept rulings from other countries, the top data regulator in the country said yesterday.
In a speech at the law firm Matheson, Irish data protection commissioner Billy Hawkes said the new Data Protection Regulation being proposed by the EU would move rapidly towards the statute book under Ireland's presidency.
Among other measures, the proposal will see companies face fines of up to €1m or 2pc of turnover if companies breach it, while the "right to be forgotten" will be enshrined in law.
This has meant that some of the biggest companies in the world are regulated by the relatively small Irish data protection commission.
Given the huge amount of data collected on people by various websites, Mr Hawkes said it was now vital that regulators were properly funded.
"It will be essential that data protection authorities have the resources necessary to carry out their broader European oversight responsibilities.
"This is a key issue for us due to the large number of multinational companies handling personal data that have substantial operations in Ireland," he said.
The Irish authority has around 30 investigators on its staff, about a quarter that of Germany.
If the plan is to be successful, though, regulators in jurisdictions beyond Ireland will have to accept decisions made by Mr Hawkes. The data protection agency for the German state Schleswig-Holstein in particular has criticised Mr Hawkes's approach when dealing with Facebook, for example.
"If the concept [of a one-stop shop for regulation in Europe] is to be acceptable, it is essential that all data protection authorities are willing to rely on the relevant data protection authority to vindicate the rights of all EU citizens, not just those of its own member state.
"For this, it will be essential that the 'consistency mechanism' works as intended to ensure uniform application of the law," Mr Hawkes added.