Datasec: Helen Dixon says GDPR is a 'game-changer that can't be ignored'


Ryan Nugent

Dublin Data Sec 2017. Helen Dixon, Data Protection Commissioner. Photo: Gerry Mooney
Dublin Data Sec 2017. Helen Dixon, Data Protection Commissioner. Photo: Gerry Mooney
Minister for Communications Denis Naughten at Dublin Data Sec 2017 Photo: Gerry Mooney

THE Data Protection Commissioner Helen Dixon HAS said that Irish people are taking extra care with passwords and information provided online for fear of hacking.

Speaking at the INM Datasec conference in the RDS today, Ms Dixon explained that, in previous years, those needing information for logins and so on would choose easily-guessed passwords. But that is less of an issue nowadays, due to an increased education on the data risks posed from being hacked, she added.

“For many people, picking a password involved picking one that was easy to remember and therefore easily-guessable and the ultimate solution in many cases was to stick a post-it with the username and password on a PC monitor,” she said.

“But now we've developed more sophistication and more consciousness of data protection.

Data Protection Commissioner, Helen Dixon at Dublin Data Sec 2017. Photo: Gerry Mooney
Data Protection Commissioner, Helen Dixon at Dublin Data Sec 2017. Photo: Gerry Mooney

“We've all started to understand the personal responsibility we have to take for information we put in the public domain and the potential consequences it can have for us later on,” she added.

Delegates at Dublin Datasec 2017 were updated on planning for GDPR - the upcoming General Data Protection Regulation (GDPR).

Cliona Carroll (INM Sponsorhip and Events Manager) and Claire Keay (Founder and MD of Taxsaver Bikes). Picture; Gerry Mooney
Cliona Carroll (INM Sponsorhip and Events Manager) and Claire Keay (Founder and MD of Taxsaver Bikes). Picture; Gerry Mooney
Dublin Data Sec 2017: Antonella Surfaro (Tech Project manager INM) Geoff Lyons (Marketing Manager INM), Paul Dunny (CRM Manager INM) and Carol O'Mahony (EA to Editor in Chief INM) . Picture; Gerry Mooney
Dublin Data Sec 2017: Brenda Tobin (Concern Worldwide) and Linda Colleran (Mapfre Assistance Agency Ireland). Picture; Gerry Mooney
Dublin Data Sec 2017: Stephanie Pennington (Oracle Direct) and Robert Kelly (Production Manager Emeda Stericycle). Picture; Gerry Mooney
Dublin Data Sec 2017: Alison Murray (Evershed Sutherland) and Caitriona Keane (Chief State Solicitors Office) Picture; Gerry Mooney
Dublin Data Sec 2017: Stephen Rae (Editor in Chief INM), Helen Dixon (Data Protection Commissioner) Minister for Commumications Denis Naughten and Adrian Weckler (Technology Editor INM). Picture; Gerry Mooney
Dublin Data Sec 2017: Adrian Weckler (Technology Editor INM), Helen Dixon (Data Protection Commissioner) and Minister for Commumications Denis Naughten. Picture; Gerry Mooney
Dublin Data Sec 2017. Stephen Heary (International Counsel, Etsy) Lorcan McLoughLin (Privacy Officer, Rabobank) and Adrian Weckler (Technology Editor INM). Picture; Gerry Mooney
Dublin Data Sec 2017: Anna Mulhall, Laura O'Dwyer and Caitriona Melvin from KPMG. Picture; Gerry Mooney
Dublin Data Sec 2017. Alan Curley (Privacy Manager Johnson and Johnson), Stephen Laffan (Global Privacy Program Manager, Workday), Stephen Heary (International Counsel, Etsy) Lorcan McLoughLin (Privacy Officer, Rabobank) and Adrian Weckler (Technology Editor INM). Picture; Gerry Mooney
Dublin Data Sec 2017: Helen Dixon (Data Protection Commissioner) . Picture; Gerry Mooney
Dublin Data Sec 2017: Emerald De Leeuw, CEO Eurocomply. Picture; Gerry Mooney
Dublin Data Sec 2017: Adrian Weckler (Technology Editor INM), Minister for Commumications Denis Naughten and Helen Dixon (Data Protection Commissioner) . Picture; Gerry Mooney
Dublin Data Sec 2017: Emerald De Leeuw, CEO Eurocomply. Picture; Gerry Mooney
Dublin Data Sec 2017: Emerald De Leeuw, CEO Eurocomply. Picture; Gerry Mooney
Dublin Data Sec 2017: Panel discussion (l-r), Mark adair, (Partner, Mason Hayes Curran), Joseph Carson (Cyber Security Strategist, Thycotic), John Cassidy (Ground Labs) Stewar Thompson (Privacy Officer, IBM Watson Health) and Adrian Weckler (Technology Editor INM). Picture; Gerry Mooney
Dublin Data Sec 2017: Jonathan Armstrong, Partner Cordery. Picture; Gerry Mooney
Dublin Data Sec 2017: Jonathan Armstrong, Partner Cordery. Picture; Gerry Mooney
Dublin Data Sec 2017: Jonathan Armstrong, Partner Cordery. Picture; Gerry Mooney
Dublin Data Sec 2017: Jonathan Armstrong, Partner Cordery. Picture; Gerry Mooney
Dublin Data Sec 2017: Helen Dixon Data Protection Commissioner. Picture; Gerry Mooney
Dublin Data Sec 2017: Helen Dixon Data Protection Commissioner. Picture; Gerry Mooney
Dublin Data Sec 2017: Minister for Commumications Denis Naughten. Picture; Gerry Mooney

"The GDPR is a game-changing piece of regulation and cannot be ignored," Ms Dixon said. 

"To do nothing ahead of May 2018 is not an option, because there will be consequences to pay and the consequences will be very significant for any organisation, whether they are public or private.’

Delegates were also informed about the procedures to be put in place, governance, managing a data privacy programme; and data breach detection, reporting and security. The conference also covered the issues surrounding ‘Data Protection, Brexit and Borders’, the ethics of GDPR, transparency, privacy as a service and unique insights from leading privacy managers from some of the world’s leading multinationals.

Ms Dixon said the GDPR will deliver more accountability and enforcement of breaches and explained that only a few years ago it was common that staff in government departments would look up people in their locality and their details out of “curiosity”.

Minister for Communications Denis Naughten at Dublin Data Sec 2017. Picture: Gerry Mooney
Minister for Communications Denis Naughten at Dublin Data Sec 2017. Picture: Gerry Mooney

She said these type of breaches also occurred within large private firms.

“Think about how common it was for staff in some government departments to look up details of their neighbours out of curiosity based on databases to which they'd access,” Ms Dixon said.

“Or to look up for example national lottery winners and look up to see what their address was or their social welfare profile was, and it happened with private sector companies too, like insurance companies with large databases,” she added.

The Data Protection Commissioner added that data is a “technical right” and that an individual does not have to suffer any harm or damage for their data protection rights to have been infringed.

Today's conference was opened by Minister for Communications, Climate Action and Environment Denis Naughten.

Mr Naughten said: “In 386 days the new General Data Protection Regulation will come into effect.  The regulation – known as GDPR - affects every company and employer - not just the large IT and social media companies. If you have employees - even a handful - then you hold and process employee personal data and therefore you must learn about the GDPR.”

He also admitted to have been a victim of information hacking – but expects Ireland to be prepared for more stringent data protection laws being introduced next year.

The new EU General Data Protection Regulations (GDPR) are introduced on May 25, 2018, and have been described as a "game changer"

“The regulation also brings a range of new obligations to the public sector over and above those of private companies,” Mr Naughten said.

“Public sector, as you know, as one of the largest collectors and users of personal data in the country, so it's essential that citizens have faith in how this data is used and secured.

“It's something I personally am very conscious of, as somebody who had their medical details stolen on a laptop a number of years ago,” he added.

Like this event, the Government are also set to hold a two-day summit next month on the GDPR.

The introduction of GDPR has come about due to dramatic changes in technology, which has led to an explosion in the volume of consumer data that is used and stored by businesses across the EU.

It will give consumers greater control over how their personal data is used.

Other speakers at today's event include Senior Counsel for Civil, Criminal and Internet Litigation Pauline Walley, and Cyber Security Strategist Joseph Carson.

Independent News and Media Editor-in-Chief Stephen Rae said: "GDPR is one of the most far reaching and impactful legislative issues facing Irish businesses and the public sector for some time. Our events team has worked hard to bring some of the most authoritative speakers to provide practical and thought provoking information to Data Sec 2017. The high numbers of delegates in attendance attests to the fact that this is an issue of vital importance which businesses are keen to understand and address in advance of the GDPR coming into effect.”

He continued: "I'd like to thank the Minister for Communications Denis Naughten, Data Protection Commissioner Helen Dixon and the host of other speakers for their valued contribution to this event."