In the newly released annual report for 2011 (agency pdf; archive pdf), Irish Data Protection Commissioner Billy Hawkes says that the Irish public made a record number of complaints last year. There were 1,161 complaints in 2011, much higher than the 783 complaints received in 2010. The complaints were related to “unsolicited direct marketing text messages, phone calls, fax messages and emails,” as well as “unfair obtaining of data” and “use of CCTV footage,” among other complaints.
The commissioner noted that the “most comprehensive and detailed [audit] ever undertaken by our Office” was the investigation of Facebook Ireland, the social-networking service. The audit involved “about a quarter of our staff resources for 3 months and external technical assistance from University College Dublin.”
Here’s more information from the introduction:
As outlined in my foreword the data protection landscape is changing. We are now seeing a definite shift in the nature and type of complaints received by the Office from the traditional complaint related to inappropriate or unfair use of personal data to a clearer technology focus with individuals concerned about the security of their personal data and the uses made of that data by software and technology applications.
Last year for the first time the number of data breach notifications outstripped the number of complaints opened for investigation (by six). The need to deal with the reality of the potential impact on individual privacy and data protection rights which can be caused by poorly thought out technology is in many respects the back-drop to the European Commission’s proposals for a new uniform Data Protection Regulation that will apply across all EU Member States.