As the Deputy will be aware, my Department has a very wide range of functions, and data may be legally shared with various public bodies for operational reasons. This data sharing can involve aggregated and/or individual-level information.
For example, a number of areas within my Department's Immigration function must work closely with other bodies including the Garda National Immigration Bureau, the Department of Foreign Affairs, and the International Protection Accommodation Service in the Department of Children, Equality, Disability, Integration, and Youth. Sharing personal data is essential in order to fulfil their respective responsibilities and functions and provide services to applicants.
Sharing of personal data may also take place in response to a valid lawful request from another public body or in accordance with existing legislative obligations. For example, my Department may share personal data with a competent authority under the EU Law Enforcement Directive for the purposes of the prevention, detection, or prosecution of criminal offences, including safeguarding against and preventing threats to security or the execution of criminal penalties.
Regular and/or ad-hoc sharing of personal data under the GDPR may also occur with various entities, including but not limited to the Chief State Solicitors Office, Tusla, the International Protection Appeals Tribunal, Revenue, and the Department of Social Protection.
My Department is developing a programme of work with relevant agencies under its aegis to deliver improved interoperability and efficiency and provide timely data for analytics - the Criminal Justice Operational Hub supports a growing series of data exchanges between agencies across the criminal justice system, providing a secure area to exchange information. Data privacy, minimisation and security are key design principles of the programme which is underpinned by detailed Data Sharing Agreements and Data Protection processes to ensure appropriate data privacy is maintained. To date, secure data exchanges have been implemented between the Courts Service, An Garda Síochána, the Probation Service and the Irish Prison Service. Future developments will include Forensic Science Ireland and Oberstown.
My Department conducted a thorough review of all data sharing arrangements to prepare for the commencement of specific provisions within the Data Sharing and Governance Act 2019. Two new data sharing agreements, the first two under the 2019 Act, were published for consultation, signed, and came into effect in 2022. The first Agreement is with the Department of Foreign Affairs to share citizenship data. The second involves data sharing on the immigrant investor program between my Department and Revenue.
It is important to note that personal data is only shared by my Department at an individual level where there is a legitimate reason to do so, a valid lawful basis, and in strict accordance with the GDPR principles.
A range of joint controller agreements, controller processor agreements, and Data Sharing Agreements are in place across my Department. Transfers of statistical aggregated datasets to the Central Statistics Office and Eurostat are also ongoing.
Finally, I wish to assure the Deputy that my Department has an effective governance framework in place which is kept under review to ensure adherence to obligations under the data protection laws, the Law Enforcement Directive and the Data Sharing and Governance Act in respect of data processing and sharing activities.
