Ireland data protection newsletter - Issue 18
2024 has seen the appointment of two new commissioners in the Data Protection Commission (DPC).
The AI Act has officially been adopted, and organisations now have to consider how to take advantage of AI opportunities while remaining within the AI Act guardrails. In addition, the European Data Protection Board (EDPB) has developed a free website auditing tool. Meta has introduced a ‘pay or okay’ model, which the EDPB have now published an opinion on, and the DPC provide some guidance on managing our digital footprint. This year will mark six years since the GDPR came fully into force.
Read the full newsletter
Contact
Cyber security and NIS2
Build technological resilience so you can operate with confidence
Data privacy & GDPR
Forvis Mazars supports you in achieving and maintaining data protection and privacy compliance
Outsource Data Protection officer (DPO)
Forvis Mazars provides outsourced data protection officer (DPO) services to organisations that do not wish to directly employ a DPO
Data protection impact assessments (DPIA)
Forvis Mazars DPIA methodology has been developed using years of experience, ensuring that risks are identified and mitigated in line with business needs while keeping a focus on individuals.
Outsourced Subject Access Requests (SAR)
Satisfying subject access requests can require a very significant amount of time and effort. Gathering the data, filtering out the irrelevant records, making decisions on what is necessary to include and redacting information appropriately can turn one SAR into a project in its own right.
Forvis Mazars | Europrivacy ™
Forvis Mazars has partnered with Europrivacy to provide companies with General Data Protection Regulation (GDPR) compliance certifications. This is the first GDPR certification to be created since the launch of the GDPR four years ago, and has been authorised by the European Data Protection Board (EDPB). This certification positions companies as front-runners in data protection with a strong competitive...
30 Mar 2026
University of Limerick fined €98,000
The Irish Data Protection Commission (DPC) has fined the University of Limerick (UL) €98,000 following 12 personal data breaches that occurred between 2018 and 2020.
30 Mar 2026
European Data Protection Board (EDPB) guidance
The EDPB has published a series of updates that reflect its ongoing focus on harmonisation, practical guidance and coordinated supervision across the EU.
30 Mar 2026
CNIL €3.5m fine over customer match practices
The French Data Protection Authority (CNIL) has fined an organisation €3.5 million for improper use of customer match tools, reinforcing the growing regulatory focus on social media‑based targeted advertising. The decision highlights the need for clear transparency, specific consent and strong governance when sharing customer data with advertising platforms.