Annex E
Privacy Sub-committee of the Law Reform Commission:
Recommendations on Exemptions
(A) Data Purposes with Limited Privacy Implications
(i)
(ii)
There should be a total exemption from the requirements of data protection law for personal data held by an individual and concerned solely with the management of his personal, family or household affairs or held by him solely for recreational purposes. (This is in line with Article 14 of the BOR).
Non-profit making bodies should be exempted from the obligation to furnish a copy of their declaration to the data protection authority, provided the data relates only to their members and is not communicated to third parties.
(B) Public Interest Exemptions
(iii) Data held for the purpose of national security,
defence, and international relations should be completely exempted from the subject access and from the non-disclosure provisions. A certificate signed by the Governor would be evidence of the exemption.
users should nonetheless remain subject to the general requirement of furnishing declarations describing data held for these purposes. Also, the other data protection principles should apply. The Privacy Commissioner should not, however, be entitled to monitor compliance with
with the remaining data protection principles. His role should be restricted to being entitled to look behind the Governor's certificate to confirm that the data purpose for which the exemption was claimed is correctly classified.
(iv)
(v)
A complaints mechanism along the lines of the UK Security Service Act 1989, whereby a tribunal of lawyers is established to investigate complaints, should be adopted regarding the activities of the security service. This is to provide an element of independent monitoring, in view of BOR requirements.
Personal data should be exempted whose disclosure is urgently required for preventing serious injury or other damage to the health of any person or persons should be exempted from the application of provisions limiting its disclosure to third parties.