Face to Face: Joe Meade, Data Protection Commissioner

13-05-2005

by Deirdre McArdle

The Data Protection Commissioner Joe Meade is to take up a new position as Financial Services Ombudsman. Deirdre McArdle caught up with Meade as he reflected on his role as Data Protection Commissioner and looks to the future.

ENN: When you took the position of Data Protection Commissioner four and a half years ago what were your expectations for your new role? What did you hope to achieve?

Meade: My main hope was that data protection would be appreciated for what it is. Not just access to information, but how personal information was controlled and how people could have confidence in how organisations treated it, and how it would be classed, as it is, as a major human right.

ENN: Just days away from moving on to the role of Financial Services Ombudsman, do you think you've lived up to your expectations when you became Data Protection Commissioner?

Meade: Three months after I came here I launched the official website for the office and I outlined the key priorities that the office should do, including privacy audits, having a more public profile, being proactive and ensuring that the office ran in a efficient and effective manner. One will never achieve 100 percent but I'm happy to say that most of the objectives that I set myself then have been achieved.

ENN: What are the main changes that you've witnessed in the past five years?

Meade: Well, I suppose the actual development of the globalised nature of how data can flow through the whole world. The appreciation of data protection and what its role could play was not at first appreciated by governments worldwide. But I think that as time has gone on they have begun to appreciate what its role can be and they are beginning to dialogue more and more to ensure that they get the balance right.

ENN: In your most recent annual report you mentioned that enquiries to your office numbered 15,000 last year. Have consumers become more aware of their data protection rights?

Meade: Well they have, for two reasons, one, we have devised a strategy of communications with the public by media ads, ads on buses and lots of public presentations. Secondly, as more and more people acquire IT skills and become more IT literate, they as well see the pluses and the minuses in this area. It's a combination of factors really that has brought the consciousness of people to this area.

ENN: In the past number of years have you seen an increase in the number of companies coming to your office wanting to comply with legislation and to find out how they can do so?

Meade: We have seen the number of enquiries from organisations increase in the past few years. Last year we did 70 public presentations to about 6,700 people, most of those would have been to data controllers and their staff. We have also conducted a number of privacy audits, so coupled with that, people are more conscious of the regulations now. Overall, I would say that most organisations want to comply and are making every effort that is humanly possible to do so. I am glad to say in over four and a half years in this role I have seen a definite change of attitude.

ENN: In the past five years as we've moved towards more electronic based communications spam has obviously emerged as key issue. How serious do you think the problem of spam is?

Meade: Spam is a worldwide phenomenon and legislation alone will not solve it, it has to be done industry wide and worldwide. And whilst there are good controls and good legislation in the EU, 80 percent of spam coming into Europe is coming from the likes of the US, or Outer Mongolia, or wherever. Trying to track it down and find where it's coming from is quite a big problem.

There's also a responsibility on organisations: do they have proper antivirus systems or anti-spamming systems, and would they be as concerned about it if there wasn't an economic impact where it's clogging up their inbox. It has to be a shared, and I've said this and I will keep repeating it, unless the IT industry and governments worldwide address this problem it will destroy the IT industry as people will not want to be having their mail boxes filled up.

ENN: Your office has the power to prosecute companies for sending unsolicited direct marketing messages and companies doing so face a fine of EUR3,000 per message sent. Do you think the threat of prosecution and the fine works effectively to discourage companies sending spam?

Meade: The first prosecution of a company for sending spam was adjourned in the District Court for six weeks due to technical issues. Ireland was one of the first countries in Europe to prosecute for the sending of spam. Yes, the fines for breaching the legislation are quite substantial at EUR3,000 per message sent, a serious impediment really. It's fair to say that overall, the level of complaints has dropped considerably since the legislation was implemented, maybe due to the level of the fine that could be imposed.

ENN: Is there anything that the government could do that would make the role of Data Protection Commissioner any easier?

Meade: The government has made the role easier, in that it has not impeded me in doing my work and it increased the staff from five when I came here, we're now up to 21. There will always be tensions between government and the role of the Data Protection Commissioner, and that's how it should be because it's not a black and white subject. There will be pros and cons on either side but it's up to the commissioner and government to work together to ensure that they both recognise their roles and take appropriate action when it has to be taken. And I'm glad to say, and I acknowledge every year in my annual report, and I do not do it lightly, that I have received great co-operation from the government.

ENN: As you leave the position of Data Protection Commissioner have you any advice for your replacement?

Meade: I'm loath to give advice to anyone who's taking over, as every commissioner will bring their own style and energy to a job. All I will say is that he or she has an excellent staff here. He or she will have to balance, as I have had to, the requirements of government, the industry and the people with what's in the legislation. When you take on a role like this you have to carry out what's in the legislation and if you do not do so then you're not doing your job. All I will say is that I wish him or her every success and that they enjoy it.

ENN: How different do you think your new role of Financial Services Ombudsman will be? Are you looking forward to it?

The role is an important one as it is in effect creating a new statutory body as part of the overall enhancement of the regulatory framework for financial services in Ireland. I see it as an extension of my job here; it's dealing with complaints that have not been resolved by the financial institutions with ordinary customers. It is in effect the final redress that people would have before they go to court, and in that way it's very much akin to what I had to do here. I'll wait 'til I get my feet under the table and give it a few months to see how things are going, but yes I'm looking forward to it.