Irish response to spyware mapping questionnaire

TJ McIntyre a fait une demande de Accès à l'information à Justice et Consommateurs

Automatic anti-spam measures are in place for this older request. Please let us know if a further response is expected or if you are having trouble responding.

La demande a été rejetée par Justice et Consommateurs.

Dear Justice and Consumers,

I am very glad to see the Commission taking steps to investigate the use of spyware by Member States.

Under the right of access to documents in the EU treaties, as developed in Regulation 1049/2001, I am requesting documents which contain the following information:

* The Irish response to the spyware mapping questionnaire dated 21/12/2022.

Yours faithfully,

Dr. TJ McIntyre
Sutherland School of Law
University College Dublin, D4, Ireland.

JUST-ACCES-DOCUMENTS@ec.europa.eu,

Dear Sir or Madam,

We hereby acknowledge the receipt of your request for access to documents
sent on 04/04/2023 and registered on 04/04/2023 under the case number
2023/2065.

We will handle your request within 15 working days as of the date of
registration. The time-limit expires on 28/04/2023. We will let you know
if we need to extend this time limit for additional 15 working days.

To find more information on how we process your personal data, please see
[1]the privacy statement.

Yours faithfully,

Directorate-General for Justice and Consumers - Access to Documents
European Commission

References

Visible links
1. https://ec.europa.eu/info/principles-and...

JUST-ACCES-DOCUMENTS@ec.europa.eu,

1 Attachment

Dear Sir,

Please find attached a message concerning your request for access to
Commission documents registered under the above case number 2023/2065.

Please acknowledge the receipt of this message by return email.

Kind regards,

European Commission

DG Justice and Consumers

Unit JUST/C3 - Data Protection

1049 Brussels/Belgium

TJ McIntyre a laissé une remarque ()

While the Commission refused this request, a parallel request to the Irish Department of Justice was granted.

The text of the Irish response is as follows (I have redacted the email address of the sender):

Ms Ana Gallego
Director General
DG JUST
(by email to JUST-C3@ec.europa.eu)

10th February 2023

Dear Ms Gallego,

I wish to respond to your letter to Ambassador Hanney of 21st December last.

Introduction

In Ireland, legislative provisions concerning the interception of telecommunications and surveillance are to be found in the following Acts, which include details of the purposes for which such powers are permitted to be exercised, by whom the powers are permitted to be exercised, as well as relevant safeguards and conditions, including prior authorisations, reporting, remedies, redress and other oversight.

The Interception of Postal Packets and Telecommunications Messages (Regulation) Act 1993 provides the legislative basis in Ireland for the interception of postal packets and telecommunications messages. This Act is currently subject to review so as to ensure it is modernised, having regard to developments in technology.

The Criminal Justice (Surveillance) Act 2009 provides the legislative basis in Ireland for the monitoring, observing, listening to or making a recording of a particular person or group of persons or their movements, activities and communications, or the monitoring or making a recording of places or things, by or with the assistance of surveillance devices, including a tracking device.

Questions 1 and 2

Sections 4 and 5 of the 1993 Act provide that an authorisation may only be granted for interception for the purposes of the investigation of serious crime or for the purposes of protecting the security of the State in the case of An Garda Siochana (Ireland’s police service), for the purposes of protecting the security of the State in the case of the Permanent Defence Forces or for the investigation of offences allegedly committed by a member of An Garda Siochana in the case of GSOC (Ireland’s police ombudsman).

In accordance with sections 4 and 5 of the 2009 Act, surveillance is permitted in connection with an arrestable offence or for purposes of maintaining the security of the State (in the case of An Garda Siochana), in connection with an arrestable offence (in the case of GSOC), for the purposes of maintaining the security of the State (in the case of the Defence Forces) or in connection with a Revenue Offence (by the Revenue Commissioners).

Question 3, 5, 6

Having regard to the evolving nature of threats to the State, the security of the State is not defined in Irish legislation. The processing of data for the purposes of safeguarding the security of the State in Ireland is governed by the individual Acts concerned (i.e. the 1993 and 2009 Acts in this instance) and the Data Protection Act 1988.

In addition to internal approval mechanisms within the relevant authorities, use of the measures is subject to the following safeguards and conditions:
Applications under the 1993 Act are subject to authorisation by the Minister for Justice. The 1993 Act also makes provision for independent judicial oversight of its operation by a serving Judge of the High Court who is designated for this purpose. The Designated Judge reports at least annually on the operation of the legislation and these reports are laid before the Irish parliament. The Act also provides for a complaints mechanism whereby an individual who believes he or she has been the subject of an authorisation under the relevant provisions of the Act may apply to the independent Complaints Referee for an investigation into the matter.

Applications under the 2009 Act are subject to authorisation by a District Court judge. The Act also makes provision for independent judicial oversight of its operation by a servicing Judge of the High Court, and for a complaints mechanism, along the same lines as the 1993 Act above.

Question 4

The conditions for use of these powers are as set out in the relevant Acts. Interception authorisations under the 1993 Act are targeted to individuals and of limited duration. Further provisions on the conditions justifying interception are set out at sections 4 and 5 of the 1993 Act. Surveillance measures authorised under the 2009 Act are also of limited duration and may apply to a person, group of persons, a place or a thing. Conditions pertaining to application and authorisation are further set out at sections 4 and 5 of the 2009 Act.

Question 7

The above legislative measures do not include a requirement to notify the individual concerned of such measures. The complaints referee referred to above has a number of options available to him/her in respect of handling any complaint and these are further set out at section 9 of the 1993 Act and section 11 of the 2009 Act. The role of the referee includes an examination of the lawfulness of the relevant measures.

I trust this information will be of assistance to the Commission.

Yours faithfully,
_________________
Deirdre Meenan
Security & Northern Ireland Division Department of Justice

xxxxxxx@justice.ie

51 Faiche Stiabhna, Baile Átha Cliath 2, D02 HK52
51 St. Stephen's Green, Dublin 2, D02 HK52
Teileafón/Telephone: +353 1 602 8202 | Íosghlao/Lo-call: 1890 221 227 Ríomhphost/E.mail: info@justice.ie | www.justice.ie