James Lawless (Kildare North, Fianna Fail) | Oireachtas source

I have a second practical question. I have heard of methods, resources and technologies that could be used. In her presentation, the commissioner spoke about a principle-based approach and said that every case is unique. Might there be an opportunity to fast-track some of the more minor cases or more repetitive type of requests? Must there be human input in all cases? Could we have a rules engine? There is technology like TIBCO and Fair Isaac. There may be workflow software.

It is a slightly different point but working as a data protection lawyer at the time, pre-GDPR, there was a case file on the DPC website a couple of years ago. It was a case study hub. There was a distillation of principles, in the way common law does in other areas of law, so that the wheel was not always being reinvented. I am not saying the DPC does reinvent the wheel every time. To what extent is there an opportunity even for a preliminary opinion to be delivered by a process of codification? I think one of the statements said that the volume of cases dealt with last year was 10,000 and I think the commissioner alluded to more. What level of technology can be employed? Could there be some degree of codification with the right to review, etc., for those who want it to be escalated? I saw it myself under the pre-GDPR regime, although I appreciate the current regime is slightly different.