Simon Harris (Wicklow, Fine Gael)
Link to this: Individually | In context | Oireachtas source

I will take the issues in order. First, I will respond to the question on the Data Protection Commission. As is right and proper, I am very conscious of its independence. I am especially conscious of that for all of the reasons colleagues have outlined regarding its role not just in Ireland but its lead oversight and supervisory role at an EU level. I did meet with the Data Protection Commissioner, Helen Dixon, probably two weeks ago, because it does fall under the remit of my Department, while being independent in the performance of its task and the exercise of its powers, as it should. I will not comment on any specific finding, investigation or matters before European courts for those reasons, other than to say it is for the commission to decide how it wishes to respond, legally or otherwise to those matters. I am conscious that some of them are live.

From the point of view of the Department and the Government, we are committed to ensuring that the DPC is supported and resourced, and that there is a robust statutory footing for its work. Colleagues will know that we do intend to appoint two new DPC commissioners. They will be in place by the second quarter of this year. We will be moving from a single commissioner to a college of commissioners in many ways, to three commissioners. Alongside that, we have an understanding that there will be a review of the DPC governance structures, staffing arrangements and processes in order to support the work and to inform what will be a new model of commission. That work is due to conclude around the same time as well. We will have the review of the DPC governance structures, staffing arrangements and processes, plus the appointment of two additional DPC commissioners. There is a very significant increase in the budget. The funding for the DPC will be a seven-fold increase from where it was in 2015, as it should be. That is just to give the committee a sense of the scale of additional increase. With the appointment of two additional commissioners we hope to send a very strong message about our statement of intent to continue to build the capacity of the Data Protection Commission to support the exiting commissioner and to ensure that the commission can continue to deliver on its role. I am proud of the role of the Data Protection Commission. It carries out a very demanding role and I am very conscious of its independence. I do not wish to stray too much but I do think that the relationship in terms of information flow and understanding by the members of the role of the DPC and that the DPC has a role in terms of the committee is probably something that benefits further consideration.

In response to Deputy Farrell's point, there is no doubt that the only direction of travel in terms of data is that it is going to become more important, a bigger political issue, a public discourse issue, a policymaking issue, a security issue and, therefore, making sure that there is a good, albeit robust, relationship and flow of information is key. It is important that all of us as Members of the Oireachtas are kept well briefed on all of these issues because it is very important.

On the issue of cyberattacks and cybersecurity in general, I thank the Munster Technological University for the work it has been doing. Nobody is immune from cyberattack, whether a business, State institution or university. Cyberattacks are just a relatively new form of criminality but the same old-fashioned criminal purpose is still there: to extort, blackmail and to steal money. That is what these criminals are trying to do. They are criminal gangs, often at a high level of organised crime. It did not succeed in this case in terms of any ransom being paid. MTU is working very closely with the Garda and the National Cyber Security Centre . I thank all of them for their work, which is very much ongoing. Students and staff impacted will be issued with letters and information very shortly, but in general the advice for them in particular and for all of us is to frequently change passwords, be alert to things like phishing or scam emails, unsolicited messages and the like trying to obtain further data.

The standard response I always give on cameras - it is important that I give it - is that I do not comment on security matters or security advice given to me as Minister for Justice. That is for good reasons, but I do think it is important that all State bodies and these Houses of the Oireachtas are aware of the willingness and ability of An Garda Síochána to give security advice at any stage. We have seen the Garda step in and step up with security advice about individual public representatives, and all of us as public representatives. That same willingness to provide security advice is there now. That is the way these things should be addressed. I have no doubt that the Houses of the Oireachtas take such matters very seriously. It is right and proper that they should. They must. However, I do think the security advice should come through An Garda Síochána and other appropriate security mechanisms available to the State.

I will reflect on the point Deputy Farrell makes about the role of this committee in terms of information flow in a manner that is appropriate. Anything to do with national security, the security of our Parliament, institutions, democracy, or State is something the Garda takes extraordinarily seriously, and its members are on hand, through my Department, to provide any information that is required.