Sinéad Gibney (Dublin Rathdown, Social Democrats)
Link to this: Individually | In context

4. To ask the Taoiseach and Minister for Defence whether he has been briefed on the potential threats to national security posed by the sale of location data which can then be used to track individuals entering sensitive areas such as military bases; and if he will make a statement on the matter. [50543/25]

Sinéad Gibney (Dublin Rathdown, Social Democrats)
Link to this: Individually | In context

5. To ask the Taoiseach and Minister for Defence the steps his Department has taken to address the threat of location data being sold online and used to track persons entering and exiting military bases and secure areas, the places they go and live; and if he will make a statement on the matter. [50544/25]

Simon Harris (Wicklow, Fine Gael)
Link to this: Individually | In context

I propose to take Questions Nos. 4 and 5 together.

As Minister for Defence, I am regularly briefed on matters of national security but, precisely for reasons of national security, I am not in a position to disclose the nature of such briefings or to comment on the detail of security matters.

However, I can assure the Deputy that the Government affords the highest priority to the State’s security and to the security of individuals.

Moreover, the safety and security of its personnel is paramount to Óglaigh na hÉireann. The Defence Forces implements a broad range of measures to ensure security is maintained in both the physical and cyber domains. Cyber security awareness is one of the operational pillars in the DF’s Cyber Defence Strategy with cyber hygiene briefings, best practice and procedures an integral feature of the DF’s operational culture.

The Defence Forces takes several proactive steps to ensure security is maintained in sensitive locations including minimising electronic footprint in these areas. The Defence Forces ensures it is capable of tapering the electronic footprint of their personnel and operations depending on the nature of any operations they conduct.

The Defence Forces will continue to review and update their policies and procedures in relation to emerging technologies and ensure that their personnel are kept up-to-date to any potential risks that may face them and how to counter them.

Under EU and national law, the Data Protection Commission (DPC) is the State body which has regulatory authority in the area of privacy and data security. Location data can reveal a significant amount of information about individuals, including information about an individual’s habits and personality, and information that is inherently sensitive. Information about an individual’s location can also pose a serious risk to their security and wellbeing.

In relation to the disclosures made in the media recently, the DPC is currently working to identify the data broker in question. If they are headquartered in Ireland, the DPC will take action themselves. and, if they are headquartered in another EU country, it will engage with the relevant Data Protection authority to deal with the matter.