In June 2013, the Federal Trade Commission (FTC) and Ireland’s Office of the Data Protection Commissioner signed a memorandum of understanding establishing a mutual assistance and information exchange program to secure compliance with data protection and privacy laws on both sides of the Atlantic.
The privacy and data protection laws between Ireland and the United States differ significantly; however, the two agencies recognise that the global economy and the resultant increase in the cross-border flow of personal information merits close cooperation. The U.S. privacy framework is based on a number of legislative acts, that in the main apply to a specific sector or type of data, such as consumer data or health data, while Ireland’s Data Protection Acts of 1988 and 2003, which implement the EU Data Protection Directive (95/46/EC), apply to the processing of any personal data.
The MOU sets out broad objectives to ensure cooperation over the enforcement of privacy laws and to facilitate research and education in the area of data protection, including through the exchange of knowledge and expertise.
The FTC and the Irish data protection authority have agreed to use their best efforts to:
- Share information, including complaints they receive
- Provide each other with investigative assistance
- Exchange data protection related information, including for purposes of consumer and business education
- Explore opportunities for staff exchanges and joint training programs
- Coordinate enforcement against cross-border violations
- Regularly discuss continuing and prospective opportunities for cooperation
The memorandum also specifies the procedures and rules applying to requests for assistance. Such requests should be made only when they do not impose an excessive burden on the other agency. Any shared information, the existence of the investigations, and any requests made, are to be treated by the agencies as confidential.