My partner was a Bank of Ireland customer and she bought an insurance policy from a subsidiary of the bank ( Irish Life ). She relocated about five years back and closed her account with the bank.
Last year she learned that her name and banking details were included with over 30,000 other customers when some unencrypted laptops were stolen. She was somewhat relieved by a statement from the Data Protection Commissioner, basically the officer stated that he was examining the loss. She has learned in the past few days that the Data Protection Commissioner cannot prosecute the bank, the insurance company or the people in whose care the data was held. Now this is not case of an official not doing his or her job --- the Data Protection Officer has no power to prosecute in the matter. It seems that we do have an Act of the Oireachtas but absolutely nothing to back it up, no penalties whatsoever it seems. My partner has spoken to the Financial Regulator but this leads only to more ambiguity. Any suggestions would be appreciated.
Last year she learned that her name and banking details were included with over 30,000 other customers when some unencrypted laptops were stolen. She was somewhat relieved by a statement from the Data Protection Commissioner, basically the officer stated that he was examining the loss. She has learned in the past few days that the Data Protection Commissioner cannot prosecute the bank, the insurance company or the people in whose care the data was held. Now this is not case of an official not doing his or her job --- the Data Protection Officer has no power to prosecute in the matter. It seems that we do have an Act of the Oireachtas but absolutely nothing to back it up, no penalties whatsoever it seems. My partner has spoken to the Financial Regulator but this leads only to more ambiguity. Any suggestions would be appreciated.