Data Protection Act 1988
Power to require information.
12.—(1) The Commissioner may, by notice in writing (referred to in this Act as an information notice) served on a person, require the person to furnish to him in writing within such time as may be specified in the notice such information in relation to matters specified in the notice as is necessary or expedient for the performance by the Commissioner of his functions.
(2) Subject to subsection (3) of this section—
(a) an information notice shall state that the person concerned may appeal to the Court under section 26 of this Act against the requirement specified in the notice within 21 days from the service of the notice on him, and
(b) the time specified in the notice for compliance with a requirement specified therein shall not be expressed to expire before the end of the period of 21 days specified in paragraph (a) of this subsection and, if an appeal is brought against the requirement, the requirement need not be complied with and subsection (5) of this section shall not apply in relation thereto, pending the determination or withdrawal of the appeal.
(3) If the Commissioner—
(a) by reason of special circumstances, is of opinion that a requirement specified in an information notice should be complied with urgently, and
(b) includes a statement to that effect in the notice,
subsection (2) of this section shall not apply in relation to the notice, but the notice shall contain a statement of the effect of the provisions of section 26 (other than subsection (3)) of this Act and shall not require compliance with the requirement before the end of the period of 7 days beginning on the date on which the notice is served.
(4) (a) No enactment or rule of law prohibiting or restricting the disclosure of information shall preclude a person from furnishing to the Commissioner any information that is necessary or expedient for the performance by the Commissioner of his functions.
(b) Paragraph (a) of this subsection does not apply to information that in the opinion of the Minister or the Minister for Defence is, or at any time was, kept for the purpose of safeguarding the security of the State or information that is privileged from disclosure in proceedings in any court.
(5) A person who, without reasonable excuse, fails or refuses to comply with a requirement specified in an information notice or who in purported compliance with such a requirement furnishes information to the Commissioner that the person knows to be false or misleading in a material respect shall be guilty of an offence.
Modifications (not altering text):
Application of section extended with modification (27.01.2014) by Credit Reporting Act 2013 (45/2013), s. 19(2), (4), S.I. No. 19 of 2014.
(2) Sections 2 , 4 and 6 of the Data Protection Act 1988 shall have effect as if—
(a) references to personal data included relevant credit data, and
(b) a person to whom this section applies were a living individual, and sections 9, 10, 12 and 24 to 31 of that Act apply accordingly.
(4) This section applies to any person with an annual turnover of not more than €3,000,000 (and to whom sections 2, 4 and 6 of the Data Protection Act 1988 would not apply apart from this section).
Application of section extended with any necessary modifications (24.02.2003) by European Communities (Directive 2000/31/EC) Regulations 2003 (S.I. No. 68 of 2003), reg. 9(6).
Unsolicited commercial communications.
(6) The following provisions of the Act, namely —
(a) sections 1, 10, 12, 24 and 25,
(b) section 26 in so far as it relates to a requirement specified in an enforcement notice or an information notice or a decision of the Data Protection Commissioner in relation to a complaint under section 10 (1) (a) of the Act,
(c) sections 27 to 30,
apply for the purpose of this Regulation with the modifications specified in paragraphs (7) to (10) and any other necessary modifications.
(7) References, in the provisions of the Act mentioned in paragraph (6), to that Act or the provisions of that Act shall, unless the context otherwise requires be construed as including references to this Regulation or the provisions of this Regulation.
(11) In this Regulation —
“Act” means the Data Protection Act 1988 (No. 25 of 1988);
Previous affecting provision: section applied to extend performance of Commissioner’s functions (from the date on which the declaration by the State under Article 32 (4) of the Customs Co-operation Convention took effect to 24 October 2007) by Customs and Excise (Mutual Assistance) Act 2001 (Section 8) (Protection of Manual Data) Regulations 2004 (S.I. No. 254 of 2004), reg. 10(3).
Previous affecting provision: construction of section extended (6.11.2003) by European Communities (Electronic Communications Networks and Services) (Data Protection and Privacy) Regulations 2008 (S.I. No. 535 of 2003), reg. 17(1)(a); reg. 17 substituted (13.12.2008) by European Communities (Electronic Communications Networks and Services) (Data Protection and Privacy) (Amendment) Regulations 2008 (S.I. No. 526 of 2008), reg. 9; revoked and replaced (1.07.2011) by European Communities (Electronic Communications Networks and Services) (Privacy and Electronic Communications) Regulations 2011 (S.I. No. 336 of 2011), reg. 35 subject to transitional provisions in reg. 34.
Previous affecting provision: application of ss. 10, 12, 24, 25, 26 (insofar as it relates to a requirement specified in an enforcement notice or an information notice or a decision of the Commissioner in relation to a complaint under section 10(1)(a)) and ss. 27 to 31 extended with any necessary modifications (8.05.2002) by European Communities (Data Protection and Privacy in Telecommunications) Regulations 2002 (S.I. No. 192 of 2002), reg. 12; revoked (6.11.2003) by European Communities (Electronic Communications Networks and Services) (Data Protection and Privacy) Regulations 2003 (S.I. No. 535 of 2003), reg. 24.