Criminal Justice (Mutual Assistance) Act 2008

79C
79C
79C
79C

F90[Recording of supply and receipt of data for requests pursuant to Article 7 of 2008 Council Decision or that Article as applied by 2009 Agreement with Iceland and Norway

79C. (1) The Central Authority shall record, in accordance with subsection (2), the supply and receipt of data

(a) in the case of requests under section 77, and

(b) in the case of requests referred to in section 78,

that are made pursuant to Article 7 of the 2008 Council Decision or that Article insofar as it is applied by Article 1 of the 2009 Agreement with Iceland and Norway.

(2) The recording of the supply and receipt of data under subsection (1) shall be in a permanent legible form or be capable of being converted into a permanent legible form and shall include the following particulars in relation to the data:

(a) a description of the data supplied or received;

(b) the reason for the request concerned;

(c) the date the data were supplied or received;

(d) the name or reference code of the Central Authority and the name or reference code of the appropriate authority within the meaning of section 77 concerned or of the authority which supplied or received the data, as the case may be.

(3) Records created under this section may be used only for the purposes of monitoring data protection and ensuring data security.

(4) The Central Authority shall

(a) retain the records created under this section for a period of 2 years from the time of their creation, and

(b) immediately after that period, destroy those records.

(5) Whenever requested to do so by the Data Protection Commissioner, the Central Authority shall furnish the records created under this section to the Data Protection Commissioner as soon as practicable, but in any event not later than 4 weeks, after the receipt of a request to do so.

(6) The Central Authority shall

(a) using the records created under this section, carry out random checks on the lawfulness of the supply and receipt of data,

(b) retain the results of those random checks for a period of 18 months from the time that they were carried out for the purposes of inspection by the Data Protection Commissioner, and

(c) immediately after that period, destroy those results.

(7) A data controller F91[or, as the case may be, controller] who supplies or receives data

(a) in the case of requests under section 77, or

(b) in the case of requests referred to in section 78,

that are made pursuant to Article 7 of the 2008 Council Decision, or that Article insofar as it is applied by Article 1 of the 2009 Agreement with Iceland and Norway, shall furnish such of the particulars specified in subsection (2) in relation to those data as the data controller F91[or, as the case may be, controller] has, as soon as reasonably practicable, to the Central Authority for the purposes of enabling the Central Authority to comply with this section.

(8) In this section "reference code", in relation to the Central Authority or other authority, means the reference code that is assigned to the Central Authority or that other authority, as the case may be, for the purposes of the 2008 Council Decision or the 2009 Agreement with Iceland and Norway.]

Annotations

Amendments:

F90

Inserted (20.11.2015) by Criminal Justice (Forensic Evidence and DNA Database System) Act 2014 (11/2014), s. 135, S.I. No. 508 of 2015.

F91

Inserted (25.05.2018) by Data Protection Act 2018 (7/2018), s. 208(b), S.I. No. 174 of 2018.

Editorial Notes:

E27

The section heading is taken from the amending section in the absence of one included in the amendment.