Data Sharing and Governance Act 2019



12. (1) This Act shall not apply to data-sharing for the purposes of—

(a) the prevention, detection or investigation of offences,

(b) the apprehension or prosecution of offenders,

(c) the imposition or execution of a fine or sentence of imprisonment,

(d) the exercise of the functions of the Criminal Assets Bureau,

(e) protecting the security of the State including, but not limited to, the following:

(i) preventing, detecting and investigating offences under the Offences against the State Acts 1939 to 1998, the Criminal Law Act 1976, the Criminal Justice (Terrorist Offences) Act 2005 and the Criminal Justice (Money Laundering and Terrorist Financing) Act 2010;

(ii) protecting the State from—

(I) espionage,

(II) sabotage,

(III) unlawful acts that subvert or undermine, or are intended to subvert or undermine, parliamentary democracy or the institutions of the State, and

(IV) acts of foreign interference that are, or are intended to be, detrimental to the interests of the State and are clandestine or deceptive or involve a threat to any person,

whether directed from, or committed or intended to be committed within, the State or not,

(f) identifying foreign capabilities, intentions or activities within or relating to the State that impact on the international or economic well-being of the State,

(g) co-operating with authorities in other states and international organisations aimed at preserving international peace, public order and security,

(h) the defence of the State, or

(i) the international relations of the State.

(2) Subject to Part 5, this Act shall not apply to the disclosure by a public body to another public body of the personal data of a data subject for the internal administrative purposes of the first or second mentioned public body.

(3) The reference in subsection (2) to internal administrative purposes includes a reference to purposes relating to the employment of the data subject concerned.