Courts Data Protection Notice

Information about the ways in which the Courts Service collects and uses personal data is available via a Privacy Statement.

Personal data is any information about a living person that can be used to identify that individual.

This data protection notice sets out details of how personal data is processed by or on behalf of the courts of Ireland as data controllers when they are acting in a judicial capacity, that is the performance by the courts of their judicial functions under the Constitution and the law.

About the Courts

The courts of Ireland include the Supreme Court, the Court of Appeal, the High Court, the Circuit Court, the District Court and Special Criminal Courts. In this data protection notice these courts are collectively referred to as the ‘courts’, and references to ‘data subjects’ are references to the individuals whose personal data is processed by the courts. Any queries in relation to such processing should be sent to the office of the court concerned.

Contact details of court offices are available here.

Personal Data Processed by the Courts

The courts process a broad range of personal data, which can include names and contact information but also information which may be detailed and sometimes highly sensitive concerning, for example: racial or ethnic origin, political opinions, religious beliefs, trade union membership, genetic or biometric data, health data. 

The categories of personal data that are processed by the courts depend on the nature of the proceedings concerned (for example: criminal or civil proceedings), the content of pleadings (for example, a bankruptcy petition and an application for custody) and other court documents lodged, exchanged or issued in connection with, and of evidence given and submissions made in, those proceedings.

Sources of Personal Data

The courts receive personal data in the context of court proceedings from a number of different sources.  These sources include:

• Parties to proceedings (a plaintiff, a defendant), or their legal advisors;
• A witness giving evidence before the court
• A person who is not a party to proceedings, but who is required to provide discovery (a pre-trial procedure); and
• Other publicly available information (for example from other reported cases).

The types of personal data received by the courts, and the consequences of the provision of personal data or failure to provide such data, will depend on the general law, the rules of evidence and the rules of court.

Data Controller

Each court concerned is a data controller within the meaning of Data Protection law, the General Data Protection Regulation (“GDPR”) and the Data Protection Act 2018, in respect of personal data processed by or for courts when acting in a judicial capacity

Purposes of Processing and Legal Basis

Personal data are processed by and on behalf of the courts for the following purposes:

• Performance by the courts of their judicial functions under the Constitution;
• Purposes connected with the administration of justice, including the publication of a judgment or decision of a court, or of a list or schedule of proceedings or hearings in proceedings; and
• Purposes connected with the efficient management and operation of the courts and statistical analysis.

The legal basis for the processing of personal data by the courts is provided for in the Constitution, by statute (for example, the Courts of Justice Acts 1924 as amended, the Courts (Supplemental Provisions) Acts 1961 as amended and, in the case of a Special Criminal Court, Part V of the Offences against the State Act 1939, as amended), and otherwise by law.

Further processing for statistical analysis purposes will be subject to technical and organisational measures in order to ensure respect for the principle of data minimisation. The courts do not permit data held by them to be used by third parties for marketing or other commercial purposes.

Recipients of Data

Personal data that is contained in court records can be made available to people and organisations that are entitled or permitted to access court records.  For example:

• A party to the proceedings concerned, or that party’s legal representative;
• Members of the press or broadcast media that have sufficiently proof of their status for the purpose of facilitating the fair and accurate reporting of a hearing in the proceedings;
• Members of the public. In accordance with the requirements of the Constitution, proceedings are generally held in public save in such special and limited cases as may be prescribed by law. This means that information that is disclosed in a court will be heard by those in attendance;
• Other third parties for whose involvement provision is made by statutes, court rules, or practice. Court records are transferred to the National Archives in the manner described below.

Personal data contained in a judgment or decision of a court, or a list or schedule of proceedings or hearings (for example, the legal diary) is generally made accessible to the public, in accordance with the constitutional requirement that proceedings be generally held in public save in such special and limited cases as may be prescribed by law (see Art 34 of the Constitution).

The courts also require the assistance of third parties in order to operate, including that of the Courts Service and other service providers (e.g. IT service providers). These third parties will have access to personal data that is processed by the courts in the provision of their services.

Transfers Abroad

The courts may in certain circumstances where this is permitted by law (for example in matters of judicial co-operation and criminal justice mutual assistance and whether the transcription of digital audio records of proceedings is carried out in a third country) transfer or have transferred on their behalf personal data outside the European Economic Area, including to jurisdictions which are not recognised by the European Commission as providing for an equivalent level of protection for personal data as is provided for in the European Union. 

Further details are available from: The Data Protection Officer, The Courts Service, 15/24 Phoenix Street North, Smithfield, Dublin 7. 

Retention

Personal data processed by or on behalf of courts are retained for as long as necessary to enable the courts to perform their functions under the Constitution and law, to ensure the administration of justice and to facilitate the efficient management and operation of the courts.

Personal data contained in court records which are “departmental records” for the purposes of the National Archives Act 1986 (for example: books, papers, files, sound recordings, magnetic tapes, optical or video discs, and other machine-readable records and other documentary or processed material) may be retained and preserved in accordance with the National Archives Act 1986. In such case, the National Archives will be the controller of the personal data contained in the retained court records.

See the National Archives website for more information.

Data Subject Rights

Personal data will be processed by or on behalf of the courts in accordance with the data protection principles as set out in the relevant Data Protection law, in essence, the General Data Protection Regulation (“GDPR”) and the Data Protection Act 2018.

Due to the requirement to protect judicial independence and safeguard court proceedings, the rights that data subjects have, in relation to the processing of their personal data by and on behalf of the courts are restricted by the Data Protection Act 2018 and Rules made under that Act in relation to the restriction of data subject rights when courts act in their judicial capacity (see Data Protection Act 2018 Rules).

Restrictions to the following rights are founds in the Rules:

• Right to information – the right to information regarding the processing of personal data by or on behalf of the courts is confined to the making of such information publicly available by way only of this general notice, or further or amending notices, published on the Courts Service website on behalf of the courts in their capacity as data controllers;
• Right of access - the right to request access to personal data contained in a court record is confined to the circumstances where statute or Rules of court or the practice of the court so permit.
• Right to rectification - the right to request rectification of personal data contained in a court record is confined to the circumstances in which such right is available to a party to the proceedings concerned in accordance with Rules of court and may be exercised only by the means available to such party to request rectification of a court record (including generally, by application to the relevant court under rules of court).

A data subject seeking access to material comprised in a court record should apply to the office of the court concerned. Contact details of court offices are available here.

A data subject seeking access to any part of a note or recording made of proceedings must make a formal application to the court concerned, subject to and in accordance the relevant Rules of court. The procedure for making such an application is set out in the rules for the different court jurisdictions:

• Order 123, rule 9 of the Rules of the Superior Courts
• Order 67A, rule 8 of the Circuit Court Rules
• Order 12B, rule 5 of the District Court Rules.

A data subject seeking the rectification of allegedly inaccurate personal data contained in a judgment or order of the court may do so only by making formal application to the court, subject to and in accordance with the relevant rules of court. The procedure for making such an application is set out in the rules for the different court jurisdictions:

• Order 28, rule 11 of the Rules of the Superior Courts
• Order 65, rule 3 of the Circuit Court Rules
• Order 12 rule 16 and Order 4E rule 3 of the District Court Rules

Complaints

While the Data Protection Commission (“DPC”) is generally responsible for supervising, monitoring and enforcing data protection law in Ireland, the DPC’s functions do not extend to the supervision of the processing operations of courts acting in a judicial capacity.  Instead, under Section 157 of the Data Protection Act 2018 a judge assigned by the Chief Justice (referred to as the ‘Assigned Judge’) is responsible for the supervision of data processing operations of courts when acting in their judicial capacity

Data subjects may lodge a complaint with the Assigned Judge if they are not satisfied with the manner in which their personal data has been processed by or on behalf of the courts.  Further details of how to make a complaint are available here..