The Data Protection Commissioner (DPC) has been asked to investigate how Irish Bank Resolution Corporation documents were used in a court case being taken by businessman Denis O'Brien.
Mr O’Brien has complained previously that his personal banking details were leaked to third parties in a manner suggesting they had been stolen and that this was an unacceptable invasion of his privacy.
However, it emerged during Mr O'Brien's recent and successful effort to have Declan Ganley joined as a co-defendant in a case taken by Mr O'Brien against PR company Red Flag Consulting, that the businessman's solicitors were using IBRC documents which, in the view of the bank's liquidator, breached banking confidentiality.
The documents relate to an affidavit sworn by Tom Hunersen, a former employee of IBRC, on behalf of Mr O’Brien.
When Kieran Wallace and Eamonn Richardson, the IBRC joint special liquidators, became aware of Mr Hunersen's role in the Red Flag case, they had solicitors A&L Goodbody complain to Mr O'Brien's solicitors, Eames.
In a letter, Goodbody charged that Mr Hunersen’s affidavit contained information “which identifies and clearly references former clients of IBRC which are confidential and should not be disclosed”.
The problem was acknowledged by Mr O’Brien’s counsel, Michael Cush SC, who told the Ganley hearing: “Mr Hunersen’s former employer is saying: ‘You are revealing confidential information that you shouldn’t reveal in your capacity as a former employee.’”
Raised in Dáil
The issue was later raised in the Dáil by Social Democrat TD Catherine Murphy with Minister for Finance Paschal Donohoe.
The documents were furnished by a former executive of IBRC who has now sworn an affidavit in favour of the former debtor [Denis O'Brien]
In a written reply on March 27th, the Minister noted that IBRC lawyers had intervened. “They sought and obtained an undertaking that such documentation has now been returned and that the former employee has no further documentation in his possession relating to IBRC,” he said.
“The special liquidators further advised that they are not in a position to comment on the circumstances which led the former employee to provide an affidavit in the legal case. The special liquidators have, however, sought a further undertaking from the former employee that he will not provide any confidential information to any third party without seeking the consent of the special liquidators in advance. The special liquidators have confirmed that they are considering the matter further with their legal advisers.”
Ms Murphy said she was now referring what she described as a data breach to the DPC.
“The documents were furnished by a former executive of IBRC who has now sworn an affidavit in favour of the former debtor [Denis O’Brien],” Ms Murphy said in a statement. “It is clear that internal IBRC documents have been circulated for use in a court case which now involves the State. I believe it is important to understand how such a data breach occurred and with that in mind, I have written to the DPC asking her to exercise her powers under section 10 of the Data Protection Act to commence an investigation into what appears to be a data breach within IBRC and/or the liquidation process.”
IBRC's sale of Siteserv to Mr O'Brien is the subject of a commission of inquiry headed by Mr Justice Brian Cregan.
Separately, the DPC is investigating a complaint relating to how information with Dropbox, the online file-sharing service, relating to two Red Flag employees, who are defendants in the case taken by Mr O’Brien, was given to Mr O’Brien’s solicitors.