Privacy issues persist with Eircode postcode system

Data Protection Commissioner confirms there are outstanding concerns over scheme

Minister for Communications Alex White. Photograph: Dara Mac Dónaill/The Irish Times
Minister for Communications Alex White. Photograph: Dara Mac Dónaill/The Irish Times

A number of data protection issues are still outstanding in relation to the new postcode system Eircode, the Data Protection Commissioner confirmed.

The system, officially launched last month, cost €27 million to introduce but will not be compulsory.

Eircode has issued letters to every house in the country with a unique postcode for the address.

Each code consists of seven digits with the first three referencing an area and the other four digits corresponding to a particular address.

READ MORE

A privacy impact assessment prepared for Minister for Communications Alex White ahead of the launch of Eircode "strongly" advised him to adopt the "precautionary approach" that there was a case for handling Eircodes in accordance with data protection legislation.

Mr White brought forward an amending piece of legislation to specifically protect the Eircode as a piece of personal information, but communications to individual householders do not emphasise this aspect of the code.

Experts consulted for the privacy assessment, which was published on the department’s website, said it was possible that information about unique addresses would be disclosed to organisations that had not previously had routine access to a person’s address information.

“Some of this information may be considered sensitive personal data,” the study said.

Assessing the risk to individuals from Eircodes, the report said it had found it “hard to unearth evidence that data controllers (organisations) would be tempted to process Eircodes unfairly”.

It said the potential impact of a body having an “uncertain legal basis” for processing someone’s Eircode was a problem at the “irritant level” for individuals.

But in the event of any inconvenience relating to a person’s sensitive data, they “may be angry rather than irritated”.

“Regulatory action would be likely, and there is a risk of negative media coverage.”

Marketing profiles

The June 2015 privacy assessment also said it was “unlikely that citizens currently fully appreciate the extent to which their personal information is used by organisations that create marketing profiles”.

The privacy assessment noted the Department of Communications had been involved in exchanges with the commissioner on Eircodes since 2006.

The commissioner has previously asked whether there had been any consideration given to imposing similar prohibitions on direct marketing using Eircodes as has been imposed on the use of email and text messaging.

In October, the commissioner wrote to the department stating that individuals “must be on notice” that where they disclose their Eircode they have disclosed their specific address and “not just a non-specific address that specifies their location to within, say, 30 buildings”.

In a statement, the Data Protection Commissioner said "a very small number of individuals" had contacted it regarding their name appearing on the Eircode where they were or had been a sole trader.

“This office raised the issue with Eircode who undertook to remove the names.”

It understood this process had now been completed. It continued to engage with Eircode “in relation to a number of data protection issues”.

The department expects the roll-out of Eircodes to have economic and social benefits.

But the Irish Fire and Emergency Services Association has raised concerns about the code system, and the Freight Transportation Association and DHL have said they will not use it.

Currently, the Eircode system is not compatible with GPS devices or Google Maps and up to 50,000 Irish place names were inaccurate or missing, according to Conradh na Gaeilge .