Official Statistics and Data Protection Legislation  

1.       Role of Official Statistics

The mandate and role of official statistics is defined in the UN Fundamental Principles of Official Statistics and in the European Statistics Code of Practice.  Both the UN Principles and the European Code identify the role of official statistics in a modern democracy as an impartial and accurate source of the information needed for decision-making.

The UN Principles and the European Code both recognise that the following are essential for the compilation of official statistics:

• Professional independence and impartiality of statistical authorities
• The right of statistical authorities to collect information in surveys and censuses
• The right of statistical authorities to use administrative records for the purpose of compiling statistics
• The obligation to respect statistical confidentiality – identifiable information may not be disclosed and the information may only be used for the compilation of statistics
• Respect for data providers – wherever possible, the burden on data providers should be kept to a reasonable minimum by utilising and linking existing data sources.

Statistical results are published in aggregate form and enable governments and citizens to make informed choices.  

 2.       Mandate and statutory functions of the Central Statistics Office

Mandate and functions

The Central Statistics Office (CSO) is established by Section 8(1) of the Statistics Act, 1993. Section 10(1) of the Act specifies the functions of the CSO as follows:

“The functions of the Office shall be the collection, compilation, extraction and dissemination for statistical purposes of information relating to economic, social and general activities and conditions in the State.”

Statistical purposes

In exercising its functions, the CSO obtains information from a wide range of sources.  Under the Statistics Act, the CSO’s mandate and the restrictions on use of information (Sections 10(1) and 32 of the Act) make it clear that the information collected by the CSO is used solely for statistical purposes.  It may not be used for any other purpose.

Statistical work programme

The CSO publishes a Statistical Work Programme on its website, which contains the list of statistical outputs and projects conducted by the Office.  This gives practical meaning to the functions described in Section 10(1):  

Independence

The Director General of the CSO has sole responsibility for and is independent in relation to the statistical methodology and professional statistical standards applied by the CSO, and the contents of statistical releases and publications, under Section 13 of the Act.  

Confidentiality and use of information for statistical purposes

Information obtained under the Statistics Act is strictly confidential, under Section 33 of the Statistics Act, 1993.  It may only be accessed by Officers of Statistics, who are required to sign a Declaration of Secrecy under Section 21. 

The CSO only publishes aggregate statistical data; statistical tables and results may not, and do not, disclose details relating to any identifiable person or business.

The full suite of legal protections accorded to data providers is set out in Part V of the Statistics Act, 1993.

Co-ordination

Under Section 10(2) of the Statistics Act, 1993 the CSO has the authority to co-ordinate official statistics compiled by public authorities to ensure, in particular, adherence to statistical standards and the use of appropriate classifications.  Under Section 10(3) the CSO has the authority to assess the statistical potential of the records maintained by public authorities and, in conjunction with them, to ensure that the statistical potential is realised. 

Under Section 31 of the Act, the Director General of the CSO may request any public authority to consult and co-operate with him for the purpose of assessing the potential of the records of the authority as a source of statistical information and, where appropriate and practicable, developing its recording methods and systems for statistical purposes.  Public authorities must comply with such a request and must also consult the CSO if they propose to introduce, revise or extend their information systems or plan to conduct a statistical survey.

 3.       Legal mandate to collect data

The CSO collects data under Sections 24, 26 and 30 of the Statistics Act, 1993: 

• Section 24 relates to voluntary surveys or censuses.
• Section 26 relates to compulsory surveys or censuses (i.e. where a Ministerial Order made under Section 25 specifies that the statistics must be provided to the CSO).
• Section 30 enables the CSO to have access to the records of public authorities for statistical purposes.

Traditionally, most of the statistics compiled by the CSO have been based on surveys and censuses – i.e. on information collected under Sections 24 and 26 of the Statistics Act.  However, the CSO is making increasing use of administrative records to reduce costs, to reduce the imposition of surveys on data providers, and to produce new statistical analysis and outputs. 

This increasing use of administrative sources for statistical purposes is founded on the powers of access under Section 30 of the Statistics Act and the provisions for co-ordination in Sections 10(2), 10(3) and 31.

The shift from survey collection to greater use of existing data sources is not unique to Ireland.  This is reflected in EU legislation on official statistics: In 2015, the basic EU regulation on European Statistics was amended to enable greater access to administrative data sources for statistical purposes (Article 17a of Regulation 223/2009 as amended by Regulation 2015/759).

Worldwide, official statisticians are making increasing use of administrative data and “big data”.  In some EU Member States (e.g. the Nordic countries, the Netherlands) the national statistical system relies almost exclusively on administrative data sources.  In these states, data protection law derives from the same EU data protection requirements, i.e. the General Data Protection Regulation (GDPR).

The principles relating to the processing of personal data in the GDPR recognise the secondary use of data for statistical purposes: 

Article 5.1.b. :  “further processing for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes shall, in accordance with Article 89(1), not be considered to be incompatible with the initial purposes (‘purpose limitation’)".

Section 6 of this note gives further details of the safeguards applied by the CSO in relation to all data collected for statistical processing, including data from administrative sources.

Statistical results are aggregates: tables of statistics do not disclose identifiable information about any individual and they cannot be used “in support of measures or decisions regarding any particular individual”. 

4.   Statistics and the GDPR

Data protection law places an emphasis on lawful processing and appropriate security. These requirements apply equally to statistical processing of personal data. 

The use of information for statistical purposes only, as required by Section 32 of the Statistics Act, reflects the collected for specified explicit and legitimate purposes requirement of the GDPR.  The information is only used for the purpose for which it was obtained, i.e. the processing of statistics.

The GDPR recognises the special position of National Statistical Authorities.  Recital 163 states: 

“The confidential information which the Union and national statistical authorities collect for the production of official European and official national statistics should be protected. European statistics should be developed, produced and disseminated in accordance with the statistical principles as set out in Article 338(2) TFEU, while national statistics should also comply with Member State law. Regulation (EC) No 223/2009 of the European Parliament and of the Council (2) provides further specifications on statistical confidentiality for European statistics.”

The CSO adheres fully to this code of confidentiality.

Under the GDPR (Article 5) data must be processed

• Lawfully, fairly and in a transparent manner.
• Collected for specified explicit and legitimate purposes. 
• Adequate relevant and limited to what is necessary.
• Accurate, and where necessary kept up to date.
• Kept in a form that permits identification of data subjects for no longer than necessary.
• Processed in a manner that ensures appropriate security of the personal data.

The GDPR recognises the use of data for statistical purposes where appropriate safeguards are in place and includes the following specific provisions relating to statistics: 

• It allows the further processing and retention of data for statistical purposes, where the data was originally obtained for another purpose. This applies, for example, to the use of administrative data to compile official statistics.  Article 5(1)(b) of the GDPR.

• It allows special categories of personal data to be processed for statistical purposes under Article 9(2)(j) of the GDPR.

• It provides an exemption, in respect of statistical processing, from the obligation to inform the data subject about the use of the data obtained indirectly from other sources (where providing the information would be impossible or involve disproportionate effort or where there is an EU or member state law obligation for the controller to obtain/disclose the information); Articles 14(5) (b) and 14(5) (c) of the GDPR. 

• The right of erasure under section 17 does not apply (Article 17.3.d) where the data is collected for statistical purposes in accordance with Article 89(1) if this would be likely to render impossible or seriously impair the achievement of the objectives of that processing.

• The data subject’s right of access (Article 15), rectification (Article 16), restriction of processing (Article 18) or right to object (Article 21) does not apply in certain circumstances where the data are kept for statistical purposes in accordance with section 89(1) and Section 58(2) of the Data Protection Act 2018 (see Section 6 below for safeguards). 

  5.       How the CSO upholds the principles of Data Protection

At the heart of data protection is the protection of fundamental rights and freedoms of data subjects – i.e. rights of individual persons.  In every step of processing data for statistical purposes, the CSO aims to uphold these rights.

In particular, this means the following:

• Lawfully, fairly and in a transparent manner:  All information obtained under the Statistics Act will be used for statistical purposes only.  It will not be used for any other purpose.  Guaranteed by law under Section 10(1) and Section 32 of the Statistics Act, 1993. 

• Collected for specified explicit and legitimate purposes: All data collected is for the sole purpose to meet the EU and National statistical requirements. 

• Confidentiality: All information obtained for statistical purposes is treated as strictly confidential and may only be accessed by Officers of Statistics.  Statistical results may not disclose details of any identifiable person or business.  Guaranteed by law under Section 33 of the Statistics Act, 1993.  

• Transparency: On the CSO website, we provide information about the statistics we produce, the statistical sources and methods used by the CSO, and how we use administrative data sources: 

• CSO publishes and regularly updates its Statistical Work Programme which contains the list of statistical outputs and projects conducted by the Office.
• CSO will continue to implement the Data Matching Protocol and publish on its website a Register of Data Matching Projects.
• CSO’s General Data Protection Transparency Notice outlines our commitment to the GDPR.  
• Detailed metadata is available on all our statistical products.  These are, in effect, transparency notices.  In addition there is full background information available.  See link to webpage:  http://www.cso.ie/en/methods/  

• Necessity and proportionality: The CSO must produce a wide range of statistics while minimising the burden on citizens of completing surveys and the cost to the taxpayer.  Our aim is to ensure that the data obtained by CSO is necessary and proportionate, having regard to the statistical aggregates which need to be produced.  To this end we ensure: 

• Continuous engagement with public authorities under Sections 31 and 30 of the Statistics Act.
• Formal assessment processes in relation to necessity and proportionality for each source of personal data used in the production of statistics.
• Privacy risk assessment for each stage of statistical collection and processing of personal data, using the UN Generic Statistical Business Process Model (GSBPM) as a standard template.
• Implementation of data lifecycle: Information will be deleted when no longer needed for statistical production.
• Continuous review of the data sources used for statistics, to reduce the burden of surveys and censuses and to identify potential to re-use existing data sources. This includes the continuous review of the potential of administrative data sources to meet new needs for statistics or to produce estimates more efficiently.  It also includes the use of Big Data for the same purposes.  The CSO is committed to complying with the Statistics Act 1993, GDPR and Data Protection Act 2018 in its use for statistical purposes of these data sources.  

• Safeguards: The CSO implements a comprehensive set of safeguards to ensure the security and good governance of the data entrusted to the CSO, as set out in Section 6 below. 

 6.       Safeguards in place to protect data collected by the CSO

Confidentiality is a core value of the CSO.  The Office places a very high value on its obligation to respect statistical confidentiality and has put an extensive system of safeguards in place to protect the data which the Office receives.

Legal: All information obtained by the CSO under the Statistics Act is strictly confidential and may only be used for statistical purposes.  This is specified in Sections 32 and 33 of the Act; any breach of those sections is an offence subject to significant penalties.

Personnel: All staff of the CSO are Officers of Statistics under the Statistics Act 1993 and have signed a Declaration of Secrecy under the Act.  The data provided to the CSO may only be processed by Officers of Statistics and only for statistical purposes.  All staff must attend regular training on statistical confidentiality and data security, including mandatory refresher courses.

Governance: The CSO’s governance structure for data protection comprises: the Confidentiality and Data Security Committee (CDSC) which reports to the Management Board; the Data Protection Officer at Assistant-Director level who oversees compliance with statistical confidentiality and data protection requirements; and the Data Office which provides support in relation to policies, awareness, training and compliance.

Data Office: The CSO’s Data Office has the pivotal role of managing policies in relation to data protection and statistical confidentiality, promoting awareness, providing training, and assuring compliance.  The Data Office provides advice to CSO statistical areas on all issues related to data protection and statistical confidentiality.

Policies: The CSO has a comprehensive suite of policies in relation to roles, responsibilities and corporate rules in relation to statistical confidentiality, data security and data protection.  These policies are consolidated into a single Data Management Policy, which is a central reference point for all statistical processing.

Data Classification Scheme:  This is a corporate confidentiality classification system that allocates a confidentiality level (A to D) to all data held by the CSO.  Detailed management rules and procedures are assigned depending on the level given. Statistical micro-data has the highest level of security (A) and the strictest rules and procedures with regard to processing of the data.

Access to statistical data: All access to statistical data is restricted and limited to relevant staff that have a legitimate business reason for that access. This access is monitored on an ongoing basis.

Access limitations: Staff access to CSO buildings is controlled electronically.  Visitors to the CSO must be signed in and accompanied at all times.

IT Security: Staff access to IT systems is password-controlled.  Staff only have access to the data or systems relevant to their work and these access rights are regularly reviewed.  The IT systems and hardware are thoroughly protected by firewall and anti-virus security.  No external access is allowed.

Tables and publications: The CSO implements thorough Statistical Disclosure Control procedures to ensure that the tables and reports it publishes do not identify any individual or business. 

Administrative Data Centre: Administrative data received by the CSO is transmitted via a secure IT link to the CSO’s Administrative Data Centre (ADC).  In the ADC, identifying details such as name, address, date of birth, PPSN are then pseudonymised by Statisticians who work in this area.  All data received by the CSO is used exclusively for statistical analysis.  

Data Lifecycle: When survey forms or other data records are no longer required for statistical purposes, they are securely destroyed.  The only identifiable records retained by the CSO are Census of Population forms – under Section 35 of the Statistics Act, these become public records after 100 years.  All other forms are securely destroyed.

Data Linkage: All statistical projects that involve linkage between administrative data sources are subject to the CSO’s Data Linkage Policy and must meet a Privacy Impact Assessment.  The CSO publishes a register of all projects in which it links administrative data.

Formal Assessment Processes: The CSO undertakes a Data Necessity and Proportionality Assessment for each source of personal data used in the production of statistics.  In addition, the CSO undertakes a Privacy Risk Assessment for each stage of statistical collection and processing of personal data, using the UN GSBPM as a standard template. The aim of these two assessment processes is to identify risks at each stage and make sure that confidentiality and data protection are respected and well-managed at every stage of collecting and producing statistics. 

7.    Further information or assistance

For further information or assistance on matters relating to Official Statistics and Data Protection Legislation within the CSO contact:

Data Office, Central Statistics Office, Skehard Road, Cork, T12 X00E. Tel +353 (21) 453 5386