Memorandum of Understanding between the CSO and Transport Infrastructure Ireland

Memorandum of Understanding between the Central Statistics Office and Transport Infrastructure Ireland in relation to provision of Traffic Monitoring Unit Data

List of abbreviations
Definitions of Terms
Establishment of the Parties
The Role of the Parties
Context and background
Purpose of the Memorandum of Understanding
TIIData
Responsibilities of each Party
Legal background
Data transfer, security and data storage
Joint Liaison Group
Duration and Review of the Memorandum of Understanding

This Memorandum of Understanding (MoU) is made on the 24^th day of November 2023 between The Central Statistics Office (CSO), Skehard Road, Cork, T12 X00E and Transport Infrastructure Ireland (TII), Parkgate Business Centre, Parkgate Street, Dublin 8.

List of Abbreviations

Transfer and processing of the data shall be done in accordance with the Statistics Act, 1993, the 2018 Act, the GDPR, EU law and in accordance with the CSO’s Code of Practice, in particular its protocol on data matching where one or more datasets originate from outside of the CSO. 

Definitions of Terms

Establishment of the Parties

The CSO was established in 1949 and became a statutory body in 1994, under the Statistics Act, 1993 (the ‘Act’).

The National Roads Authority (NRA) was established in 1994 to provide central management for Ireland's national road network, while the Railway Procurement Agency (RPA) was founded in 2001 to arrange for new light rail and metro projects.  The RPA was merged into the NRA under the Roads Act, 2015, and the body was operationally named, and publicly rebranded, as TII.

The Role of the Parties

The functions of the CSO are set out in the Statistics Act, 1993.  In particular Section 10 states that the functions of the Office are the collection, compilation, extraction, and dissemination for statistical purposes of information relating to economic, social, and general activities and conditions in the State.  The CSO has the authority to co-ordinate official statistics compiled by public authorities to ensure, in particular, adherence to statistical standards and the use of appropriate classifications and has the authority to assess the statistical potential of the records maintained by public authorities and to ensure that the potential is realised.  Furthermore, the CSO has legal obligations regarding the development, production, and dissemination of European statistics under Regulation 223/2009.

TII exists to fulfil an important purpose of national strategic significance, touching the lives of citizens and visitors alike daily. Their purpose is to provide sustainable transport infrastructure and services, delivering a better quality of life, supporting economic growth, and respecting the environment.

Context and background

In February 2023, the Chief Executive Officer of TII received a request from the Director General of the CSO, in accordance with Section 30 of the Statistics Act, 1993, to provide traffic count data to the CSO (the ‘2023 Request’). Section 30 of the Statistics Act, 1993 gives a statutory power to the CSO to deliver a notice of request to any public authority to allow the CSO access to or copies of any records in its charge.

TII was established following the statutory merger of the NRA and the RPA under the Roads Act, 2015. The legal basis for TII’s collection and use of information is that such processing is necessary for TII to comply with its legal and regulatory obligations and for TII to carry out its tasks in the public interest and/or in the exercise of official authority.

Traffic counters provide information on the volume of traffic by hour of day and vehicle class, i.e., motorcycle, car, goods vehicles distinguished by number of axles etc. with up to twelve vehicle classes being identified. Vehicles are detected by passing over loops embedded in the road surface. It is possible from the data collected to establish the vehicle profiles and the various vehicle classes involved.

It is an extract of this data (the ‘Data’), as sought in the 2023 Request and agreed between the CSO and TII, that will be provided to the CSO.

This MoU set out arrangements in respect of the provision of the Data from TII to the CSO.

Purpose of the Memorandum of Understanding

The purpose of this MoU is to clarify the roles, as well as the areas of cooperation between, CSO and TII with regard to the transmission and use of the Data. The agreement will contribute to enhanced statistical outputs by the CSO.

This agreement is an MoU and is not intended to create binding or legal obligations on either Party. The MoU is entered into on the understanding that it is subordinate to the relevant legislation, set out below under ‘Legal Background’ governing each Party.

This MoU also sets out a shared understanding of the parties in relation to data protection issues that may arise and roles relating to the compilation, transfer, and use of this data.  The processing of personal data of data subjects is governed by the Statistics Act, 1993 and the Data Protection Act, 2018 (the ‘2018 Act’) and the GDPR.

The Data

TII acknowledges the request from the CSO, in accordance with Section 30 of the Act, to provide traffic count data to the CSO and will provide that data, in so far as it is compatible with relevant legislation.

TII and the CSO, as compilers of statistics, have obligations under their respective legal frameworks in the production of official statistics.  Both organisations ensure close cooperation and appropriate coordination in the production of traffic count analysis.  TII is responsible for the compilation of summary traffic count statistics. Those count data are based on traffic monitoring units (TMUs).  TII’s network of TMUs were installed for the purpose of road planning and road management.  Outages at TMUs inevitably occur from time, necessitating maintenance and associated down time when data may not be available for a period of time.  The CSO acknowledges those limitations.  TII is responsible for submitting the data to the CSO through an Application Programming Interface (API) on a regular basis.  The CSO is responsible for the analysis of the traffic count data and for the distribution of the findings on the CSO website.

The CSO shall ensure that all Data requested is necessary and proportionate, having regard to the statistical outputs to be produced.  The CSO will notify TII of its intention to publish statistical outputs using the Data.

TII will notify the CSO of any data quality issues relating to the Data.

Responsibilities of each Party

The controller for personal data is TII.  When the data is transferred to the CSO, the CSO becomes the controller for the data file it holds.  TII remains the controller for the data file it holds. It follows then that it is the responsibility of the CSO to report any Breach relating to the data it holds.

In the event of a Breach relating to data the CSO will inform the Data Protection Officer of TII and also inform TII of the Breach through the Joint Liaison Group (JLG).  This notification will be made within 24 hours.  In addition, the CSO will refer to their own Breach procedures and may report the Breach to the Data Protection Commission as appropriate.  TII will not be held responsible for any loss, damage, or injury caused as a result of such a Breach. 

In the event of a Breach relating to data held by the CSO, the CSO will inform TII through the JLG, in advance, of any decision to issue a public statement in relation to the Breach.  Similarly, TII will inform the CSO through the JLG, in advance, of any decision to issue a public statement in relation to the Breach.  

TII will not provide additional data or operational support in respect of the notification of data subjects in the event of a Breach relating to CSO data.

Legal Background

Transfer and processing of the data shall be done in accordance with the Statistics Act, 1993, the 2018 Act, the GDPR, EU law and in accordance with the CSO’s Code of Practice, in particular its protocol on data matching where one or more datasets originate from outside of the CSO. 

 The transfer and processing of the data is covered by, inter alia, the following provisions:

• Section 10(1) of the Act, concerning the functions of the CSO in the collection, compilation, extraction, and dissemination for statistical purposes of information relating to economic, social, and general activities and conditions in the State;
• Section 10(2) of the Act, concerning the authority of the CSO as regards co-ordination of official statistics compiled by public authorities and in ensuring, in particular, adherence to statistical standards and the use of appropriate classifications;
• Section 10(3) of the Act, concerning the authority of the CSO to assess the statistical potential of the records maintained by public authorities and, in conjunction with them, to ensure that this potential is realised;
• Section 13 of the Act, concerning the statistical independence of the Director General of the CSO;
• Sections 30 and 31 of the Act, concerning the use of the records of public authorities for statistical purposes;
• Sections 32 and 33 of the Act, concerning the protection of information;
• Article 6(1)(e) of the GDPR, concerning processing necessary for the exercise of official authority vested in the controller;
• Article 89 of the GDPR, concerning safeguards and derogations relating to processing for statistical purposes, and;
• Section 42(1)(c) of the 2018 Act, concerning processing for statistical purposes.

Data Transfer, Security, and Storage

The Data is automatically processed and made available via the API twice daily by TII.  The API allows the data to be accessed and downloaded on a schedule determined by the CSO.  A complete transmission timetable, including transfer methods will be agreed between TII and CSO.  This transmission timetable will be updated by agreement between TII and CSO to account for future changes in traffic count technology.  The Data will be retained, securely stored, and processed by the CSO in accordance with CSO and Administrative Data Centre policies. 

TII will provide the CSO with the data in an agreed format.  Changes to the format will be agreed between CSO and TII via the JLG.  Information on data formats and delivery frequency shall be provided by TII in respect of the data files schedule. In accordance with CSO policies on the control of data the CSO will not copy this data onto removable media (including laptop computers) unless appropriate security provisions are in place (i.e., encryption and password access) and there is an agreed business need to do so, in which case the CSO will inform TII of such need via the JLG.

Joint Liaison Group

A TII and CSO JLG will be convened, in accordance with the CSO’s standard Data Governance Framework.  The JLG will oversee the data sharing as agreed between the parties and summarised in this MoU. 

The Terms of Reference (ToR) for the JLG will be agreed between TII and the CSO.  The ToR will cover, amongst other things, membership of the JLG, frequency of meetings and scope of the JLG.  Changes to the ToR must be jointly agreed by both parties.

Duration and Review of the Memorandum of Understanding

This MoU will be published on the CSO website (www.cso.ie) and TII website (www.tii.ie).

This MoU will remain in force until a new one is entered into or either the CSO or TII revoke it.  Depending on events, this MoU may be amended, subject to the mutual agreement of TII and CSO.

This MoU will be reviewed biennially by both TII and the CSO.  Any changes to the MoU shall only be made with the mutual agreement of TII and CSO.