GDPR investigation begins after a filmmaker’s name is misspelt

The Irish Data Protection Commission (IDPC) is looking into a potential breach of GDPR standards, after a filmmaker filed an official complaint for the misspelling of his name.

The director at the centre of what may be a landmark case, Ciarán Ó Cofaigh, claims the EU’s new data laws provision individuals with the legal right to have their name correctly spelt.

Mr Ó Cofaigh reported the Health Service Executive (HSE) in Ireland to the country’s data regulator, after he was told by doctors at the University of Galway that they would be unable to use ‘síneadh fada’ when writing his name.

The complaint has been filed under GDPR’s Article 16, which permits individuals to rectify information about themselves which they feel is incorrect. Organisations holding such information are required to amend and update immediately.

The argument presented by Mr Ó Cofaigh, is that his name has to be written with the fada – an acute accent used to denote an elongated vowel, and that failure to do so constitutes an inaccurate recording of data.

The 51-year-old has also made similar complaints against the Bank of Ireland and its subsidiary, New Ireland Assurance, the Irish Examiner reports.

Speaking to the Irish Examiner, Mr Ó Cofaigh explained that fadas on Irish names are “not an optional extra or a pretentious affectation.

“They are a central, functional element of a person’s proper name. My name without a fada isn’t my name,” he said.

“I’m tired and fed up with the hypocrisy of the State and its odd relationship with the language. They claim it is important yet when it comes to the nitty gritty, it is of no importance,” Mr Mr Ó Cofaigh continued.

The IDPC is now looking into the issue, and has called in Ireland’s Language Commissioner, as well as European regulators to assist in getting a handle on the intricacies of the case.

A spokesperson for the IDPC said:

“We are examining the issue around fadas as published in some of today’s media. The examination into the issue is ongoing.”

The case could hold grave ramifications within the broader picture of data protection both in the EU and worldwide, and may throw up many obstacles as companies across private and public sectors seek to correctly update the spellings and name constructions of data subjects.

If a violation is deemed to have taken place, companies may have to conduct thorough database audits to establish accuracy, and take measures to update software so that compatibility with letter characters can be guaranteed.

Speaking to the IT Pro website, an HSE spokesperson said that Ciarán Ó Cofaigh’s name could not be recorded accurately because current technologies do not provision for the Irish language’s fada in every location.

“The HSE accepts that the síneadh fada is not an optional extra that may be inserted or omitted at random or as one chooses; it is a central component of the structure of the language,” the spokesperson said.

“A síneadh fada, which is necessary to spell words properly, is an integral part of a person’s given name and surname in Irish. The HSE is taking steps to ensure that, where it is possible, new software will have the capability to input the síneadh fada.”


PrivSec Conferences will bring together leading speakers and experts from privacy and security to deliver compelling content via solo presentations, panel discussions, debates, roundtables and workshops.

For more information on upcoming events, visit the website.

We have been awarded the number 1 GDPR Blog in 2019 by Feedspot.