Bad news for privacy rights
The Smyth/McAreavey case has important implications for how we think about privacy rights – and indeed rights more broadly in this jurisdiction – and what repercussions should flow from breaches of these rights, writes Claire Hamilton
The Supreme Court’s decision in the case of People (DPP) v Smyth/ McAreavey ([2024] IESC 22) in June has been predominantly read as a significant setback for Graham Dwyer in his murder conviction appeal.
This is because one of the main issues in the case – the admissibility of traffic and location data related to mobile phones in evidence – is also at the centre of Dwyer’s appeal. In the Dwyer case, it was used to link Dwyer’s work phone to another mobile phone the prosecution claims Dwyer acquired and used to contact his victim, Ms O’Hara.
These predictions have turned out to be true, with the recent Supreme Court decision in Dwyer applying the court’s findings in the Smyth/McAreavey cases on the admissibility issue.
The Supreme Court followed Smyth/McAreavey in finding that the metadata was rightfully admitted into evidence at Dwyer’s trial.
The key finding here is that the gardaí were entitled to rely on phone-call data evidence even after the Communications (Retention of Data) Act 2011 was struck down by the European Court of Justice in April 2014.
In a previous (non-criminal) Supreme Court case in 2022, Graham Dwyer’s legal team had successfully argued that his rights, including his right to privacy under the EU Charter, had been breached through the use of this evidence.
Broader implications
Beyond this, however, the Smyth/ McAreavey case has important implications for how we think about privacy rights – and indeed rights more broadly in this jurisdiction – and what repercussions should flow from breaches of these rights.
Smyth/McAreavey interprets and applies a legal rule from a 2015 decision called DPP v JC ([2015] IESC 31), which has been variously described as “the most astounding judgment ever handed down by an Irish court” and “a revolution in principle”.
The case effectively overhauled the law on unconstitutionally obtained evidence in Ireland, allowing gardaí (and other State agents) to breach our rights – and then to retrospectively argue that they made a mistake.
Writing in The Irish Times at the time, Fintan O’Toole described the decision as “bad for democracy” and “a terrible day’s work for accountability in Irish public life”. The Smyth/ McAreavey decision shows that he was right.
This is primarily because the recent ruling by the Supreme Court sets such a high bar for State recklessness or gross negligence.
In JC, the Supreme Court majority was keen to emphasise the limits of the new rule, including the fact that evidence obtained as a result of gross negligence or recklessness will not be admitted, and that scrutiny by the court extends beyond the individual who actually gathered the evidence to senior officials involved in high level decision-making.
The theory is that JC should not be used as a fig leaf for patently unconstitutional policies and practices to become embedded in the system.
Indeed, referencing the ‘Gardagate’ revelations at the time about unauthorised recordings in garda stations, some academic commentators wrote that JC gives the State “little comfort”.
Yet this type of systematic abuse is exactly the situation that presented itself in Smyth/McAreavey and which was upheld by the court, relying on JC.
Institutional failings
The institutional failings in question are best explained by Judge Hogan in his dissenting judgment in Smyth/McAreavey, using the analogy of a burning building.
As he writes, by the time of the European Court decision in Digital Rights Ireland in April 2014, the “lights were already flashing red”.
Two subsequent decisions followed from the European Court in 2015 and 2016 such that, by the time the gardaí were seeking the mobile phone data in the Smyth/McAreavey case (June 2017), “no one could … have said that … they had good reason to believe that the continued use of the 2011 act was ‘perfectly legal’”.
Judge Hogan’s conclusion is supported by the April 2017 report of former Chief Justice John Murray on communications data, which was similarly ‘unsparing’ in its description of an illegal system of ‘mass surveillance’.
All of this leads to the inevitable conclusion that the continued reliance on the 2011 act in June 2017 was reckless or grossly negligent, again recognising that the test requires looking beyond the individual gardaí concerned to broader institutional decision-making.
The fact that this was not the conclusion of the majority in Smyth/McAreavey does not augur well for the future of privacy rights in this jurisdiction.
At what point do we call out glaring legal deficiencies as institutional recklessness? Or have our rights become, to quote Judge Hardiman in JC, “mere words on a page”?
It is worth recalling here that this doesn’t seem to be the first occasion in which the JC rule has come to the rescue of glaring flaws in legislation.
In research that I carried out with the Irish Council of Civil Liberties, many practitioners told me about JC being invoked to remedy serious deficiencies in the data retention regime relating to audio surveillance.
As one of my interviewees, a senior criminal law practitioner, said at the time: “It has been plain as a pikestaff that the minister hasn’t made regulations for years … and then JC is used by the court to say it’s actually okay, when you might have thought that this is clearly a case for saying, ‘Hang on a second. This couldn’t be inadvertence anymore’.”
In a democracy, those in authority who wield a steadily growing array of powers have to be accountable for the way that they use them, including following the rules set down by the people in the Constitution and in the European Charter.
The breach of rights in question here is far from a ‘mere technicality’ but rather one that was described by the European Court as a “particularly serious” interference with the fundamental rights of practically the entire European population.
In effect, mass surveillance through tracking of phone and internet use for every citizen in Ireland (and across the EU).
The decision in Smyth/McAreavey should alarm every one of those same Irish citizens.
Claire Hamilton is head of the School of Law and Criminology at Maynooth University.
Gazette Desk
Gazette.ie is the daily legal news site of the Law Society of Ireland