Not legal advice. This site is an editorial reference. Laws change — always confirm with a qualified attorney in the relevant jurisdiction before recording, and check each page’s last reviewed date.

Call Recording Laws in Ireland

Plain-English summary

Ireland applies GDPR through the Data Protection Act 2018 and the Interception of Postal Packets and Telecommunications Messages (Regulation) Act 1993. Recording a phone call for ordinary commercial purposes requires a GDPR lawful basis and audible notice; secret recording for non-personal purposes risks both a data-protection complaint and criminal exposure.

The Data Protection Commission (DPC) acts as the lead supervisory authority for many multinational technology companies headquartered in Ireland, which gives the DPC’s positions on call recording outsized influence across the EU.

Statutory framework

  • GDPR applies in full.
  • Data Protection Act 2018. The Irish implementing statute. Section 41 provides for exceptions for journalism and academic, artistic, or literary purposes.
  • Interception Act 1993. Criminalizes interception of telecommunications messages without lawful authority. Like other jurisdictions, the criminal prohibition targets non-participant interception.

Regulator guidance

The Data Protection Commission has issued specific guidance on call recording, covering lawful basis selection, retention periods, transparency, and data-subject access. The DPC has imposed administrative fines for call-recording infringements, including for excessive retention and inadequate notice.

GDPR specifics

Standard Article 6 lawful-basis analysis applies. Articles 13–14 transparency duties require the pre-call announcement to cover purposes, lawful basis, retention, and the right to lodge a complaint with the DPC.

Workplace and business calls

Workplace call recording in Ireland engages employment-law duties of fair procedures alongside GDPR. The Workplace Relations Commission has criticized recordings produced as evidence in disciplinary proceedings where the recording was not on notice or where access was disproportionate.

Cross-border and conflict-of-laws notes

Ireland’s position as headquarters for many large processors makes the DPC the lead supervisory authority for cross-border investigations under GDPR’s one-stop-shop. See cross-border calls.

Penalties and remedies

Criminal: indictable offence under the Interception Act 1993 for non-participant interception.

Administrative: GDPR fines up to €20 million or 4% of global turnover.

Civil: data subjects may seek compensation under GDPR Article 82 and DPA 2018 s. 117.

Practical guidance

  • For commercial call recording, register the processing in your record of processing activities and assess the lawful basis.
  • Give clear pre-call notice covering retention period and the right to complain to the DPC.
  • Set retention to no longer than necessary; document deletion.
  • For workplace recording, consult with employees and conduct a DPIA where the recording is systematic.

Related