top of page
TechRegForum Logo (1)_edited.jpg

Summary of Antitrust Investigations and AI Regulation in Ireland

  • Tech Reg Forum
  • Nov 28
  • 7 min read

This overview outlines recent developments in Ireland’s enforcement of competition law and the regulation of AI and digital technologies. It highlights key actions by the Data Protection Commission and other national authorities in overseeing AI model development, safeguarding data rights and strengthening regulatory structures, alongside significant merger control decisions, consumer protection initiatives and the expansion of the Competition and Consumer Protection Commission’s (“CCPC”) supervisory remit across digital and data-governance frameworks.


→ Antitrust 


October 

  • October 2, 2025 - The CCPC has cleared the proposed acquisition of Perry’s Cash and Carry Limited by BWG Foods Unlimited Company (BWG) subject to legally binding commitments.


August 

  • August 25, 2025 - The CCPC has signed a new data-sharing agreement with the Advertising Standards Authority (ASA), which will enhance regulatory oversight of social media platforms.The agreement will enable the ASA to share information it receives through its online reporting portal while remaining in line with data protection laws. This will give the CCPC greater access to reports from the public of potential breaches of the law.

  • August 21, 2025 - The CCPC has cleared the proposed acquisition of BT Datacentres Ireland by Equinix (Ireland).  Equinix operates six data centres in Dublin, which provide digital infrastructure for cloud, IT, finance, content and media service providers.



July 

  • July 8, 2025 - The CCPC has cleared the proposed acquisition of eight Pelco-operated, Texaco-branded service stations in Dublin and Meath by Circle K, subject to certain legally-binding commitments. They are both active in the retail sale of motor fuels and the operation of forecourt convenience stores in Ireland.

  • July 7, 2025 - The CCPC has issued a warning to the Irish motor industry following reports of anticompetitive practices in the sale, maintenance and repair of motor vehicles. In an industry-wide letter, the CCPC has reminded the motor industry across the country that, under competition law, consumers must not be prevented from freely choosing who services or repairs their vehicle, or what parts they use.

  • July 2, 2025 - More than 20 national consumer agencies, including the CCPC, have taken part in an international sweep of 439 mobile and online games to identify potential consumer harms.The sweep, coordinated by the International Consumer Protection Enforcement Network (ICPEN), found several design techniques that may aim to manipulate players as young as three into making decisions or purchases they wouldn’t otherwise make.


June 

  • June 27, 2025 - The European Accessibility Act (EAA), which aims to benefit both consumers and businesses, came into effect on Saturday, 28 June 2025. Products covered under the EAA include computers, ATMs, smartphones, some self-service ticketing machines, e-readers, and smart televisions. Services include e-commerce and e-books CCPC has been designated as the market surveillance authority for all products under the EAA and the compliance authority for some services. The CCPC advises businesses to ensure they comply with the EAA and will provide support and guidance to help companies, especially microenterprises, understand and meet their obligations.

  • June 20, 2025 - The CCPC has cleared, subject to legally binding commitments, the proposed acquisition of CG Hotels Limited (CG Hotels) by Dalata Hotel Group plc (Dalata). They are active in the accommodation and food service activities sector. 


May 

  • May 26, 2025 - Boots Retail (Ireland) Limited pleaded guilty to breaking sales pricing legislation in Dublin District Court. The pharmacy and beauty chain was ordered by Judge Anthony Halpin to pay €1,000 to the Little Flower Penny Dinners charity and to pay the costs of the CCPC. The sales pricing legislation introduced in 2022 requires traders to base any discount on the lowest price in at least the previous 30 days, and to display this price clearly on any price tag or advertisement. 

  • May 15, 2025 - The Competition and Consumer Protection Commission (CCPC) has carried out searches of businesses active in the betting industry. The searches form part of an on-going criminal investigation into potential breaches of competition law.


April 

  • On April 23, 2025 - the CCPC published a new procedure for agreeing settlements in administrative competition law investigations. Since September 2023, the CCPC – through independent adjudication officers – is empowered to find that a business has breached competition law and impose financial sanctions of up to 10% of the business’s annual worldwide turnover or €10 million (whichever is greater). Under the new Settlement Procedure, the CCPC can agree to the imposition of a reduced financial sanction on a business where the business admits to breaching competition law and agrees to a streamlined procedure to conclude the investigation. The CCPC and the business can also agree any actions that the business will be required to take to end the breach or to prevent similar breaches from reoccurring in future.

  • April 10, 2025 - The CCPC has cleared, subject to a number of legally binding commitments, the proposed acquisition by KAES Recycling Holdings Ltd, part of the KWD Group, of Bord na Móna Recycling Ltd. They are active in the energy and utilities sector. 


March 

  • March 10, 2025 - Lifestyle Sports (Ireland), DID Electrical Appliances and Rath-Wood Home & Garden World pled guilty to breaking sales pricing legislation in Dublin District Court on March 10, 2025. They were ordered to pay €1,000 each to the Little Flower Penny Dinners charity and to pay the costs of the CCPC.


February

  • February 14, 2025 - The CCPC opens Digital Services Act levy consultation. The CCPC is the competent authority for Articles 30, 31 and 32 of the Digital Services Act 2024 (“DSA”), relating to consumer online platform providers (marketplaces), which allow consumers to conclude distance contracts. The CCPC will have new supervision and enforcement responsibilities in relation to online marketplaces’ compliance with rules relating to; 

  • Article 30 Traceability of traders, 

  • Article 31 Compliance by design, 

  • Article 32 Right to information.

  • February 12, 2025 - The CCPC has cleared the proposed purchase of BDS Vending Solutions Limited (BDS Vending) by Coca-Cola HBC Northern Ireland Limited, an indirectly owned subsidiary of Coca-Cola HBC AG. The purchase relates to the Vending Services/Foodservice Sector. 


December

December 23, 2025 - The CCPC has been given new responsibilities through EU Regulation 2022/8688, the EU Data Governance Act Regulations. The Data Governance Act aims to increase trust in data sharing by establishing a harmonised framework for data sharing and setting out certain basic requirements for what is known as data governance. As the competent authority, the CCPC will hold a number of responsibilities including:

  • Management of the notification process for an entity to be approved as a data intermediary service provider or data altruism organisation

  • Publication and maintenance of the Irish register of data altruism organisations

  • The European Commission publishes the register of data intermediation services providers

  • Monitoring and supervising Irish registered DGA entities for compliance with the DGA

  • Processing of complaints regarding non-compliance of the DGA

  • Investigation of non-compliance (either as a result of a complaint or of its own volition)

  • Taking any necessary enforcement action following a breach of the DGA

  • Co-ordination with the European Data Innovation Board and other competent authorities



→ AI and Big Tech


October 

  • On October 28, 2025 - The Irish Council for Civil Liberties submitted a formal complaint against Ireland to the European Commission on grounds that Ireland failed to provide adequate safeguards for independence and impartiality in its process to appoint a new Data Protection Commissioner. That process led to the appointment of an ex-Meta lobbyist. EU Law requires that independent supervisory authorities must not only be impartial and independent but must also be above any suspicion of partiality.


September 

  • On September 12, 2025 - Google's lead EU privacy regulator opened an inquiry into whether the search engine adequately protected European Union users' personal data before using it to help develop its foundational AI Model. Ireland's Data Protection Commission (“DPC”), the lead EU regulator for most of the top U.S. internet firms due to the location of their EU operations in Ireland, said the probe concerned the Alphabet Inc. unit's Pathways Language Model 2 (PaLM 2). "This statutory inquiry forms part of the wider efforts of the DPC, working in conjunction with its EU/EEA (European Economic Area) peer regulators, in regulating the processing of the personal data of EU/EEA data subjects in the development of AI models and systems," the DPC said in a statement.

  • On September 4, 2025 - the DPC announced the conclusion of the proceedings it brought before the Irish High Court on 8 August 2024. The application was made in urgent circumstances where the DPC had significant concerns that the processing of personal data contained in the public posts of X’s EU/EEA users for the purpose of training its AI ‘Grok’ gave rise to a risk to the fundamental rights and freedoms of individuals. The proceedings were struck out on the basis of X’s agreement to continue to adhere to the terms of the undertaking, whereby X agreed to suspend its processing of personal data for the purpose of training AI tool ‘Grok’ on a permanent basis


July 

  • On July 18, 2025 - the Irish Data Protection Commission published guidelines on the use of AI, large language models (LLMs) and data protection. Key Takeaways are 

  • The Irish Data Protection Commission (DPC) highlights risks in AI systems, such as unauthorized data use and biases.

  • Organizations must conduct risk assessments and ensure AI systems comply with GDPR.

  • Emphasis on enabling data rights and securing personal data in AI systems.

  • Organizations should ensure transparency and accountability in AI data processing.

  • Organizations should assess if AI is necessary or if less risky alternatives exist, ensuring compliance with data protection laws.


May

21 May 2025- In March 2024, Meta informed the DPC of its plans to train its Large Language Model using public content shared by adults on Facebook and Instagram across the EU/EEA. Having engaged with Meta, and having reviewed initial correspondence, the DPC identified a number of issues with the proposed roll-out of Meta’s plans.The DPC made a number of recommendations to Meta regarding the potential impact for the data protection rights of individuals. Meta has been responsive to the DPC’s requests during this process and as a result, Meta has implemented a number of significant measures and improvements, including the following:

  • Updated transparency notices to users, including specific notifications to all users in both 2024 and 2025;

  • Updated and easier to use Objection Form;

  • Provision of longer notice period to users and information on controls available to change all published posts from public to private to avoid being trained for the model;

  • Ensuring Objection Forms work in-app, and in all jurisdictions across Europe;

  • Provided access to the Objection Form for over a year;

  • Updated its measures to protect data subjects, such as de-identification, filtering of data sets and output filters; and

  • Updated its risks assessments and other required documentation under GDPR such as their Legitimate Interest Assessment, Data Protection Impact Assessment and a Compatibility Assessment.


March 

  • On March 4, 2025 - the Irish government approved a recommendation from Minister for Enterprise, Tourism and Employment, Peter Burke, to implement a distributed regulatory model for the enforcement of the EU Artificial Intelligence (AI) Act (AI Act). The government has designated eight public bodies as national competent authorities under Article 70 of the AI Act. Ireland became ne of the first six Member States to reach the critical milestone of designating the competent authorities which will be responsible for enforcement of the Act.

Comments

bottom of page