Dear Sir/Madam,
Thank you for the reply dated 16 March. I
browsed the web site of the Data Protection
Office to find information about the National
Identity Card or the law or regulation related to
the National Identity Card. I found it unusual
that there wasn't any information about that
topic given that there has been a lot of
discussion over the last few years about privacy
in relation to the National Identity Card. I
would be grateful if the Data Protection Office
could consider publishing the laws and
regulations related to the National Identity Card
on its web site as it would help citizens who are
searching for that information.
There was a news article in Le DefiMedia on 8
April (
http://www.defimedia.info/empreintes-stockees-ou-pas
) in which there is the following:
"Et lorsqu’elle a demandé s’il était nécessaire qu’elle se déplace pour
qu’on lui prenne son empreinte, les officiers lui ont lancé : « Pa traka,
nou ankor ena so lanprint. »"
It was worrying to read in the news article that
the citizen's fingerprints were collected in 2014
and that government officials are quoted as
saying that the data controller or data processor
has retained the records of the fingerprint.
I wrote to the data controller for the National
Identity Card on 16 March and again on 27 March
about the User Declaration Form. I did not
receive any reply. According to the Ministry of
Technology, Communication and Innovation, there
is the following text in the User Declaration Form:
"I have no objection that my fingerprint minutiae be processed and
recorded for the purpose of producing my identity card. I understand that
this information will be erased permanently from the register once the
identity card has been printed."
Why is the citizen being asked to state that
he/she understands that the fingerprint minutiae
will be erased permanently from the register when
he/she does not have the means to determine
whether that is being done? Is that in line with data protection principles?
Would the citizen be giving his/her informed
consent by signing the User Declaration Form?
Is there any control by the Data Protection
Office on the sharing of personal data, collected
for the purposes of producing a National Identity
Card, with other government agencies or it left
to the other government agencies once there is a
law or regulation for the other government
agencies to do that? Is it incumbent upon the
data controller to ensure that the citizen is
fully aware of the arrangements for the linking
of personal data which is being collected?
Regards,
S. Moonesamy
Received on Mon Apr 10 2017 - 05:16:26 PST