Processing biometric data 'an essential component' of how public services card is created, minister admits
Fine Gael minister Paschal Donohoe, at a 2016 press event for the public services card. Picture: Gareth Chaney Collins
The Department of Social Protection has admitted that the processing of biometric data has been “an essential component” of the framework underpinning the public services card (PSC) for the past 12 years.
The department said that this processing is “carried out by the department on the department’s secure IT infrastructure”. It said that the “biometric data is not stored on the PSC, nor is it shared with any other public body”.
Biometrics relate to data which can identify a person by their physiological characteristics, such as a photo or a fingerprint. Every public services card contains a photograph of the individual in question.
The department’s revelation comes on foot of a parliamentary query by Social Democrats TD Catherine Murphy regarding a recent tender by the department for the use of facial recognition technology.
Ms Murphy had queried the rationale for the use of facial-image-matching by the department in light of the fact a report by the Data Protection Commission regarding the biometric nature or otherwise of the controversial PSC is pending.
In reply, Social Protection Minister Heather Humphreys said that the processing of personal data involved in the SAFE (Secure Authorisation Framework Environment) registration process for a PSC “is carried out to help ensure that the person whose identity is being authenticated has not already been authenticated under a different identity”.
“The processing of personal data includes the creation and processing of biometric data from a photograph of the person concerned, to enable a check to be carried out as to whether the facial image matches an image already held,” said Ms Humphreys.
She added that a data protection impact assessment (DPIA — a key factor in terms of satisfying GDPR risk requirements for any service in which personal data is processed) had been carried out “in respect of an upgrade of the facial image matching system in 2021”.
The biometric nature of the PSC and the database underpinning it has been a key source of contention regarding the card’s legality for the past six years.
The Data Protection Commissioner (DPC) first initiated an investigation into the biometric nature or otherwise of the card in late 2017, and had been expected to publish that report before the end of 2019.
However, the report was delayed by a legal challenge at the time by the department against separate findings of the Data Protection Commissioner that the public services card is illegal in all cases other than that relating to welfare payments.
The biometric report had been expected to be published before the end of last year, but has thus far yet to be released.
Should the biometrics investigation find against the card, the legality of its very existence would likely be called into question once more.
Last December, the secretary general of Department of Social Protection, John McKeon, told the public accounts committee “there is no biometric information on the card, we don’t track biometric information”.
CONNECT WITH US TODAY
Be the first to know the latest news and updates
