Latest News

Newsletters

Defective Blocks

Defective Blocks newsletter and latest updates.

Read More

Mother & Baby Homes

Mother and Baby Homes redress newsletter and latest updates.

Read More

CAMHS Review

CAMHS newsletter and latest updates.

Read More

Public Service Card Data Breach Could Result in Compensation Claims
Coleman Legal LLP
Oct 14, 2019

In the wake of allegations that the data collected from the issuance of Public Services Cards (PSC) were kept unlawfully, the State is braced for a series of demands for damages.

The Data Protection Commission (DPC) published a report revealing that the retention of data collected during the application process was illegal and unauthorized, as well as the duty on the general public to have the card for the use of services provided by the State.

In Ireland, a number of civil society groups are said to be mulling over the prospect of bringing legal action in the class-action style. Age Action protested against its use when the card was first launched advocacy groups including Digital Rights Ireland, the Irish Civil Liberties Council, the UN’s special rapporteur on extreme poverty.

The DPC inquiry conducted an official investigation which found that the PSC scheme process was at odds with data protection laws as a result of the insufficient quality of information provided to data subjects by the Department of Social Welfare. Because of this data held on more than three million card holders, data collection must now be destroyed by the Department, rather than discontinuing the public body providing the service within a defined time frame, or some enforcement action may be imposed. 

“Ultimately, we were struck by the extent to which the scheme, as implemented in practice, is far-removed from its original concept. Whereas the scheme was conceived as one that would make it easier to access (and deliver) public services, with chip-and-pin type cards being used for actual card-based transactions, the true position is that no public sector body has invested in the technology capable of reading the chip that contains the encrypted elements of the Public Sector Identity data set. Instead, the card has been reduced to a limited form of photo-ID, for which alternative uses have then had to be found.” said the DPC.

Commissioner for Data Protection Helen Dixon said, regarding the validity of the PSC: “Ultimately, we were struck by the extent to which the scheme, as implemented in practice, is far-removed from its original concept. Whereas the scheme was conceived as one that would make it easier to access (and deliver) public services, with chip-and-pin type cards being used for actual card-based transactions, the true position is that no public sector body has invested in the technology capable of reading the chip that contains the encrypted elements of the Public Sector Identity data set. Instead, the card has been reduced to a limited form of photo-ID, for which alternative uses have then had to be found.”

Ms Dixon demanded that the Department release in the Public Services Car the full details of the investigation report

Keith Rolls Partner Coleman Legal LLP

Speak to our Experienced Solicitors

We understand that navigating the legal system can be overwhelming and stressful, which is why we are dedicated to providing clear communication and support to our clients every step of the way