Oireachtas Joint and Select Committees

Thursday, 21 November 2019

Joint Oireachtas Committee on Social Protection

Public Services Card: Minister for Employment Affairs and Social Protection

Photo of Regina DohertyRegina Doherty (Meath East, Fine Gael) | Oireachtas source

If I miss any of the 27 questions put to me, I appreciate that they were asked one at a time, I hope Deputy O'Dea will remind me. The advice we took came from our in-house legal team and the Office of the Attorney General, in which there are many legal minds. The Office of the Attorney General also took third-party advice. As a former Minister, Deputy O'Dea will be well aware of the seasoned practice that the Office of the Attorney General is the Cabinet's adviser. Its advice has never been published so there is precedence for it being between the Attorney General and his or her client which in this case is the Government. I genuinely believe that all of my statements, including those I have made today, reiterate the strong legal advice from the Office of the Attorney General that the interpretation of the legislation by the Data Protection Commissioner is incorrect. Our understanding and belief is that the legislation enacted in 1998 by the Deputy's Government, the Government of 2005 and subsequently Fine Gael-led Governments in 2011 and 2013 empowers us to do exactly what we have been doing since the PSC was published in 2011. The synopsis of the advice is on the public record. The use of the data is something that we have clearly set out and established in the 2005 legislation. We believe that we are following the legislation to a T.

There was some misinformation about statements made and public commentary thereafter. A PSC is not needed to make a SUSI grant appeal, which is the one on which people keep relying to show how we were wrong. No one needs a PSC to make a SUSI grant appeal, that was never the case and there are no plans by the relevant Department or Government agency to make that the case. The Data Protection Commissioner did find that there was absolutely a legal base for the Department of Employment Affairs and Social Protection to require people to authenticate themselves during the stage 2 process so that we could be absolutely sure that they are who they say they are and that they are only registered to access public State services once, and once only, in their own name. Every other Minister has the right or entitlement in their own Department to determine how best they provide public services. The Deputy needs to recall why his Government had the foresight to do this in 1998 and why subsequent Governments continued with it. The idea was just to try to make access to public services easier, more efficient and quicker for the people we are here to serve. People have spoken with their feet insofar as the Deputy has admitted that, where they wish to do things online, it is much faster to use the PSC as proof of identity. The best example which most people can visualise is how one can get a passport by completing an application form online on Monday and receiving one's passport on Wednesday or Thursday. That would have been unheard of some years ago. However, it is not true to say that one cannot get a passport any other way because one can. It is not true that one cannot get a driver licence any other way than having a PSC because one can, but it is by means of the old, inefficient way. People can choose with their feet to decide if they wish to go to the post office, bring the photographs to the Garda station, get them signed, go in and sit in Mount Street for four hours or to just do it online. That is their choice.

It is incumbent on any Government to provide services in the most efficient way possible but also to give people choices depending on their circumstances. The childcare scheme is a case in point. There is misinformation circulating that we have only changed the childcare scheme since the Data Protection Commissioner's ruling came out in August. Since the inception of the childcare scheme 18 months ago, there were always plans for a paper application and an online application route, which is just what transpired since the scheme went live recently.

The Deputy suggested that I am vague on the enforcement notice. I am not sure if he means how I will respond when the enforcement notice comes. I am deliberately vague in this regard because the press releases which were issued by the Data Protection Commissioner on 15 August were incredibly strong, direct and robust. I now find myself some three and a half months later, having initially been instructed to do things within seven days, within 21 days and within six weeks, of having no sight of the enforcement notice that was imminent on 15 August. If I am being deliberately cagey it is because I genuinely have no idea what will be in the enforcement notice if it ever arrives. I have no idea if it will be exactly the same as the findings given that some of the opinions have changed in the last couple of months arising from the findings. I am not sure if it will be the instructions that came in the letter to us on 15 August which were different to the instructions that came in the findings. I am not being obstructive, I just do not know what will be in the enforcement notice. However, I guarantee that it will get as much careful thought and consideration in our response, if and when it comes.

The report of the Comptroller and Auditor General did suggest that there was a problem that we should have potentially a one-document business case. That was raised at a meeting of the Committee on Public Accounts either last week or the week before. The Department has acknowledged that there was no single business case document for the development of the SAFE identity process and the whole PSC project but that should not be taken as evidence that there was not a huge amount of planning over many years by successive Governments over the years and Departments. Most of the elements of the business case were in place in various documents that were laid before the Committee of Public Accounts. I have a document that I can give the Deputy today that lists 22 different documents which detailed exactly how, when, where, why and the purpose of what we were trying to do. In hindsight, perhaps it would have been better had we started on day one with one document with 20 chapters but that is not the way it happened. That was acknowledged by the Secretary General last week, that if we were to start from the beginning we might have one document. However, just because there was not one document that does not mean that there were not 21 documents detailing all the facets.

Finally, I have had the privilege of holding this post for several years and have received legal advice on many matters. The legal advice I have from the Office of the Attorney Genera is as strong as it could be. We have a difference of interpretation of Department of Employment Affairs and Social Protection legislation. Our interpretation of our legislation which was passed by successive Governments is correct. The advice is that the Data Protection Commissioner interpretation of our legislation is incorrect. We have a simple case of two people interpreting legislation in a different way. The Data Protection Commissioner is doing her job and we are doing ours. We will take our next move after the Data Protection Commissioner has made its next move.

Comments

No comments

Log in or join to post a public comment.