Oireachtas Joint and Select Committees

Tuesday, 14 July 2015

Joint Oireachtas Committee on Environment, Culture and the Gaeltacht

Electoral Commission in Ireland: Discussion (Resumed)

2:20 pm

Ms Helen Dixon:

The Deputy has asked a difficult question and, while I want to be as helpful to the committee as I can, it is worth making the point that it is not up to the Data Protection Commissioner to make suggestions on what the solution should be. We can, however, assist in assessing the data protection and privacy implications of any solution that might be proposed. In terms of suggestions that could potentially be considered by any executive body examining this area, it might perhaps involve an enhanced version of the current registration system. What issues arise with the current system in terms of duplication and fraud and could it be enhanced without using additional personal data to improve the system and eliminate some of the problems? While I do not suggest they offer more viable or less privacy invasive solutions, other jurisdictions have, for example, investigated biometric data measures. Another alternative could be using different identity data such as a passport and a copy of a bill from the voter's current address. There is no doubt that the PPS number would come into the mix. The new UK individual electoral registration system has most recently used that country's national insurance number. The PPS number would need to be considered as a viable solution, but we must also adhere to data minimisation principles. The PPS number solution would require voters who are validly on the current register to re-register with their PPS numbers or, alternatively, a data matching exercise could be carried out with the social protection database to clear a certain percentage of those already on the register, thereby avoiding the need for them to provide their PPS numbers. Only new registrants and those for whom data matches were not found would be required to re-register. The details of how the PPS number is used would dictate the data protection issues arising. I hope that is helpful.