Migrant rights group ‘astounded’ citizen data published online
Grave concern expressed ‘for safety of people who have sought protection in the State’
The Migrant Rights Centre Ireland has expressed concerns at the publication of new citizens’ personal information online. File photograph: Bryan O’Brien/The Irish Times
Concerns have been expressed by a migrant rights group about the safety of people who have sought protection in the State, following the revelation that the names and full addresses of thousands of naturalised citizens are published online.
Details of thousands of people who receive Irish citizenship remain online indefinitely after publication by the Government’s official gazette, Iris Oifigiúil.
The information also states whether the individual is an adult or a minor. Some of the information has have been online for up to 10 years.
The Department of Justice says the publication of the information in such a format was mandated by law under a 1956 Act and a 2011 statutory instrument (SI).
Aoife Murphy, spokeswoman for the Migrant Rights Centre Ireland, said, however, that the organisation was “astounded” the Government had made this private information so easily accessible to the public.
“The publication of the names and addresses of new citizens is a clear breach of privacy, and the Government can provide no assurances that the data will not be used maliciously. It’s completely unjustifiable.”
Ms Murphy said the body had “grave concern in particular for the safety of people who have sought protection in the State – including refugees, victims of trafficking and victims of domestic violence”.
“The people on this list are citizens like any other, and should not be so publicly marked as different by their Government.
“The information should be removed from the Iris Oifigiúil site immediately and this archaic legislation amended as a matter of urgency to protect the privacy of 25,000 innocent people.”
The Data Protection Commissioner’s office has said the processing of such personal information in this manner was exempt from the provisions of the Data Protection Acts as it was required by statute.
Digital Rights Ireland, which took a case to the European Court of Justice in Luxembourg that resulted in the striking down of the EU directive on the retention of citizens’ phone and internet records, said on Friday the commissioner’s response was “very poor”.
A spokesman for DRI said the primary legislation did not require the divulging of new citizens’ personal data and the SI that did “can be changed by the stroke of a pen”.
The commissioner had also failed to take into account that if either the 1956 Act or the 2011 statutory instrument were in conflict with the EU’s data protection directive, then it was the EU law which was superior.
“And, as was confirmed in the Court of Justice of the European Union judgment in the Digital Rights Ireland case, data protection rights (which are also protected by the Charter of Fundamental Rights) can only be legitimately infringed upon where doing so is necessary and proportionate for the stated purpose of the infringement.”
The Department of Justice said the Irish Nationality and Citizenship Act 1956, which governed the granting of a certificate of naturalisation, required that a notice of the issue of a certificate shall be published in the prescribed manner in An Iris Oifigiúil.
“The Irish Nationality and Citizenship Regulations 2011 stipulate that the information to be included in the notice is name, address, date of certificate and whether the person was of full age or a minor.”
The department said legislation and processes were kept under regular review.
“The manner in which Iris Oifigiúil is circulated is not a matter for this department,” it said.
“The grant of a certificate of naturalisation is seen as a public act where it is considered that disclosure is in the public interest. We are after all granting something very valuable at the Minister’s discretion and the exercise of that discretion should be transparent.”