While a framework to authenticate identity for individuals availing of State services is an entirely legitimate government policy choice, the means of communicating what data is being collected, for what purpose, with whom it may be shared needs to be adequately addressed. We have strongly conveyed our views on numerous occasions to the Department of Social Protection and in a number of other fora that there is a pressing need for updated, clearer and more detailed information to be communicated to the public and services users regarding the mandatory use of the PPSN and PSC for the provision of public services. The provision of up-to-date and relevant information to the public is not just part of the openness and transparency requirements for the fair processing of personal data, but also in the interests of maintaining public confidence in the system. The Commissioner called out the transparency issue in relation to the card in the 2016 Annual Report when she highlighted that the "....implementation of large-scale government projects without specific legislative underpinning, but rather relying on generic provisions in various pieces of legislation, poses challenges in terms of the transparency to the public.....and the uses to which personal data is now being applied. While a lawful basis for such use of personal data can be cited, the need for notice and transparency is especially high in these types of cases and it is not always clear that public clarity has been delivered." The DPC is also aware that the 2015 Comptroller and Auditor General Report on the PSC specifically asserted that: “There is no single business case document for the PSC, setting out at a high level all of the information needed to get the project started (scope, justification, funding, roles and responsibilities), and which communicated this key information to the project's stakeholders” http://www.audgen.gov.ie/documents/annualreports/2015/report/en/Chapter10.pdf The Irish Times journalist Elaine Edwards in her article of the 1st August has also traced some of our correspondence on the issue between DPC and D/SP. Please see link below https://www.irishtimes.com/news/ireland/irish-news/average-fraud-saving-of-1-16-for-eachpublic-services-card-issued-1.3173443 At this point, DPC has now secured D/SP agreement to publish a comprehensive FAQ, the questions for which the DPC has supplied, that would fully clarify all of the arrangements around the personal data collected for the PSC i.e. How it is secured?, Who can access it?, How it interfaces with the Single Customer View & MyGovID? How it will interface with the published General Scheme of the Data Sharing and Governance Bill? etc.