Mauritius National Identity Card Law 2013 violates citizens’ right to privacy


The UN Human Rights Committee has found that Mauritius’ National Identity Card Act 2013 violates the privacy rights of its citizens, as there are not sufficient guarantees that Fingerprints and other biometric data stored on the ID card will be securely protected.

The Committee’s decision responds to a complaint filed by MM, a 67-year-old Mauritian national, who claimed that the country’s smart identity card system violated his right to privacy under the Mauritian Constitution and the United States. International Covenant on Civil and Political Rights.

Mauritius launched the country’s first identity card system in 1995. In order to avoid multiple requests for identity cards with false names and information, the authority amended its legislation in 2009 with additional requirements for biometric data and increased penalties for non-compliance. A new smart identity card was then launched in 2013 to replace the old identity card.

In addition to printed information such as name, date of birth and gender, the new electronic identity card also contains an electronic chip that stores data, including fingerprints, that can be read by an e-reader. The government has explained that the fingerprint requirement is key to tackling identity fraud.

MM refused to apply for the new smart ID card and sued the Mauritian government, challenging the constitutionality of the new ID card system. The Supreme Court ruled in 2015 that although there was expert evidence showing that the retention of biometric data was insecure and notoriously difficult to protect, the new ID card requirements had been imposed ” in the interest of public order ”.

Mr. M. then addressed the UN Human Rights Committee. During the proceedings, Mauritius did not address the security gaps regarding the possibility that fingerprint data could be copied to forged cards in the event of loss or theft of the smart identity card.

The Committee took note of MM’s argument, based on the expertise submitted to the Supreme Court of Mauritius, regarding radio frequency identification (RFID) technology used to store biometric data. The expert explained that biometric data can be copied, without physical contact of the card and without the knowledge of the card holder, with RFID readers that can easily be purchased online.

In view of the lack of information provided by the Mauritian authorities concerning the implementation of measures to protect the biometric data stored on identity cards, the Committee found that MM’s right to privacy had been violated.

“It is of paramount importance that any biometric identity system by any country is accompanied by strong safeguards to protect the right to privacy of individuals,” said Photini Pazartzis, Chairman of the Committee. measures and look forward to receiving clarifications as part of the implementation phase, ”she added.

The Committee requested Mauritius to examine the grounds for storing and retaining fingerprint data on identity cards based on the existing data security issue and to provide MM with an effective remedy.


Comments are closed.