Prevent use of NIDS data for social profiling and surveillance through stronger restrictions on how authentication logs can be used.
Enrollment and use of the NIDS card results in a record of an individual’s pattern of life (what, when and how frequently they access services). Without stronger safeguards to protect this data, NIDS could expose Jamaicans to unprecedented risks of social profiling, digital surveillance, and prejudice. The NIDS bill must implement stronger safeguards.
These are examples of what the NIDS Bill allows. These examples may not necessarily reflect the intention of the Bill, but are possible based on how the Bill was worded when it was tabled in 2020.
The Government intends for NIDS to be used by enrolled individuals to access both in-person and online services such as opening a Bank account, visiting the doctor or clinic, receipt of PATH benefits, etc.
When a card is used, individuals and businesses will be able to verify the identity of the individual presenting the card with the NIRA.
When the NIRA receives these requests, the Bill requires it to create a record of the “authentication or verification request in a database. As more businesses and individuals use this system to verify the identity of an enrolled individual, a pattern of life is created on that person.
This pattern of life includes what services they access, when they access them, and how frequently. With the broad adoption of NIDS, this database will approach a near real-time log of that individuals’ behaviours.
Currently, the NIRA Bill is silent on how these records will be used or protected. For example, it does not regulate what data these records will capture, how the data will be stored, or how it will be used and shared by the authority. The misuse of behavioural data by companies such as Facebook and Cambridge Analytica provide relevant examples.
If these authentication logs were misused, the Jamaican public could face unprecedented risks of social profiling, digital surveillance, and algorithmic prejudice. The Bill as drafted does not recognize the importance or risks to enrolled individuals for collecting this data.
We believe the Bill must add safeguards to protect enrolled individuals and place clear limitations on how the authentication logs can be used.
Watch this space! We will provide an update once the Joint Select Committee has made a decision on this issue.
Last updated 2021-05-27
If this issue matters to you, talk about it. Share this page (and your questions or suggestions) with friends or government representatives.
Is there something we overlooked with this issue?
Have questions? Let us know!