Copying ID cards is a vexed topic. Whether it’s for a rental car, opening a bank account, signing a customer contract, or booking a child’s birthday party at a sports club, many places require proof of identity. Identity cards, health insurance cards, or driver’s licenses are quickly thrown onto the copier of your ID card.
Table tennis tournament in prison of your ID card
The case described to us in a blog comment also plays a role here. It involved a table tennis tournament that was to take place in a prison. Access to a prison naturally comes with certain hurdles. The correctional facility, india business fax list or JVA for short, wanted a copy of the players’ ID cards by email before the tournament.
From a data protection perspective, the question now arises as to whether the prison was entitled to request such proof.
ID card copy as entry ticket?
Now, not everyone is allowed into a prison. Therefore, there are access restrictions. For data processing that does not concern the prison system, the GDPR, the state data protection laws, and also the prison data protection laws of the federal states apply. For example, how to write a resignation email Bremen has such laws with the BremJVollzDSG (BremJVollzDSG) and North Rhine-Westphalia with the JVollzDSG NRW (JVollzDSG NRW) .
Using Bremen law as an example, we examine the question of whether a copy of the identity card is necessary.
This raises the question of what is meant by “provide evidence.” First, one must consider the purpose of the evidence. The prison wants to ensure that it knows who is in the prison at all times. This knowledge can be secured through an official ID such as an identity card. Sending a copy of the identity card in advance can be helpful. But is it really necessary?
Data protection principles also apply to the prison
To answer this question, it helps to take a closer look at the principles of data processing as laid down in Section 3 of the BremJVollzDSG (German Data Protection Act). Paragraph 2 states that data processing should be geared to the albania business directory goal of processing as little personal data as possible. This corresponds to the principle of data minimization under Article 5 (1) (c) GDPR.
Copy of identity card – too much of a good thing?
Requesting a copy of an ID card and the associated storage already constitutes data processing. However, applying the principle of data minimization, the copy does not seem necessary.
It may also be argued that the data mentioned in Section 35 Paragraph 1 No. 1 BremJVollzDSG, such as name and address, are communicated in advance so that the officials at the access gate know which and how many people are coming to the tournament during the check.