Sri Lankan President Gotabaya Rajapaksa called for the need to gather all personal information of citizens under a single data collection centre on December 30, 2019, Doordarshan News reported.

During a meeting held with officials of the Ministry of Information and Communication Technology, the President pointed out that this move will be “instrumental in reducing time, effort and money spent on services such as National Identity Cards, driving licenses, immigration and emigration documents, registration of births and deaths”, as per the Doordarshan report.

Rajapaksa also said that by removing the existing practice of gathering the same information by different entities, the government could reduce delays and increase efficiencies. Moreover, it will also prevent the circulation of erroneous and duplicitous information. He also reportedly said that inter-connectivity among ministries, departments and semi-governmental organisations is vital in the development process of the country and would lead to a “high level of productivity”, Colombo Page, a local newspaper, reported.

It will be interesting to see how the Sri Lankan government manages to balance the intention to create a data collection centre with the final draft of the Personal Data Protection bill and the privacy of the citizens. Even though there is a clause in the bill that provides certain exceptions to the protection of personal data for “essential objectives of general public interest”, the government might have to clarify whether their proposed center would be classified as a data controller and whether then, the citizens would have all the rights as data subjects.

Indian Home Minister Amit Shah had earlier suggested that the Digital Census 2021 could potentially be used to create one, multipurpose ID for Indian citizens. Developing an all-encompassing ID based on a centralised database can have dangerous repercussions. Medianama’s editor and founder had previously discussed the problems associated with such a database:

  • Linking multiple data sets creates a “single point of failure”. More linkages also increase the risk of identity theft as “the more places people use it, the risk of identity theft increases”.
  • An all-encompassing ID has the potential to turn into a mass surveillance system.
  • It leads to the creation of a new power centre wherein a single body has the power to delist an individual from the database, thereby potentially denying them essential services and subsidies.
  • A centralised data centre might not be a good idea without a proper data protection framework in place. India had made the blunder of initiating Aadhaar without a data protection law which often was at the centre of debates and controversies.