In June, the provisions of amended NIK Act entered into force. They give NIK’s auditors the right to process, if it is essential for an audit, sensitive data listed in the Personal Data Protection Act. They are related to the information on racial or ethnic origin, political views, religious or philosophical beliefs, membership in a religious group, party or union. This is also information on the genetic code, addictions or sexual life.
The applicants’ representative, Mr. Artur Ostrowski, argued on Thursday that the provisions of the NIK Act were inconsistent with the constitution. ”The public authorities may not obtain, collect or provide information on citizens other than indispensable in a democratic state under the rule of law” - said Mr. Ostrowski.
The President of NIK, Mr. Jacek Jezierski, assessed that the proposal of SLD (Democratic Left Alliance Party) went too far and instead of rescinding the provision of Article 29 of the Act on NIK he suggested that it be changed. ”The point is to enable NIK to process the personal data, within the scope essential to conduct an audit (...) except for the data revealing racial or ethnic origin, political views, religious or philosophical beliefs, membership in a religious group, party or union as well as the data on the genetic code, addictions or sexual life " - said Mr. Jezierski.
NIK has no right of initiative. An amendment in that wording was proposed during the Committee meeting by Mr. Tadeusz Dziuba (PiS). Now the Sejm subcomiittee will deal with the draft amendment prepared by SLD.
Mr. Jezierski emphasised that the data on private and intimate spheres of life are not needed to conduct the NIK audit. "The Supreme Audit Office is ready to limit its auditors’ access to some sensitive data by amending the provision of the NIK Act. Not all sensitive data are indispensable to conduct an audit.” - said Mr. Jezierski.
The President of NIK said that the analysis of to-date audits showed that NIK would need access only to some of the sensitive data: information on the health condition, convictions, fines, decisions to impose a penalty and decisions passed in the court and administrative proceedings.
Without this type of data NIK would not be able to conduct audits related e.g. to: the access to health care benefits (such as queues in hospitals), observing patients’ rights, expenses for health care, or for medical procedures and medicines, helping the disabled, providing social welfare benefits, activity of penitentiaries and correctional units, adequacy of imposing and recovering fines - enumerated Mr. Jezierski.
He added that reaching for sensitive data not covered by the proposal of amendments to the Act, is subject to additional restrictions arising from NIK’s internal regulations - first, the auditor has to obtain a written consent of his or her superiors.
Already in May 2012, representatives of the Supreme Audit Office, the Commissioner for Citizens’ Rights and the Inspector General for the Protection of Personal Data stated that some of these data were needed to NIK, others were not. Then Mr. Jezierski presented a draft of amendments to the Act on NIK and declared that the auditors would not collect the most intimate personal data by the time it is passed.
The regulations allowing the NIK auditors for access to sensitive data were passed in January 2010. They were criticised not only by the Commissioner for Citizens’ Rights and the Inspector General for the Protection of Personal Data but also by some media and non-governmental organisations.
The Act on NIK amendment was widely discussed but not due to the personal data provisions. The most controversial was the issue of NIK’s internal audit at least once in three years. That was the reason why in February 2010 President Lech Kaczyński submitted an amendment with the Constitutional Tribunal, however his successor Bronisław Komorowski withdrew the complaint in October 2010.
The project of SLD aimed at taking back the access to sensitive data from NIK, was submitted with the Sejm at the end of January 2012.
