The President of the Personal Data Protection Office appeals to Ministry of Digital Affairs

The President of the Personal Data Protection Office appeals to Ministry of Digital Affairs for changes on qualified electronic signature

In relation to the leakage of personal data of employees and officers of the National Revenue Administration from the EuroCert company, the Personal Data Protection Office recalls the speech of the President of the Polish SA addressed to the Ministry of Digitall Affairs. In the aforementioned speech, the President of the Personal Data Protection Office, Mirosław Wróblewski pointed out that the personal identification number (PESEL number) is obtained by providers of public trust services (qualified electronic signature) and then made public.

The President of the Polish SA referred to the provisions of eIDAS (Regulation No. 910/2014 of the European Parliament and of the Council of 23 July 2014 on electronic identification and trust services for electronic transactions in the internal market) and the Trust Services Act (Act of 5 September 2016 on trust services and electronic identification).

According to the content of the above-mentioned EU regulation, the certificate's identification code should be based on a number from the public registry, enabling unambiguous identification of the person using the qualified electronic signature. These provisions do not in any way imply that this must be the PESEL number.

At the same time, the President of the Polish SA has pledged expert support in developing legislation to strengthen the level of personal data protection.

The appeal by the President of Personal Data Protection Office takes on particular significance in the context of the EuroCert data leakage, which we reported on: News and events - UODO