The following paragraph seeks to give practical effect to the Personal Data Collection Limitation Principle (Data Protection Principle 1):
2.1 | Unless authorized by law, no data user may compulsorily require an individual to furnish his identity card number. | |
2.2 | Without prejudice to the generality of paragraphs 2.1 and 2.3, before a data user seeks to collect from an individual his identity card number, the data user should consider whether there may be any less privacy-intrusive alternatives to the collection of such number, and should wherever practicable give the individual the option to choose any such alternative in lieu of providing his identity card number. Such alternatives may include but are not limited to the following: | |
2.2.1 | the identification of the individual by another personal identifier of his choice; | |
Note: A common example would be the furnishing of the individual's passport number. | ||
2.2.2 | the furnishing of security by the individual to safeguard against potential loss by the data user; | |
Note: A common example would be the furnishing of a deposit for bicycle hire. | ||
or | ||
2.2.3 | the identification of the individual by someone known to the data user. | |
Note: A common example would be the identification of a visitor to a building by the tenant in the building whom he visits. |