Multi-application smart card become more and more common. In order to take benefit from the opportunities offered by multi-application smart card schemes, e.g., the generation of value-added information, authorities at different tiers are implementing local or national smart card schemes.

From a privacy point of view, however, the use of such “universal” cards, incorporating various applications such as e-ID, payment instruments or public transport, etc. is not without concerns. Based upon the personal data collected via this single card, in particular via the use of unique identifiers, application providers or the card issuer will have the ability to make a detailed cross-profile of each card holder or data subject. Is Big Brother watching?

In this article, consisting out of three parts, it will be commented on how these opportunities can be reconciled with mandatory data protection requirements.