Barack Obama is a US citizen. This can be inferred from the fact that he is a candidate for nomination to run for President and, now, information that he applied for, and presumably got, a US passport (he is not from US Samoa).
The power to grant that passport lies with the US Government. That power connotes the power to keep the applicant’s personal details on file. That file, it can be inferred, is electronic. This can be inferred because the evidence that the file was accessed, and accessed unlawfully, consists of the IT record generated by each access. A person accessing the record must use a personal login code.
Unlawful access is no big deal.
This can be inferred from the fact that, although there are criminal penalties for wrongful access of records, nobody is being prosecuted for the wrongful accessing of Barack Obama’s file. The applicable legislation is the Privacy Act 1974.
The relaxed attitude to the accessing of his file may be accounted for in several ways; firstly, the accessing was done under authority; secondly, anyway, as is known, the passport itself is not secure. (The modern US passport is biometric and contains an RFID chip. The chip can be read at a distance. The passport is supposedly shielded to prevent this but it is doubtful if it is effective.) Thirdly, so what? What is he complaining about? What can be in his passport file that he is anxious to hide?
I suggest the true reason is very deep; candidate or no, Barack Obama is, essentially, on the wrong side of an asymmetric relationship. The State has and owns the information it took from him and feels no obligation to him for that. In short, the Privacy Act 1974, like all such provisions anywhere, is a sop.
(As I have maintained HERE, the “State” is an abstraction. Its wrongful acts are the acts of its agents who should always be made answerable for those acts.)
In Ireland the equivalent provisions are found in the Data Protection Act 1988 and the Data Protection (Amendment) Act 2003. The latter was passed supposedly to transpose the provisions of Directive 95/46/EC.
These provisions are toothless. Essentially, they provide for the establishment of a regulator, the Data Protection Commissioner. If he (it has always been a he) receives a complaint he may investigate it. He is not obliged to prosecute an offender.
He may not have the resources to prosecute; he is, generally, dependent on the Government for resources. At least once in the recent past those resources dried up to almost nothing. (Arguably, the Commissioner is of a category of regulator as the Information Commissioner, but without the independence she has. The Government has been resolute in whittling away at her authority, mainly through the provisions of the Freedom of Information (Amendment) Act 2003)).
If Barack Obama were to lodge his complaint with the Irish Data Protection Commissioner there is every reason to expect he would be met by a Michael Mukasey response;
I don’t want to speculate but if somebody walked in here with a box full of evidence, they wouldn’t be turned away.”
Tea and sympathy?