The Data Protection Commission has begun a new investigation into the Department of Public Expenditure's use of the Public Services Card.
It centres on complaints that the database of personal information underpinning the card is being unlawfully used by the department.
The new inquiry follows a scathing report from the State's data watchdog two years ago, which found that the card is unlawful when applied to State services other than welfare.
The Government has challenged those findings and the matter is currently before the courts.
The new complaints to the Data Protection Commission were made by Digital Rights Ireland.
It alleges that the database underpinning the Public Services Card was unlawfully made available to DPER and is being used by DPER in a manner that is not consistent with data protection rights.
The complaints also alleges that DPER has no lawful basis to process individuals personal data and that DPER is carrying out this processing without transparency.
In a letter to Digital Rights Ireland on 21 July, the Data Protection Commission confirmed it had decided to begin an inquiry centering on the processing activities undertaken by DPER via the Single Customer View and MyGovID.
These are both online versions of the Public Services Card.
The Public Services Card was first introduced in 2011 to tackle welfare fraud.
It was gradually rolled out to access other services, including obtaining a passport and voter registration.