On Januari 1st, 2012, German WDR Radio reported about the new Dutch border surveillance system @MIGO-BORAS: click HERE.

"George Orwells Vision von Big Brother wird an niederländischen Grenzübergängen Realität. Dort filmen Kameras den Einreiseverkehr aus Belgien und Deutschland. Das Vorhaben ist umstritten. Kritiker sehen sogar einen Verstoß gegen das Schengen-Abkommen.

Sie hängen unauffällig neben den großformatigen Verkehrsschildern oberhalb der Fahrbahn: Dutzende dieser fest installierten Kameras überwachen nun den Einreiseverkehr in die Niederlande an insgesamt 15 Grenzübergängen. 

Daneben haben die Grenzschützer der Königlichen Marechaussee sechs Fahrzeuge mit mobilen Kameras im Einsatz. Die schon seit 2004 erprobte Überwachungstechnik hat den kuriosen Doppelnamen "@migo-Boras".

Nicht nur diese Bezeichnung sorgt bei deutschen Grenzbewohnern am Niederrhein für Irritationen: "Kenne ich nicht, nein!", sagt einer. Und ein anderer hat immerhin davon in der Zeitung gelesen, aber er finde "@migo-Boras" nicht so toll. Die Überwachung gehe "in die Privatsphäre - das find ich nicht gut".

Menschenschmuggler aus dem Verkehr zu ziehen

Martijn Peelen, Sprecher der Königlichen Marechaussee, teilte nur schriftlich mit, "@migo-Boras" solle vor allem helfen, Menschenschmuggler aus dem Verkehr zu ziehen. Dazu würden die Kameras die Fahrzeuge von vorne erfassen, so dass Nummernschild, Fahrer und Beifahrer abgefilmt werden. Die Aufnahmen würden dann mit bestimmten Daten abgeglichen. So würde das System beispielsweise bei Kleintransportern aus dem Balkanraum Alarm schlagen. Erfahrungsgemäß würden damit auch schon mal illegale Prostituierte ins Land gebracht. Nur in solchen Fällen würden Beamte dann auch ein Fahrzeug stoppen und kontrollieren.

Eine Grenzbewohnerin, die häufig zum Einkauf nach Holland fährt, stören die Kameras daher überhaupt nicht. Wenn man ein reines Gewissen hat, sei das kein Problem, meint sie. Eher skeptisch dagegen ist Jörg Langenmeyer, Bürgermeister der niederrheinischen Grenzstadt Straelen - nahe Venlo. Er finde es "einfach schade", aber man könne noch gespannt sein, ob das Projekt denn wirklich so eingeführt werde. Er meint, die Europäische Kommission wolle noch einige Informationen von der niederländischen Regierung haben, wie die Überwachung in der Praxis überhaupt stattfinden solle.

Verstoß gegen Schengen-Abkommen?

In der Tat sind noch viele Fragen offen: Insbesondere ob und wie lange die Kameraaufnahmen gespeichert werden. Kritiker verweisen auch auf das Schengen-Abkommen, das allgemeine Grenzkontrollen nicht vorsieht. Die niederländische Regierung sagt dazu, die Kameras sollen nicht ständig laufen und nur stundenweise eingeschaltet werden, um die Sichtkontrollen der Grenzschützer zu unterstützen.

Dennoch kommt Protest auch aus den Niederlanden, etwa von der Organisation Privacy First, die sich gegen einen Überwachungsstaat wendet. Der Vorsitzende von Privacy First, Bas Filippini, spricht von einem generellen Profiling, das zunächst jeden Einreisenden erfassen müsse. Außerdem bezweifelt er die Wirksamkeit von "@migo-Boras". Man wolle nur Menschenschmuggler aufspüren, sagt er, aber "da sitzen zwei Leute vorne, hinter ihnen vielleicht die illegalen Personen. Aber die kann man sowieso nicht sehen." Irgendwann, so befürchtet es Filippini, kontrolliere das System dann alle Fahrzeuge. "Es mündet in behördliche Willkür. Wir von Privacy First wollen uns unbeobachtet bewegen. Wir brauchen keinen '@migo'. Freunde suche ich mir selbst." Filippini meint, das Ganze erscheine wie ein militärisches Projekt. Es sei schon merkwürdig, dass die Regierung dies einfach mal so einführe.

Wohl auch deswegen, will die niederländische Regierung erst einmal die Testphase bis Februar oder März verlängern.

Wohl auch deswegen, will die niederländische Regierung erst einmal die Testphase bis Februar oder März verlängern. (...)"

Read the entire article at ARD Tagesschau.de HERE, or click HERE for an 'English version' in Google Translate.

Today Privacy First sent the following email to the Electronic Health Record spokespersons in the Dutch House of Representatives: 

Dear Members of Parliament,

On Tuesday 13 December 2012 an important General Meeting with Minister Edith Schippers about the Electronic Health Record (Elektronisch Patiëntendossier, EPD) will take place. The Privacy First Foundation is keen to provide you with the following points of interest in order for you to prepare for and make possible contributions to the debate:

1) As far as Privacy First is aware, at the moment one is working towards an opportunistic spurious solution along private lines, namely a regional exchange of data through the National Switch Point (Landelijk Schakelpunt, LSP). By definition this leads to function creep by design. The digital ‘regional walls’ in and around the LSP can of course easily be circumvented or removed. Therefore the entire system can take on its old central form again at any given moment in the future, with all the privacy and security risks this entails.   

2) Those same risks around the LSP will neither be annulled by henceforth indicating the EPD as a ‘Personal Health Record’ (Persoonlijk Gezondheidsdossier, PGD). This is merely privacy by semantics which, moreover, has a misleading effect. Indeed, the infrastructure that’s behind the LSP remains virtually unchanged.

3) A privacy-friendly EPD first of all demands an independent Privacy Impact Assessment (PIA) by which various solutions characterized by privacy by design can be established. As long as such a PIA has not been conducted and subsequently evaluated in Parliament, no irrevocable steps regarding the design and possible extension of the EPD are to be taken. 

4) When further designing the EPD, it is absolutely key to leave space for research, innovation and competition. The recent DigiNotar affair shows that dependence on one party (or a select group of parties) is to be avoided. Apart from suboptimal, privacy-unfriendly products, this prevents cartel formations.

5) Apart from proper security, privacy-friendly transparency for patients also requires individual freedom of choice. Access by patients to their own records, for example, is not to be made dependent on the linking up with the LSP. Such access via the internet also creates new privacy related risks.

6) Within the governance structure around the EPD, independent privacy and security experts are to be appointed.

7) In terms of human rights the Netherlands continues to be unabatedly responsible for the protection of the medical privacy of its citizens, even in the event of a privatized EPD. At the initiative of Privacy First the Netherlands will have to be able to account for this in front of the United Nations Human Rights Council in May 2012.

Yours faithfully,

The Privacy First Foundation

Published in Medical Privacy

Unfortunately it has been on the cards for weeks. Now it seems it will happen after all: a private restart of the Dutch national Electronic Health Record (Elektronisch Patiëntendossier, EPD). Albeit under the name ‘personal health record’ (privacy by semantics), which at first will above all be used ‘regionally’ and only with the permission of each individual patient. However, the underlying infrastructure (National Switch Point, in Dutch: Landelijk Schakelpunt, LSP) is still national in orientation and was voted down unanimously by the Dutch Senate earlier this year due to privacy objections. So by now the private EPD looks suspiciously like a nuclear transport with the LSP as its radioactive cargo. In anticipation of this development, Privacy First has recently (shortly before the reporting deadline) raised some issues with the United Nations Human Rights Council in Geneva. At the end of May 2012, the Dutch human rights situation (including Dutch national privacy policy) will be on the agenda there. The Netherlands will then have to publicly explain which solutions it has found to still safeguard privacy around the EPD. For instance by implementing privacy by design in the coming months through technical compartmentalization, data minimalization, freedom of choice and transparency for patients. In that case perhaps the Netherlands will cut a good figure in Geneva after all...

Published in Medical Privacy

On 31 May 2012 the Netherlands will once again be examined in Geneva by the highest human rights body in the world: the United Nations Human Rights Council. The UN Human Rights Council was founded in 2006 and consists of 47 of the 192 UN Member States. Since 2008 the human rights situation in each country is periodically reviewed. This procedure takes place every four years for each UN Member State and is called ‘Universal Periodic Review’ (UPR). During the first UPR session in 2008 it was straight away the Netherlands’ turn to be examined and our country was in fact heavily criticized. In 2011 the privacy situation in the Netherlands is even worse compared to 2008: enough ground for Privacy First to raise a number of issues with the UN. Privacy First did so last night through a so-called shadow report: a report in which NGOs can voice their concerns on a particular issue. (For such reports strict requirements with the Human Rights Council apply, among which a limit of 2815 words.) Without shadow reports, diplomats in the Council are not able to do their work properly. Otherwise they would of course be dependent on the State report of the Netherlands itself. So Privacy First presented its own report with the following recommendations:  

•  No national biometric database, not even in the long run;

•  No introduction of mobile fingerprint scanners;

•  Introduction of a truly anonymous OV-chipkaart (Public Transport chip card);

•  No introduction of Automatic Number Plate Recognition (ANPR) as currently envisaged;

•  Transparency and suspension of the new border control system @MIGO;

•  A voluntary, regional instead of national Electronic Health Record System with 'privacy by design';

•  Proper legislation concerning the profiling of citizens.

You can download our entire report HERE. We hope that our recommendations will be accepted in the Human Rights Council and will lead to an international exchange of best practices. Privacy First is happy to keep you informed on these developments.

Update 23 March 2012: this week the long-awaited Dutch UPR State report for the Human Rights Council appeared. Moreover, the shadow report by the Dutch section of the International Commission of Jurists (Dutch abbreviation: NJCM) that was presented earlier (also on behalf of 24 other NGOs) became public. The NJCM report contains a very critical section on privacy in which – parallel to the recommendations of Privacy First – among other things, a call for the abrogation of the current plans concerning ANPR and mobile fingerprint scanners is made; see pp. 6-7 of the NJCM report. Relevant reports by other organisations can be found HERE.

Official preparatory work for the Dutch State report has seen two consultation meetings with Dutch civil society (NGOs) at the Dutch Ministry of the Interior (Dutch abbreviation: BZK) in recent months. During the first meeting on 1 December 2011, Privacy First insisted on incorporating a separate section about privacy in the State report. During the second meeting on 16 January 2012, Privacy First requested an explicit mention of ‘privacy by design’ in that very section. BZK responded positively to both requests. However, the privacy section in the State report appears to be relatively short, superficial and elusive. It is telling that this section is part of the chapter ‘Challenges and constraints’. This gives the impression of a defensive attitude. What’s even more telling is the following sentence: ‘‘The challenge will now be to ensure that all these [privacy infringing] measures are implemented.’’ Apparently the Dutch State is not sure where it stands... And rightly so. The mere positive points are the mention of ‘privacy by design’, the report by the Dutch Scientific Council for Government Policy called iOverheid (iGovernment) and the following passage:

"In addition, partly in response to concerns expressed in Parliament, certain policy measures that impact on privacy are currently being modified, as for example the discontinuation of the storage of fingerprint data on national ID-cards and within the passport database."

Privacy First interprets this passage as an international declaration (unilateral statement) from the Netherlands to stop the storage of fingerprints on ID-cards and in its travel document administration once and for all. Privacy First is keen to continue reminding the government of this.

Update 5 April 2012: the international lobbying surrounding the UPR session of the Netherlands on 31 May 2012 is in full swing, both at foreign embassies in The Hague as well as within the permanent representations of UN Member States in Geneva. In this context an important 'UPR pre-session' took place yesterday morning in Geneva where various international human rights organisations had the opportunity to voice their concerns about the Netherlands in front of a broad audience of foreign diplomats. Click HERE for an impression of the meeting about the Netherlands. The statement by Privacy First during this meeting can be found HERE and can also be downloaded on the website of the Dutch Human Rights Institute under incorporation.

Update 21 April 2012: Based on all shadow reports (among which that of Privacy First) that the UN received at the end of 2011, an official UN summary has in the meantime been drawn up in Geneva. This ‘summary of stakeholders’ information’ can be found HERE. Apart from Privacy First, the NJCM (also on behalf of the Dutch Platform for the Protection of Civil Rights / Platform Bescherming Burgerrechten), Bits of Freedom, the Dutch Data Protection Authority, Vrijbit and the Dutch Contact Point on Abuse of Mandatory Identification (Meldpunt Misbruik Identificatieplicht) all sent their privacy worries to Geneva in writing; all these reports will soon appear on this UN page. As far as Privacy First is aware, this has not occurred on this scale before. Therefore, for the first time in history the privacy theme figures prominently in a UN report about the Netherlands, as a matter of fact more prominent than is the case in other summaries, for example the one on the United Kingdom. Furthermore, it’s striking that the UN cites a passage about profiling from the Privacy First report: ‘‘digital profiles can be extremely detailed and profiling can easily lead to discrimination and 'steering' of persons in pre-determined directions, depending on the 'categories' their profiles 'fit into' and without the persons in question being aware of this.’’ (UN summary, para. 65). All of this can rightly be called a breakthrough that will hopefully bear fruit during the upcoming session on 31 May 2012.

Update 23 May 2012: In recent months Privacy First has had a series of useful conversations with foreign diplomats in Geneva and The Hague. Meanwhile a number of so-called ‘advance questions’ by UN Member States have appeared on the UPR website of the UN. Among them is the following question by the United Kingdom to the Netherlands: ‘‘Given recent concerns about data collection and security, including the unintended consequences of cases of identity theft, does the Netherlands have plans for measures to ensure more comprehensive oversight of the collection, use and retention of personal data?’’ (Source) Privacy First looks forward with confidence to further questions by UN Member States about Dutch privacy perils.

Published in Law & Politics

"Ein Foto von jedem Auto, das über die Grenze fährt: Ab Januar 2012 möchten die Niederlande entsprechende Überwachungs-Technik installieren. Eine Software pickt dann Autos für weiterführende Kontrollen heraus.

Datenschützer in den Niederlanden machen sich Sorgen. "Bald ist unser Grenzschutz technisch im Stande, jedes einzelne Auto zu scannen - auch Deutsche", sagt Vincent Böhre von der Stiftung Privacy First in Amsterdam. Alle 15 großen Grenzübergänge nach Deutschland und Belgien sollen Kameras bekommen, sechs mobile Einheiten auf Geländewagen observieren zusätzlich die kleineren Übergänge. (...) "Dies ist ein Instrument gegen schwere Kriminalität wie Menschenhandel. Es eignet sich überhaupt nicht, um ausstehende Geldbußen zu kassieren", betont Frank Wassenaar, Sprecher des zuständigen Ministeriums für Inneres und Immigration. Datenschützer sind dennoch skeptisch. Denn wer garantiert, dass nicht später doch die Kennzeichen gelesen werden? Dann könnte auch das Knöllchen vom vergangenen Holland-Urlaub noch kassiert werden. Auch herrschen Zweifel, ob auf den Fotos Menschen wirklich nicht erkannt werden können. Das System ist seit 2004 in Polizeikreisen im Gespräch, am belgischen Grenzübergang Hazeldonk machten die Niederländer ab 2005 verschiedene Tests. Dennoch rücken die Behörden nur zögerlich mit Detailinformationen über dieses neue System heraus, bemängelt Datenschützer Böhre. Knapp sechs Wochen vor der Einführung ist noch nicht genau bekannt, welche Daten wie genutzt werden. Klar ist: Die Autos werden von vorne und von der Seite fotografiert. Das Instrument mit dem nebulösen Namen @MIGO-BORAS wurde speziell für die Grenzüberwachung entwickelt. "Das sind doch verkappte Grenzkontrollen, damit unterlaufen die Niederlande die Abmachungen von Schengen", sagt Datenschützer Böhre. Auch die EU-Kommission untersuche die niederländischen Pläne inzwischen."

Read the entire article at WDR HERE, or click HERE for an 'English version' in Google Translate.

Privacy-wise these are turbulent times. Partly because of the pressure by Privacy First, a positive change is ongoing since last year. Privacy is higher up on the Dutch political agenda. Dutch media more often and more extensively report on privacy matters. This enhances privacy awareness among the Dutch population. It also reinforces our democratic constitutional State. Examples of positive developments are the abandonment of the electronic toll system (no ‘espionage units’ in cars), voluntary instead of compulsory ‘smart energy meters’, voluntary instead of compulsory body-scans at airports, abandonment of the storage of fingerprints under the Dutch Passport Act and the introduction of Privacy Impact Assessments for new legislation that invades the privacy of citizens. All of these developments go hand in hand with Privacy First’s motto: ‘‘your choice in a free society’’. Meanwhile, privacy restricting forces from the old days still have their say. Bad habits die hard. In recent months this became particularly obvious through developments towards a private restart of the Dutch Electronic Health Record (Elektronisch Patiëntendossier, EPD). Earlier this year the Senate had rightly binned the EPD. Apparently some policy makers and commercial parties are having none of this. With similar stubbornness others are currently trying to press through their old plans for Automatic Number Plate Recognition (ANPR) and camera surveillance along the Dutch border. These plans were already on the drawing board years ago, in a time in which privacy increasingly seemed to become a taboo. A time in which the American Bush administration was able to burden the entire European Union with biometric passports and associated databases. That time is over, but the heritage of that era still exerts its influence to this day...

In the meantime privacy is back where it once was. Privacy is the ‘‘new green.’’ In that respect advocates of the national EPD and ANPR are behaving like a bunch of old environmental polluters. They’re like rusty old factories from the 70s being teletransported to the year 2011, without them realizing it. The Dutch House of Representatives seemed to have a good sense for this when last week it unanimously accepted a motion about something that Privacy First has been emphasizing since its foundation: ‘‘Privacy by Design’’. In other words, incorporating privacy from scratch in a technical sense, at the micro level, through Privacy Enhancing Technologies (PET). In the view of Privacy First, however, the principle of ‘‘Privacy by Design’’ also applies to the meso- and macro-levels. That is to say, in an organizational and legislative sense. After all, this is the way you get to a privacy-friendly design as well as a privacy-friendly reality of a sustainable information society as a whole. Well, you can pursue your own line of thoughts here. As a source of inspiration Privacy First is pleased to provide the entire text of the parliamentary motion:

The House of Representatives,

on the advice of the deliberation,

considering that in ICT projects of the government there is too little attention for the protection of privacy and too little attention for the prevention of abuse of these systems;

considering that the privacy of citizens is not to be invaded any more than is strictly necessary and that insecure systems can put privacy in danger;

considering that systems that can easily be hacked seriously affect the reputation of government;

considering that modifying systems to safeguard privacy and enhancing security afterward, is usually more expensive and more often leads to a lower level of protection compared to when privacy and security are prerequisites from the outset of the project;  

requests the government to apply privacy by design and security by design in the development of all new ICT projects in order for new ICT systems to be more secure and better prepared against abuse and only to contain privacy-sensitive information when strictly necessary,

and proceeds to the order of the day.

Published in Law & Politics
Wednesday, 26 October 2011 16:15

Mobile finger scanners? Not in my backyard.

This summer it was already announced (and commented on by Privacy First) but yesterday it again popped up in the media: this fall four regional Dutch police forces will carry out a pilot experiment with mobile finger scanners to track down illegal immigrants. In official jargon this experimental project is called a ‘learning park’, according to a long-awaited response (after three months) to earlier Parliamentary questions. What will our friends at the police learn in the 'park' called the Netherlands? Privacy First sheds some light on a number of possible 'learning moments':

1) collectively intruding upon other people’s privacy and physical integrity by taking fingerprints of everyone who, in the eyes of the policeman, could perhaps be ‘illegal’,

2) this is very likely to go hand in hand with discriminatory enforcement, ethnic profiling and increasing stigmatization of certain societal groups,

3) initially the scanners will mostly be used for ‘illegal’ immigrants (undocumented migrants) but will then be used for other groups and eventually for every citizen, for instance for the collection of outstanding fines or tax debts (so-called 'function creep'),

4) this year it already appeared that the current state of biometric technology (with current error rates in passports and ID cards of at least 21%) is still in its infancy and isn’t suitable for use on a massive scale,

5) with all the consequences this entails, among which are unjustified suspicions, unjustified immigration detention placements, mutual feelings of insecurity and risks of irritation, confrontations and aggression on the streets,

6) all of this not even considering possible data leakages and hacking of the used equipment,

7) and all of this without public Privacy Impact Assessments and cost-benefit analysis of the matter in hand.

Hence, these mobile finger scanners are dangerous toys. Our advice: don’t start using them. This ‘learning park’ is nothing less than a privacy swamp.

Published in Biometrics
Sunday, 09 October 2011 12:29

Privacy trial balloon

Many people find privacy a heavy subject. To take a more light-hearted view at things, Privacy First is pleased to show you a photograph of the American artist William Lamson. As a playful protest against the 'surveillance State', this artist made balloons float in front of surveillance cameras. Perhaps also as a metaphor? Trial balloons with better ideas for a healthy democracy? Privacy First looks forward to seeing your privacy-friendly trial balloons!

Intervention

Published in Art Collection

Step 1: E-Gates at Schiphol Airport

Today a seemingly innocent article in Computable caught Privacy First’s attention. The title of the article is ‘‘Passport photo system is fraud sensitive’’ and its subtitle reads ‘‘Digital passport photo inadequate’’. The gist of the article is that the quality of the facial scans in passports (and ID cards) will have to be improved in order for the chance of mismatches in automated facial recognition at Schiphol Airport to be reduced. An experiment with facial recognition is currently planned for the fall of 2011. At Schiphol 36 so-called E-Gates will then be installed: gates for automatic border passage.    

On your way to the gate you will simply walk through one of those gates: the System verifies whether your face corresponds with the face on the chip of your passport. In case the System works 100% a 100% of the time then it’s enormously useful. In case it doesn’t, the System causes delays and irritation, long queues and new opportunities for identity fraud. And even if it does work faultlessly, there’s still a hidden 'catch': automatic screening of your security profile. Before coming to Schiphol you have already been completely screened on the basis of all possible databases that have been linked to you. Once at Schiphol it’s 'party time': without you knowing it your name has been assigned to a green, yellow, orange or red flag. More colors are possible. All of this remains unknown to you, which makes it all the more exciting. If you are taken apart from the queue at the E-Gate then it won’t be for a cup of tea and a biscuit, but to admire the color of your virtual flag once more. After all, it’s party time and the Royal Netherlands Border Police would rather not be color-blind. With a bit of luck you can still go aboard your plane, hoping of course that at the arrival in country X there’s no other feast of flags awaiting you.

Step 2: passport photo booth in the city hall

A few years later (on your return to the Netherlands) you need to renew your passport. For new passport photos you go to your local professional photographer. However, he redirects you to the city hall. For some time passports photos are still only allowed to be made there. You vaguely recall an article in Computable that already referred to this: ‘‘Mistakes [with passport photos] could be prevented by making a digital photo of the passport applicants in the city hall, at the moment they make their passport application.’’ At the time (2011) this seemed enormously useful to the government. Henceforth no more hassle with professional photographers but high definition 3D photos taken straight away in a special Big Brother booth at the town hall, easy as that. Designed initially for E-Gates at Schiphol, then used for automatic facial recognition in shops and on the streets, eventually worldwide. A comparable Dutch plan was rejected in 2007 under pressure from the sector of professional photographers. Since that time our country was hit by one recession after the other. Meanwhile the Dutch privacy movement flourished. But that wasn't meant to spoil the 'fun'. Therefore it took the Dutch government a lot of effort to convince photographers that they could very well do without their passport photo revenues. Not to mention the privacy of Dutch citizens.

Will this be our future? Not if it’s up to Privacy First. We’ll keep you posted.

Published in Profiling
Page 17 of 20

Our Partners

logo Voys Privacyfirst
logo greenhost
logo platfrm
logo AKBA
logo boekx
logo brandeis
 
 
 
banner ned 1024px1
logo demomedia
 
 
 
 
 
Pro Bono Connect logo
privacy coalitie deelnemer

Follow us on Twitter

twitter icon

Follow our RSS-feed

rss icon

Follow us on LinkedIn

linked in icon

Follow us on Facebook

facebook icon