At the end of this summer our colleagues from Bits of Freedom will once again be organizing the annual Big Brother Awards. Below are our nominations for the biggest Dutch privacy violations of the past year:
- Automatic Number Plate Recognition plans from Minister Opstelten
If it’s up to the Dutch Minister of Security and Justice, Ivo Opstelten, the travels of every motorist in the Netherlands will soon be stored in a police database for four weeks through automatic number plate recognition (ANPR) for criminal investigation and prosecution purposes. This means that, in the view of Mr. Opstelten, every motorist is a potential criminal. Privacy First deems this proposal absolutely disproportional and therefore in breach with the right to privacy as stipulated under Article 8 of the European Convention on Human Rights. In case Dutch Parliament accepts this legislative proposal, Privacy First will summon the
on account of unlawful legislation in violation with the right to privacy; see http://www.privacyfirst.eu/focus-areas/cctv/item/580-every-motorist-becomes-potential-suspect.html. Dutch State
- Proposal for hacking scheme from Minister Opstelten
A second miserable plan from Minister Ivo Opstelten is to authorize the Dutch police force to hack into your computer and to oblige citizens to decrypt their encrypted files for the police. In the view of Privacy First this plan, too, is entirely in breach with the right to privacy, since it’s unnecessary and disproportional. Moreover, the proposal contravenes with the ban on self-incrimination (nemo tenetur). The proposal will lay the basis for future abuse of power and forms a typical building block for a police State instead of a democratic constitutional State. For our main objections, see http://www.privacyfirst.eu/focus-areas/law-and-politics/item/599-privacy-first-objections-against-opstelten-hacking-scheme.html.
- License plate parking
As of late, in an ever greater number of Dutch cities (among which
) license plate parking is becoming compulsory. Privacy First stands up for the classical right of citizens to travel freely and anonymously in their own country. The right to park anonymously is a part of this. License plate parking clearly disregards these rights. Moreover, it leads to function creep in breach with the right to privacy. The prime example here is the already proven abuse of parking information of lease drivers by the Dutch tax authorities; see http://www.nrc.nl/nieuws/2013/07/29/privacywaakhond-het-servicehuis-parkeren-overtreedt-de-wet/ (in Dutch). Amsterdam
- Highway section controls
Section speed checks on Dutch highways make that the journeys of motorists are continuously being monitored. This forms a massive infringement of the right to privacy. Such an infringement requires a specific legal basis with guarantees against abuse. Moreover, function creep is just around the corner; this already becomes obvious from the current plans of Dutch Minister Opstelten to soon use all highway speed cameras for automatic number plate recognition (ANPR) for investigation and prosecution purposes of a whole range of criminal offences as well as the collection of outstanding fines, tax debts, etc.
Besides the ‘usual’ cameras in neighbourhoods, shops, stations, above highways etc., citizens are increasingly – and almost unnoticed – being spied upon by flying cameras: so-called drones. The government does this (mainly the police) and so are private parties, yet without any sufficient legislation. Because of this the privacy risks and the likelihood of an accident are enormous. Privacy First therefore pleas for a moratorium on the use of drones until proper national legislation is put in place. Furthermore, drones should only be allowed to be used by the government in exceptional cases, for instance in disaster situations or for the investigation of suspects of very serious crimes, and only in case no other adequate means can be deployed. For private parties a license system is to be introduced with strict supervision and enforcement. Moreover, every drone is to be equipped with a transponder that is publically cognizable.
- Police Taser weapons
In September 2012 it became known that Dutch Minister Opstelten was planning to equip the entire Dutch police force with Taser weapons. In the view of Privacy First, the use of Taser weapons can easily lead to violations of the international ban on torture and the related right to physical integrity (which is part of the right to privacy). Taser weapons lower the threshold for police violence and hardly leave behind any external scars. At the same time they can inflict serious physical damage and mental harm. In conjunction with the current lack of firearms training for Dutch police officers, this produces serious risks for the Dutch population. In May 2013 the Dutch government had to justify itself over Opstelten’s plans in front of the UN Committee against Torture in Geneva; see http://www.privacyfirst.eu/focus-areas/law-and-politics/item/595-dutch-taser-weapons-on-agenda-of-un-committee-against-torture.html. Nevertheless, for the moment Opstelten’s intentions seem to be unchanged...
- Electronic Health Record
In April 2011 the introduction of a Dutch national Electronic Health Record (Elektronisch Patiëntendossier, EPD) was unanimously binned by the Dutch Senate due to privacy objections and security risks. However, the national introduction of almost the same EPD was subsequently worked towards along a private route and this included the exchange of medical data through a National Switch Point (Landelijk Schakelpunt, LSP). This will by definition lead to 'function creep by design' instead of privacy by design. The digital ‘regional walls’ in and around the LSP will easily be circumvented or removed. Therefore the entire system can take on its old central form again at any given moment in the future, with all the privacy and security risks this entails. Furthermore, the current layout is characterized by generic instead of specific permission of the patient to share medical data with healthcare providers (and future third parties). This constitutes an imminent danger for the medical privacy of citizens as well as the professional confidentiality of medical specialists.