Privacy-wise these are turbulent times. Partly because of the pressure by Privacy First, a positive change is ongoing since last year. Privacy is higher up on the Dutch political agenda. Dutch media more often and more extensively report on privacy matters. This enhances privacy awareness among the Dutch population. It also reinforces our democratic constitutional State. Examples of positive developments are the abandonment of the electronic toll system (no ‘espionage units’ in cars), voluntary instead of compulsory ‘smart energy meters’, voluntary instead of compulsory body-scans at airports, abandonment of the storage of fingerprints under the Dutch Passport Act and the introduction of Privacy Impact Assessments for new legislation that invades the privacy of citizens. All of these developments go hand in hand with Privacy First’s motto: ‘‘your choice in a free society’’. Meanwhile, privacy restricting forces from the old days still have their say. Bad habits die hard. In recent months this became particularly obvious through developments towards a private restart of the Dutch Electronic Health Record (Elektronisch Patiëntendossier, EPD). Earlier this year the Senate had rightly binned the EPD. Apparently some policy makers and commercial parties are having none of this. With similar stubbornness others are currently trying to press through their old plans for Automatic Number Plate Recognition (ANPR) and camera surveillance along the Dutch border. These plans were already on the drawing board years ago, in a time in which privacy increasingly seemed to become a taboo. A time in which the American Bush administration was able to burden the entire European Union with biometric passports and associated databases. That time is over, but the heritage of that era still exerts its influence to this day...

In the meantime privacy is back where it once was. Privacy is the ‘‘new green.’’ In that respect advocates of the national EPD and ANPR are behaving like a bunch of old environmental polluters. They’re like rusty old factories from the 70s being teletransported to the year 2011, without them realizing it. The Dutch House of Representatives seemed to have a good sense for this when last week it unanimously accepted a motion about something that Privacy First has been emphasizing since its foundation: ‘‘Privacy by Design’’. In other words, incorporating privacy from scratch in a technical sense, at the micro level, through Privacy Enhancing Technologies (PET). In the view of Privacy First, however, the principle of ‘‘Privacy by Design’’ also applies to the meso- and macro-levels. That is to say, in an organizational and legislative sense. After all, this is the way you get to a privacy-friendly design as well as a privacy-friendly reality of a sustainable information society as a whole. Well, you can pursue your own line of thoughts here. As a source of inspiration Privacy First is pleased to provide the entire text of the parliamentary motion:

The House of Representatives,

on the advice of the deliberation,

considering that in ICT projects of the government there is too little attention for the protection of privacy and too little attention for the prevention of abuse of these systems;

considering that the privacy of citizens is not to be invaded any more than is strictly necessary and that insecure systems can put privacy in danger;

considering that systems that can easily be hacked seriously affect the reputation of government;

considering that modifying systems to safeguard privacy and enhancing security afterward, is usually more expensive and more often leads to a lower level of protection compared to when privacy and security are prerequisites from the outset of the project;  

requests the government to apply privacy by design and security by design in the development of all new ICT projects in order for new ICT systems to be more secure and better prepared against abuse and only to contain privacy-sensitive information when strictly necessary,

and proceeds to the order of the day.

Published in Law & Politics
Wednesday, 26 October 2011 16:15

Mobile finger scanners? Not in my backyard.

This summer it was already announced (and commented on by Privacy First) but yesterday it again popped up in the media: this fall four regional Dutch police forces will carry out a pilot experiment with mobile finger scanners to track down illegal immigrants. In official jargon this experimental project is called a ‘learning park’, according to a long-awaited response (after three months) to earlier Parliamentary questions. What will our friends at the police learn in the 'park' called the Netherlands? Privacy First sheds some light on a number of possible 'learning moments':

1) collectively intruding upon other people’s privacy and physical integrity by taking fingerprints of everyone who, in the eyes of the policeman, could perhaps be ‘illegal’,

2) this is very likely to go hand in hand with discriminatory enforcement, ethnic profiling and increasing stigmatization of certain societal groups,

3) initially the scanners will mostly be used for ‘illegal’ immigrants (undocumented migrants) but will then be used for other groups and eventually for every citizen, for instance for the collection of outstanding fines or tax debts (so-called 'function creep'),

4) this year it already appeared that the current state of biometric technology (with current error rates in passports and ID cards of at least 21%) is still in its infancy and isn’t suitable for use on a massive scale,

5) with all the consequences this entails, among which are unjustified suspicions, unjustified immigration detention placements, mutual feelings of insecurity and risks of irritation, confrontations and aggression on the streets,

6) all of this not even considering possible data leakages and hacking of the used equipment,

7) and all of this without public Privacy Impact Assessments and cost-benefit analysis of the matter in hand.

Hence, these mobile finger scanners are dangerous toys. Our advice: don’t start using them. This ‘learning park’ is nothing less than a privacy swamp.

Published in Biometrics
Sunday, 09 October 2011 12:29

Privacy trial balloon

Many people find privacy a heavy subject. To take a more light-hearted view at things, Privacy First is pleased to show you a photograph of the American artist William Lamson. As a playful protest against the 'surveillance State', this artist made balloons float in front of surveillance cameras. Perhaps also as a metaphor? Trial balloons with better ideas for a healthy democracy? Privacy First looks forward to seeing your privacy-friendly trial balloons!


Published in Art Collection

Step 1: E-Gates at Schiphol Airport

Today a seemingly innocent article in Computable caught Privacy First’s attention. The title of the article is ‘‘Passport photo system is fraud sensitive’’ and its subtitle reads ‘‘Digital passport photo inadequate’’. The gist of the article is that the quality of the facial scans in passports (and ID cards) will have to be improved in order for the chance of mismatches in automated facial recognition at Schiphol Airport to be reduced. An experiment with facial recognition is currently planned for the fall of 2011. At Schiphol 36 so-called E-Gates will then be installed: gates for automatic border passage.    

On your way to the gate you will simply walk through one of those gates: the System verifies whether your face corresponds with the face on the chip of your passport. In case the System works 100% a 100% of the time then it’s enormously useful. In case it doesn’t, the System causes delays and irritation, long queues and new opportunities for identity fraud. And even if it does work faultlessly, there’s still a hidden 'catch': automatic screening of your security profile. Before coming to Schiphol you have already been completely screened on the basis of all possible databases that have been linked to you. Once at Schiphol it’s 'party time': without you knowing it your name has been assigned to a green, yellow, orange or red flag. More colors are possible. All of this remains unknown to you, which makes it all the more exciting. If you are taken apart from the queue at the E-Gate then it won’t be for a cup of tea and a biscuit, but to admire the color of your virtual flag once more. After all, it’s party time and the Royal Netherlands Border Police would rather not be color-blind. With a bit of luck you can still go aboard your plane, hoping of course that at the arrival in country X there’s no other feast of flags awaiting you.

Step 2: passport photo booth in the city hall

A few years later (on your return to the Netherlands) you need to renew your passport. For new passport photos you go to your local professional photographer. However, he redirects you to the city hall. For some time passports photos are still only allowed to be made there. You vaguely recall an article in Computable that already referred to this: ‘‘Mistakes [with passport photos] could be prevented by making a digital photo of the passport applicants in the city hall, at the moment they make their passport application.’’ At the time (2011) this seemed enormously useful to the government. Henceforth no more hassle with professional photographers but high definition 3D photos taken straight away in a special Big Brother booth at the town hall, easy as that. Designed initially for E-Gates at Schiphol, then used for automatic facial recognition in shops and on the streets, eventually worldwide. A comparable Dutch plan was rejected in 2007 under pressure from the sector of professional photographers. Since that time our country was hit by one recession after the other. Meanwhile the Dutch privacy movement flourished. But that wasn't meant to spoil the 'fun'. Therefore it took the Dutch government a lot of effort to convince photographers that they could very well do without their passport photo revenues. Not to mention the privacy of Dutch citizens.

Will this be our future? Not if it’s up to Privacy First. We’ll keep you posted.

Published in Profiling
Saturday, 20 August 2011 14:22

irProjector: 'watching the watchers'

Without us realizing it, we are being filmed and photographed by dozens of surveillance cameras on a daily basis. But who are the people actually looking at us, and do those camera operators actually realize that their work forms a continuous violation of someone else’s privacy? This last question inspired the young Dutch artist Peter van de Werve (25) for his project called irProjector. The letters ‘ir’ stand for infrared: with the use of infrared light Van de Werve projects life-sized messages onto the field of view of surveillance cameras in the Rotterdam inner-city. These messages are invisible to the naked eye, but do appear on the camera monitors. The infrared projections confront the security officers behind the monitors with messages such as: ‘Congratulations, you are the umpteenth voyeur’, ‘Your hair looks really nice today!’ and ‘Error 404: privacy not found!’ This sort of breaks the one-way traffic of public camera surveillance: by finding messages on their monitors, security officers experience being spied upon instead of the other way around. Hopefully this will make them think about the privacy of the people they monitor every day...

Privacy First regards this art project as a brilliant initiative and hopes its message will be noticed by many.

Watch the video below and read this article (in Dutch) about irProjector. Other art projects by Peter van de Werve can be found on his website:

Published in Art Collection

Last year the compulsory storage of fingerprints under the new Dutch Passport Act lead to turmoil on a national scale. This turmoil has been caused in particular by the enormous risks that accompany the storage. In order to contain the risks for citizens, the Privacy First Foundation brought into circulation a so-called Municipality Guarantee Letter (in Dutch: GemeenteGarantieBrief): by using this model letter citizens were able to obtain the guarantee from their municipality that their fingerprints would be dealt with carefully and that potential damage would be at the expense of the State. The Municipality Guarantee Letter turned out to be a great success. During a Dutch parliamentary debate the State Secretary for the Interior Ms. Ank Bijleveld described the letter as follows:

‘‘It’s a campaign by the Privacy First Foundation. This foundation submits a declaration about the storage of fingerprints to municipalities and asks council officials to sign it. They also have to indicate how they deal with the fingerprints and have to declare that they comply with certain guarantees.’’

The cause for this debate in the House of Representatives was the fact that the State Secretary had advised municipalities not to accept the letter, let alone sign it. Much to the annoyance of Dutch political parties as well as the National Ombudsman Alex Brenninkmeijer. Such letters should always be accepted by the government, according to the National Ombudsman. ‘‘There is a right to petition’’, Dutch newspaper Telegraaf quoted him as saying.

Recently the Dutch Interior Minister Piet Hein Donner announced that the storage of fingerprints by municipalities would be brought to an end at the end of July at the latest (after a modification to the municipal software). Moreover, plans for storage in a national database have been shelved because of privacy objections and the enormous percentage of errors in biometric technology. Yesterday (1 August) the Ministry of the Interior declared by telephone to Privacy First that the storage of fingerprints has now indeed been put to an end by all municipalities in the Netherlands, that is to say, it has been reduced to the duration in between the application and the provision of the passport or ID-card. With this the goal of the Municipality Guarantee Letter has for the most part been achieved.

Now another objective comes in sight: voluntary instead of compulsory storage of fingerprints in the document. To this end Privacy First has updated the Municipality Guarantee Letter to a new version: the Municipality Guarantee Letter 2.0. With this letter citizens can lodge an official protest to their municipality against the compulsory taking of fingerprints for a new passport or ID-card. Privacy First has already filled in a few possible objections in the model letter. Citizens can change or complete the letter to their own wishes. As of today, the letter is available for everyone on the website of Privacy First.

Privacy First expects that numerous citizens will make use of the new Municipality Guarantee Letter. This means the social resistance against the compulsory taking of fingerprints enters a new phase.

Download the Municipality Guarantee Letter 2.0 by Privacy First HERE.

Published in Actions

This week Big Brother suffered a well deserved defeat in the Dutch city of Groningen: an experiment with 'listening cameras' in the Groningen inner city has turned out to be a complete failure. The aim of the experiment was to be able to detect ‘deviant behavior’. However, this happens to be technically infeasible: the microphones mounted onto the cameras cannot even distinguish a fight from a scooter passing by. Mayor Peter Rehwinkel has therefore decided to get rid of the microphones.

The decision by the mayor fits into a current European trend: on behest of the European Parliament the flow of money to the European Big Brother-project INDECT has recently been called to a halt. This project too was intended for detecting ‘deviant behavior’. With it the police expected to be able to predict and prevent crimes, much like in the Hollywood film Minority Report.

We will now need to wait for the development of new software to detect deviant Big Brother behavior of policy makers. Privacy First will keep you posted...! ;)

Sources: Dutch newspaper Volkskrant, July 20Webwereld 8 June 2011.

Published in CCTV

Shocking news today: the Dutch police wants to check fingerprints on the streets. An experiment with special finger-scan equipment is to start this fall.

Initially the aim of the experiment is to track down illegal immigrants and suspects of crimes. After that, attention will undoubtedly turn to all other citizens.

It was recently decided to halt the storage of fingerprints when applying for passports and ID cards on account of privacy objections and the enormous error rates (21-25%) in biometric technology. Such errors could lead to great numbers of innocent citizens ending up as suspects. Apparently the police is now accepting this risk. No doubt this is a six-figure deal: biometrics are big business. Similar, heavily criticized projects in Great Britain involved millions of ICT pounds.  

However, according to the Dutch Ministry of Security and Justice there’s no problem:

‘‘Instead of people having to go to the police station, fingerprints are taken on the spot. This reduces bureaucracy, makes sure there’s more police out on the streets and improves criminal investigation.’’ (Source)

Privacy First stands up against this type of criminalization of public space. Fingerprints have to be taken of suspects at the police station. Not of ordinary citizens on the streets. Apart from violating people's privacy, this paves the way for arbitrariness, discrimination and ethnic profiling.

In the view of Privacy First, the scheduled experiment violates current privacy legislation. During the recent hearing about passport biometrics at the Dutch House of Representatives this was even confirmed by the Chief Information Officer of the Dutch Police itself:

‘‘When the identity of someone has to be ascertained out on the street, or when a passport is handed over, it’s not like the police immediately has a look, wherever... It’s not even allowed, but technically it isn't available either.’’
(A. Meijboom (CIO Dutch Police),
Round table about biometric data in passports, permanent commission for the Ministry of the Interior, Dutch House of Representatives, 20 April 2011.)

Everyone can draw their own conclusions from this.

Published in Biometrics

The art project ‘© Google Privacy’ by Dutch artist Sofie Groot Dengerink will be on exhibit in the Municipal Museum of The Hague from 10 July till 21 August 2011. This art project is part of the SummerExpo 2011 dubbed ‘Anonymously Chosen’. In 2010 Groot Dengerink graduated from the Utrecht School of Arts with her project ‘© 2020’. ‘© Google Privacy’ is the continuation of this and will show a number of interiors that are visible in Google Maps, as was the case with her previous project.

© Google Privacy is a virtual street where the viewer gets a special peek into the lives of the people who live there. Fascinated by Google’s digital world and by the interaction with the analogous world, Sofie Groot Dengerink shows how far-reaching the digital invasion of privacy is by incorporating screenshots of Google Maps in her work. She wonders: ‘How much further will things go?’

Sofie: ‘‘There’s actually relatively little to be seen in the living rooms, but what if better cameras are going to be used in the future with which you can effectively zoom into those rooms, being able to actually read what is written on the account statements that are on the table... Your entire private life is literally up for grabs out on the street, with the difference that these streets can be viewed all over the world and at any given moment during the day. Street View is public territory and Google puts these images online without the residents knowing it. In the old days you used to walk on the streets at night and you could peek into the homes that didn’t have their curtains drawn, ‘so you could see how Mary had her couches arranged’. Nowadays you can safely do that at home, behind your desk.’’

‘‘Nothing stays a secret in today’s internet culture. Many people that I visited, of whom I had ‘taken a picture’ of their interior, didn’t even know that their interior is so clearly visible in Google Maps and they were alarmed by it. So some of them didn’t want to cooperate with my project, which of course is understandable. Suddenly there’s this girl standing at your front door with a picture of your dining table full of paperwork asking whether she may print and use it. You cannot yet quite see what exactly is written on those papers, but this is only still a small step away from really zooming into the living room. That’s what I’m trying to show with this research. The pictures are merely screenshots from my PC screen. I myself have put the navigation that seems to come from Google as a layer on top.’’

In © Google Privacy you just get that little bit of extra information about life in this digital parallel world (click on the pictures to enlarge):






In 2010 Sofie Groot Dengerink designed a tram with ‘Amstertram Maps’ for the Amsterdam public transport company GVB as well as an installation called ‘Digital Transformation’ for Capgemini, Les Fontaines. More work by Sofie Groot Dengerink that is characterized by the interaction between the digital and analogous world can be found at and

Published in Art Collection

This afternoon Privacy First sent the following letter to the Electronic Health Record spokespersons in the Dutch House of Representatives:

‘‘Dear Members of Parliament,

Recently the Senate, quite rightly, unanimously rejected the legislative proposal to introduce a national Electronic Health Record (Elektronisch Patiëntendossier, EPD), especially in light of the enormous privacy risks this EPD would entail. It is therefore with great concern that Privacy First has taken note of developments that indicate a possible restart of that very same EPD along a private, extra-parliamentary route. Such a restart is not only disdainful with regard to our democratic process, it is also a denial of the risks and worries on the basis of which a legal introduction of a national EPD recently did not go ahead. To this end, Privacy First makes an urgent appeal to you to call a halt to this development and to call the relevant persons in charge to account. From a privacy-legal point of view, Privacy First is of the opinion that the Dutch government remains unabatedly responsible for any privacy-infringements that will result from a private, national EPD, especially in light of the fact that such a system has been emphatically rejected by the Senate for privacy reasons.    

In line with the recently adopted Franken motion, in this respect Privacy First also urges you to have an independent, public Privacy Impact Assessment (PIA) carried out as soon as possible with regard to both 1) a national EPD as envisaged by the private parties involved as well as 2) possible alternatives for this national EPD. In carrying out this PIA, necessity, proportionality, subsidiarity and freedom of choice are to be guiding criteria. Privacy by design and privacy enhancing technologies, among which for instance technologically advanced patient cards or personal health records, are to fulfil an important role in such a PIA. Until the moment the PIA has been rounded off, no irreversible steps towards a private restart of the national EPD are to be taken.

In the view of Privacy First, the National Switch Point (Landelijk Schakelpunt, LSP) of the national EPD is to be transformed to small-scale, regional systems in accordance with the desire of the Senate. For regional exchange of data an LSP is unnecessary: to this end regional switch points are sufficient, possibly complemented by supra-regional 'push-communication'. This enhances security and reduces the risks of abuse that are inherent to a national EPD.’’

Published in Medical Privacy
Page 16 of 18

Our Partners

logo Voys Privacyfirst
logo greenhost
logo platfrm
logo AKBA
logo boekx
logo brandeis
banner ned 1024px1
logo demomedia
Pro Bono Connect logo

Follow us on Twitter

twitter icon

Follow our RSS-feed

rss icon

Follow us on LinkedIn

linked in icon

Follow us on Facebook

facebook icon