According to a new bill, people can be prosecuted through criminal law for publishing someone's personal data to scare them. But to counter this so-called doxing, it is also necessary for the government itself to stop making residential addresses easily accessible via the Land Registry and the Trade Register without good reason. So writes the Autoriteit Persoonsgegevens (AP) in its opinion on this bill.
Doxing is the collection or disclosure of someone's address or phone number, for example. With the purpose of scaring that person, causing serious inconvenience or interfering with his or her function. This may involve information that is already public in other places. For example, on social media, on sites that publish data from a data breach or in government registers such as the Land Registry and Trade Register.
Then Minister of Justice and Security Grapperhaus drafted a bill last year at the request of the House of Representatives that would allow perpetrators of doxing to receive up to one year in prison.
'We see this form of intimidation more and more often. And is very drastic,' says AP chairman Aleid Wolfsen. 'Take someone who puts the address of a politician or police officer on Twitter with a clear purpose other than sending flowers. The result: the victims and their families live in constant fear that someone might be at their doorstep. To threaten them - or worse. Unfortunately, that fear is sometimes justified.
'Doxing is also a violation of the privacy law AVG and already punishable under the AVG as well. And the AP could ban that processing or have it deleted and impose a fine on the offender. Moreover, with this new law, as a victim, you can go straight to the police. And the perpetrator even runs the risk of a prison sentence. That's a good thing.
'Information for doxing can come from anywhere. But the government should also reach out and pay attention to the sources of data used for doxing. The government should amend legislation to prevent data from its own records from being used for doxing,' Wolfsen said.
Current laws and regulations result in too much data being accessible in the Trade Register and Land Registry that is useful for doxing. These can now also be requested without the applicant having to demonstrate a specific interest in obtaining those data.
In the Trade Register, managed by the Chamber of Commerce, residential addresses of home-based self-employed workers can be looked up. This is unnecessary, in the eyes of the AP. Last year, the AP advised the Ministry of Economic Affairs and Climate to shield the home addresses of self-employed people working from home from now on. But the ministry did not adopt this advice.
In the Land Registry, data about the owners of a property can be retrieved for each address. Such as name, date of birth, whether someone is married and the price someone paid for the property. Anyone can request this information for a fee.
Even people who have less good intentions and do not intend to buy the property or have any other interest related to why that data is in the Land Registry. The AP also sees no need for these generous inspection opportunities. The AP previously pointed out to the government that it is possible to check whether someone has a good reason to request data from the Land Registry.
View the opinion of the AP
