The police have dozens of data systems that are less than compliant with existing privacy regulations. Because of weak security, unauthorized officers have too much room and freedom to view records that are not intended for them. It is high time to act and address these problems.
So says Rejo Zengers, policy advisor at Bits of Freedom, in an interview with NRC (1).
Earlier this week, Trouw quoted from an internal police memo. It stated that the police are struggling with an "endless stream of information"(2). In fact, the police keep private data on everyone who has ever been in contact with the police. This includes witnesses, suspects or people who have ever reported a crime. In addition, the police automatically receive updates when there is a change in someone who is in the systems. These include things like a marriage, divorce, birth or move.
Even if these data are no longer relevant to a case, they remain available in police systems. Even if a person dies, his data are not deleted. In this way, the police follow the ins and outs of 9 million Dutch people.
In a response, a police spokesman said no laws and regulations are being broken. However, the police do acknowledge that they may be able to do their job with less data. New policies should ensure that police are no longer allowed to track people who have ever had contact with the police. Only specific groups or individuals will then receive a recipient indication, such as members of a motorcycle gang or people with a gun permit.
According to Rejo Zenger, the police's data hunger poses all sorts of risks. By violating privacy rules, there is an unnecessary risk of data breaches. "The police are not allowed to collect more data than is strictly necessary for their task. The fact that they themselves state that they collect data they do not need indicates that they are doing more than is proportionate, thus violating the law," said the policy advisor at Bits of Freedom.
In an interview with NRC, Zenger describes the police as a frequent offender. "Internal police reports show that many of these systems do not comply with privacy regulations. It is not properly regulated that only authorized officers can access the data. Integrity investigations by the police themselves show every year that officers have accessed data unauthorized. If you add up all the incidents and investigations, you can conclude that the police themselves are a frequent offender. One that for years and on a large scale violates the rules that are supposed to ensure that our data is safe."
In the interview with the daily, Zenger points out that security problems allow unauthorized agents to poke around in personal files. Corrupt agents and moles are given too much leeway as a result. According to the civil rights organization's policy adviser, there are plenty of examples of agents who shared information with criminals.
Furthermore, Zenger fears that from now on citizens will think twice before reporting to the police because they are not sure their data is safe. "If the police lose the trust of citizens, there will be no more police. As a result, this is a good example of how more privacy and more security can go hand in hand." (3)
Finally, Zenger stressed that the police have been violating the Police Data Act for more than a decade and getting away with it. Most groups in the House of Representatives, he says, don't make a problem of that. And the Personal Data Authority does not intervene. Zenger says it is high time to deploy "heavier means." What exactly he means by that is unclear.
In a response, a police spokesperson let it be known that it is not deaf to the criticism and is doing its best to implement solutions. "The current focus on automatically updating personal data stems from a memo in which the police themselves signaled that this is not necessary in all cases. We are constantly looking for possible weaknesses and adjusting police systems accordingly," he said.
https://www.nrc.nl/nieuws/2022/07/26/privacy-expert-politie-is-veelpleger-bij-schending-privacy-regels-a4137421
https://www.vpngids.nl/nieuws/politie-bewaart-onnodig-lang-persoonsgegevens/
https://www.vpngids.nl/privacy/