Cabinet says reuse of personal data in public records should be banned. The Ministry of the Interior reports on digitaloverheid.nl (1) that the ban has been incorporated into a new draft bill. This proposal is now with the Raad van State for additional advice.
The law that will be amended is the Reuse of Government Information Act (Who). The reason for the change in the law is the Open Data Directive adopted by the European Union in 2019. The Netherlands incorporated the directive into its national legislation in 2021, two years later.
The Open Data Directive states that government agencies should be encouraged to share data for both research and commercial use. The Autoriteit Persoonsgegevens (AP) found last week that the Who set too few limits. The risk of this is that personal data can be shared without the consent or knowledge of the people whose data it belongs to.
The AP does see the importance of open government data for research. AP Vice President Monique Verdier cites the example that there is also no objection at all to revealing, for example, information about the number of trees planted in a particular neighborhood.
When it comes to people, their address, their phone number, their property, it's something else entirely. Verdier: "It should not be left to government agencies to weigh up whether personal data can be shared. Ultimately, you belong to decide your own data. Unless the legislature - not a government organization itself - determines that it is not."
Thus, with this legislative amendment, the Cabinet is following the AP's advice. Once the Raad van State has approved the bill, it will be sent to the House of Representatives. If the majority here agrees, the Senate will still have to approve it before the change in the law takes effect.
The AP criticized the disclosure of personal data earlier this year (1). The criticism focused mainly on information in the Trade Register and the Land Registry. In fact, the public accessibility of this private information was already causing problems. For example, anyone could view the address of a self-employed person in order to stalk or threaten that person (3).
It is also possible to set algorithms loose on the personal data in public records and combine this information with data from other sources. Companies can use the analyses of this big data (4) to build profiles of citizens and sell business.
In May, the Cabinet therefore already ensured that self-employed persons could shield their private address (5) in the Commercial Register. In June, they could also shield their business address (6). After all, especially in times of working from home (7), the business address is also the home address.
It is not yet possible for regular citizens to shield their address in the Land Registry. Thus, this public register continues to pose a risk to the privacy of Dutch citizens. Unfortunately, this will not change after the change in the law.
www.digitaleoverheid.nl/nieuws/iedereen-is-en-blijft-baas-over-eigen-persoonsgegevens/
https://www.vpngids.nl/nieuws/ap-overheid-moet-ook-data-in-kadaster-en-handelsregister-afschermen/
https://www.vpngids.nl/veilig-internet/malware/wat-is-stalkerware/
https://www.vpngids.nl/privacy/anoniem-browsen/big-data-en-privacy/
https://www.vpngids.nl/nieuws/zzpers-kunnen-priveadres-laten-afschermen-in-handelsregister/
https://www.vpngids.nl/nieuws/alle-zzpers-kunnen-vestigingsadres-afschermen-in-handelsregister/
https://www.vpngids.nl/veilig-internet/zakelijk/veilig-thuiswerken/
