Research conducted by the Wetenschappelijk Onderzoek- en Datacentrum (WODC) reveals serious deficiencies in the protection of personal data in public registers. Of the 13 registers examined, two should not be public at all, seven lack a legal basis for sharing certain data, and all have shortcomings in their privacy measures.
The registries - managed by the Ministry of Justice and Security and the Judiciary, among others - fulfill an important role for legal certainty and transparency. But the wide digital accessibility of personal data also creates risks, such as identity fraud, harassment and large-scale reuse of data.
Two registers should be closed: the register of private security organizations and detective agencies (no legal basis) and the Central Authority Register (disproportionate security risks for minors).
Seven registries lack legal basis for disclosing sensitive data, such as residential addresses and dates of birth.
No registry systematically keeps track of who consults the data, even though in some cases it involves millions of searches per year.
The Open University researchers who conducted the WODC study advise, among other things:
Establish explicit legal bases for disclosure.
Implement tiered access: basic information wide, detail information limited.
Limit bulk deliveries and require logging & monitoring.
Minimize personal data in the default view.
Organize periodic reviews and uniform guidelines for foreclosure.
The WODC emphasizes that a quick approach is crucial to mitigate privacy risks without losing the social value of registries - such as transparency and legal certainty. This is the only way to ensure the legality and effectiveness of these registries in the long term.
Read here the WODC report
