June 11, 2014

Government still misleads masses with digital ID system

Filed under: IT,Weird by Orangemaster @ 11:39 am

For years, local governments have been mistakingly pointing tens of thousands of citizens if not more to an advertising agency called Digi-D in Waalwijk, Noord-Brabant instead of to the Dutch national government’s digital identification system called DigID (no hyphen, and ID in capitals), indispensable for filing taxes and other matters nowadays. In October 2012 10,000 people sent their details to Digi-D. It’s June 2014 and the wesbite the agency set up to tell people about this serious cock-up counted 40,805 mislead people on 6 June.

Digi-D the agency has been around since 2002, while DigID started up in 2005. The government’s game plan has been to strong arm the agency into changing its name, but the agency claims that it would cost them 110,000 euro to change their name, never mind lawyering up for something they didn’t mess up. To make it worse, the agency is being forced to store all this data to prove that it is a nuisance to them, but if ever the data leaked, the government would blame the agency for it!

(Link: www.omroepbrabant.nl)

Tags: , , , , ,

December 9, 2013

Dutch banks invent rules to escape phishing damage claims

Filed under: General by Branko Collin @ 5:22 pm

Two weeks ago Emerce reported that the major Dutch banks had streamlined their terms and conditions with regards to theft resulting from phishing.

The new terms and conditions, which will come into effect on 1 January 2014, set out five conditions phishing victims must meet to be able to claim damages from their bank. Customers must:

  • Never give their passwords to anyone.
  • Never let others use their bank card.
  • Adequately protect the equipment they use for electronic banking (i.e. install virus scanners and so on).
  • Regularly check their bank statements.
  • Report incidents right away.

Financial news site Z24 believes that these new rules are bad news for bank customers—they will have to pay for the damages of phishing attacks themselves in a greater number of cases. The site quotes Jurgen Braspenning of Tilburg University who accuses some consumers of being lazy and careless. “It would seem that extremely unfair or dubious cases may still count on the kindness of banks in the future.”

A spokesperson for the Nederlandse Vereniging van Banken (Dutch association of banks) tries to downplay the effects of the new rules: “it is not our intention to make customers more often responsible for the costs and we don’t expect them to be.” According to Z24 the burden of proof is always with the bank.

See also: Dutch banks won’t employ anti-skimming hook.

Tags: , , , , ,

October 8, 2012

Governments mislead citizens into sending digital information to wrong address

Filed under: Technology by Branko Collin @ 12:01 pm

The Dutch national government has put a lot of work into its digital identification system, as DigID is pretty much obligatory for most people these days. For instance, most people cannot file tax returns without one.

However, the government would not be the government if it had not found ways to mess up its own system. The latest howler is reported by WebWereld which writes that a lot of municipalities refer citizens to an ad agency called Digi-D (note the hyphen).

The ad agency existed before the government came up with the name DigiD. The agency claims it has already received sensitive data from 10,000 mistaken citizens, and it has tried to get the government to mend its ways, so far to no avail. Being an ad agency they have now started a campaign to do what the government should have done in the first place, namely point citizens to the right address. The slogan: ‘be careful with your DigiD!’

WebWereld lists several official government documents that refer citizens to the wrong organisation.

Apparently local governments have a checklist that tells them to pay attention to the correct spelling of the name DigiD, among other things.

(Photo by Mystic Mabel, some rights reserved)

Tags: , , , ,

April 4, 2012

Dutch authorities make identity theft easy

Filed under: General by Orangemaster @ 2:19 pm

As of late, many journalists have turned finding out how badly privacy is protected by government institutions into a kind of sport.

Reinier Vermeer, a journalist from Webwereld, rang up the Employee Insurance Agency (UWV) to find out about the data they had on him, and a few days later he got a letter from them with all the details of his neighbours.

The letter contained the complete names, dates of birth and social insurance numbers of his next-door neighbours, all of which is enough to ask for an online ID code, for doing taxes and even request a new passport using your own picture. It’s like Christmas for identity thieves and it goes against everything the Data Protection Law stands for.

And if said journalist was a real baddie, he could run around for a long time posing as his neighbour and commit all kinds of atrocities. The police in the journalist’s area are currently trying out a system where if you lose your passport, you don’t need to file a report with the police anymore, you just show up at some municipal office and file for a new passport. And unless his neighbour recently ordered a new biometric passport, there is no way of checking whether the journalist is who he says he is. And imagine the neighbour’s fun of trying to prove he is who he is.

So you’re a a hardcore baddie (think terrorist), you have a proper though technically illegal European passport, and the Dutch authorities would probably investigate the neighbour’s claim of having had his identity stolen for months before you’d get caught for anything, all because some stupid employee at the Employee Insurance Agency is too stupid/lazy/unmotivated to follow the rules or even learn them.

See also: Man harassed by police for 13 years after identity theft

Tags: , , , , ,

October 25, 2008

Man harassed by police for 13 years after identity theft

Filed under: General by Branko Collin @ 8:39 am

A Dutchman of Surinamese decent has been fighting the police, customs and the DoJ for the past thirteen years after a criminal junkie kept pretending to be him, says the national ombudsman. The anonymous man has a criminal record of 43 crimes, none of which he committed. Although the police knew almost from the start that a criminal junkie kept using the man’s identity, they never succeeded in entirely clearing his name. Instead, the treatment the victim received over the years at the hands of the police and customs got worse and worse. Among other things the man was arrested for reading a newspaper and his house was searched in the presence of his two young children.

When the man asked the police what they were going to do to clear his name, he bluntly got told to change his identity.

The ombudsman concludes:

“Kafka'” and “Kafka-esque” are terms in danger of becoming over-used when describing government actions, but in this case the label is entirely deserved.

The government will introduce a law next year that should miraculously help minimize mix-ups such as these by limiting civil freedoms even further and by increasing the number of points of failure, though the ombudsman seems quite happy with (part of) the proposal.

(Edit 22-5-2018: replaced link to Ombudsman press release by link to Ombudsman news article)

Tags: , , ,