Article 13 of the Dutch constitution declares a secrecy of correspondence, meaning the government and others are not allowed to snoop on your mail.
However, there is an unfortunate loophole: the law specifically talks about paper mail. E-mail was never included and therefore exists in a legal limbo.
According to Internet lawyer Arnoud Engelfriet, the council of ministers of the Netherlands has now proposed a change in the constitution that will not actually name e-mail, but which will make the phrasing of Article 13 more generic. A change in the constitution requires two consecutive parliaments to vote for that change, the idea being that the change can be made an issue in the elections.
Not that it matters much, as the Dutch constitution, which is now 200 years old, is more of a guideline than law. Judges are not allowed to ignore laws based on their constitutionality. The constitution may be said to have a normative function, for example, it could show courts how to interpret a vague law, but a 2009 study by the national government claims that this normative function is eroding (PDF). Instead a societal function is emerging, as the constitution aims to hold up a mirror to the citizens of the kingdom and to show us what our shared values are.
See also: an English translation of Article 13.
(Photo of the constitution of 1814 by Grondwetfestival.nl, used with permission)
Tags: constitution, e-mail, laws, privacy
In a fascinating article by anthropologist Lizzy van Leeuwen in De Groene Amsterdammer last month, she describes how farmers’ association LTO, together with the Dutch government, has set up a system for detecting and dealing with early warning signs of the mistreatment of farm animals.
A database kept by Vetrouwensloket Welzijn Landbouwhuisdieren (the confidential office for the well-being of farm animals) tracks symptoms such as excess deaths and diseases, hurt and crippled animals, parasites, poor development of young animals, and so on.
Nobody could object to such a system, but the database also registers information about the farmers themselves based on the idea that unhappy farmers make unhappy farm animals. This information includes attendance at meetings and the number of friendships a farmer maintains. Do farmers stop answering their phones and do their relationships fail? It is all registered.
If the signals reach a certain danger level, a team is sent to the farmers in question to try and help them get back on track. Magazine Veeteelt ran a headline in 2010 that aptly describes the duality of this approach: “Animal neglect can happen to anyone. [This system] prevents a negative image of the industry.”
The result is that some farmers—the loners, the ‘known’ problem cases—are pushed into extreme transparency through a finely mazed network of ‘reporters’ or ‘snitches’, depending on who you talk to. These are often the ‘erfbetreders’, a Dutch word I did not know until yesterday meaning ‘those who walk onto the farmyard’—the people who have to be on the farm for business and who rat out the farmer on the side.
Van Leeuwen’s four page article goes into incredible detail on how farmers are viewed by the general public. She hypothesizes that the Dutch have lost contact with farming world. Between 1947 and 1990 the percentage of people working in agriculture dropped from 20% to 4%. The general public are now in the habit of seeing farmers through isolated incidents, such as the 2011 tragedy in which a farmer from Brummen, Gelderland killed about 100 cows with a tractor and then killed himself. Van Leeuwen speaks of “a trend of viewing farmers as professional animal abusers”.
The result is that farmers have not just become an out-group, but in order to close the ranks they have decided to nip rare and extreme cases of animal abuse in the bud by creating their own out-group of lonely and eccentric farmers. Ironically, this does not seem to apply to factory farming, a practice to which pretty much everybody turns a blind eye.
Van Leeuwen’s article, “De weg van alle vlees—dierverwaarlozing op de boerderij“, is available on the web (in Dutch), but unfortunately behind a pay wall.
Tags: excentrics, farm animals, farmers, farming, farms, loners, LTO, privacy
For years local governments have been mistakingly pointing tens of thousands of citizens if not more to an advertising agency called Digi-D in Waalwijk, Noord-Brabant instead of to the Dutch national government’s digital identification system called DigID (no hyphen, and ID in capitals), indispensable for filing taxes and other matters nowadays. In October 2012 10,000 people sent their details to Digi-D. It’s June 2014 and the wesbite the agency set up to tell people about this serious cock-up counted 40,805 mislead people on 6 June.
Digi-D the agency has been around since 2002, while DigID started up in 2005. The government’s game plan has been to strong arm the agency into changing its name, but the agency claims that it would cost them 110,000 euro to change their name, never mind lawyering up for something they didn’t mess up. To make it worse, the agency is being forced to store all this data to prove that it is a nuisance to them, but if ever the data leaked, the government would blame the agency for it!
Tags: automation, DigiD, government, identity theft, privacy, Waalwijk
Dutch student Shawn Buckles decided to sell his personal data to the highest bidder in an attempt to raise awareness about privacy. E-mail, diary, location, medical records and more were up for grabs. He claims he didn’t sell anything he didn’t own, and had a lawyer helping him out. Most of what he sold is available in bits and pieces on the Internet for anyone who would want to look for it, something we collectively noticed when the likes of Julian Assange were more prominently in the news.
In a radio interview with BBC radio Buckles said, “I’m trying to add more value to my privacy. Companies are making huge profits on this data trade, and I thought why not turn the tables and see what happens when a person tries to sell his data, to figure out how much it’s worth.”
On an auction on 12 April Buckles finally sold everything he could for € 350. Most people give away data for free in exchange for the use of a site, service or application. At least he made a few bucks. And anyone who really thinks their information is private is fooling themselves.
People don’t generally understand the value of their data, which is what Buckles was trying to draw attention to when he sold his. Oddly enough, there is no way an individual can sell their personal data on a market, but it may not be that far off. The health research sector, entertainment industry and insurance companies are interested in this kind of personal data.
The winning bidder was technology news company The Next Web, which Buckles says will use his data to highlight the issue of online privacy rather than to a more sinister end.
Tags: auction, data, privacy
There’s this street in Eindhoven called Stratumseind or ‘Stratum’ full of cafés that mostly cater to students. The cafés are so close to each other that people walk around like it’s one big café, at least that was my memory of it a few years back.
As of mid March, the cafés owners have decided that patrons are to wear bracelets with a chip in them linked to some ID, like pigeons in the park. People will be tagged so that the cafés don’t have to constantly check if they are old enough to drink, something apparently the city has come up with. Making sure people are old enough to drink means the cafés lower the risk of selling alcohol to minors.
As of 1 Jan 2014, the drinking age went up from 16 to 18, although 16 and 17-year-olds could not buy or be served hard liquor. The cafés that refuse to go along with this scheme will be monitored à la Big Brother more closely — surprise, surprise.
You can’t possibly force anybody to wear anything to drink in a café, but you can ask them to produce ID. As well, this totally ignores anybody from out of town like tourists or visitors, how very forward-thinking. Guilty until proven innocent, someone please challenge this in court, it’s ridiculous.
Tags: cafes, Eindhoven, privacy
By not informing its users about what data it collects and by not asking for permission, Google is breaking the Dutch data protection act, privacy watchdog CBP said in a press release last Thursday.
The investigation shows that Google combines personal data relating to Internet users that the company obtains from different services. Google does this, amongst others, for the purposes of displaying personalised ads and to personalise services such as YouTube and Search. Some of these data are of a sensitive nature, such as payment information, location data and information on surfing behaviour across multiple websites. Data about search queries, location data and video’s watched can be combined, while the different services serve entirely different purposes from the point of view of users.
Internet lawyer Arnoud Engelfriet points to a peculiarity of Dutch privacy law that says you have to ask users for informed consent. It’s not enough to say ‘this is how we deal with your privacy’, users should be able to understand what is going to happen and say ‘no’ before it happens. Also, Google shouldn’t say what they could do with your data, they are obliged to say what they will do with your data.
Apparently Google tried to defend themselves by claiming they do not collect personal data, they merely create profiles. CBP quotes Google’s own CEO Eric Schmidt back at them who once stated: “We don’t need you to type at all. We know where you are. We know where you’ve been. We can more or less know what you’re thinking about.” Google’s chief Internet evangelist (and Internet co-inventor) Vint Cerf said two weeks ago at a privacy and security workshop of (of all people) the US Trade Commission (40 minutes into the video): “I would not go as far as to simply, baldy assert that privacy is dead. [...] But let me tell you that it would be increasingly difficult for us to achieve privacy. I want you to think for just a minute about the fact that privacy may actually be an anomaly.”
Engelfriet concludes: “Google of course believes the criticism is invalid and uses a barrage of marketing language [...] to keep dancing around the issue. And that is all that will happen. I don’t see what kind of effective measures CBP can take to make Google fundamentally change its ways—which is a pity, because this is one of the most substantial reports CBP has issued in a long time.”
(Link: the Register; photo by Jeff Schuler, some rights reserved)
Tags: Eric Schmidt, Google, privacy, Vint Cerf
Screenshot of uitzendinggemist.nl with the cookie dialogue.
The website that the public broadcasters of the Netherlands use to display videos of programmes that have already been broadcast, Uitzending Gemist, has been locked down for visitors who refuse to accept Internet cookies.
Volkskrant quotes a spokes person of NPO, the organization running Uitzending Gemist, saying: “We are legally obliged to report how many people we reach, and cookies are important to this goal. This is why our websites and on-line videos can only be made accessible to those who accept cookies.”
The public broadcasters are paid from general taxes. OPTA, the government watchdog for telecom issues, has been leaning heavy on the owners of publicly funded websites lately. The agency stated that government organisations have to set the right example.
One commenter at Arnoud Engelfriet’s blog said (and in my opinion he or she is right): “A law that was enacted to protect consumers is now being used to hijack consumers. [...] In my opinion the law was set up to give people an actual choice—to allow cookies or not. Forcing visitors to allow cookies (or else the site cannot be visited) is absurd.”
Disclaimer: 24 Oranges has yet to determine how to apply the cookie law without inconveniencing its visitors.
Tags: cookie law, cookies, NPO, privacy, public television, public utilities, Uitzending Gemist
Dutch Rail is on a roll. Last Tuesday Webwereld reported that the state-owned monopolist has been sending spam to the users of the ‘anonymous’ version of the OV-chipkaart, the troubled Dutch transport card.
According to the tech news site, users of the anonymous card, with which you can pay for travel across modes and providers, had to give Dutch Rail their e-mail address in order to be able to travel with the company—presumably so that Dutch rail could differentiate between first and second class. Dutch Rail would then, however, abuse those addresses by inundating them with spam.
Earlier Dutch Rail was fined 125,000 euro by the Dutch privacy authority CBP for storing sensitive data about student travellers for too long.
It has not been a good week for Dutch Rail. Yesterday De Volkskrant reported that the company has been evading taxes by buying trains using a subsidiary in Ireland. The subsidiary would then leases those trains to the Dutch parent company. Train companies pay 9% in taxes in Ireland, but 25% in the Netherlands.
Par for the course for big business, you say? That may be true, but Dutch Rail is owned by the government. Basically, this is the example the Dutch state is setting to all tax payers. To make matters worse, Dutch Rail has a monopoly on all the juicy routes in the country. Other transport companies are allowed to run trains in the country, but only in areas that are not as profitable.
Suffice it to say that politicians were not happy, with for example PvdA (Labour) leader Diederik Samson calling Dutch Rails’ tactics ‘wrong’ and an example of ‘a lack of morals’. It is unclear to me whether politicians are upset because of Dutch Rails’ behaviour, or because their baby got caught red-handed.
(Photo by Flickr user UggBoy hearts UggGirl, some rights reserved)
Tags: Dutch Rail, government, privacy, tax evasion, taxes
Hardly any Dutch website adheres to the new cookie law that came into force last Tuesday, online tech mag Webwereld reports.
The law, which is a strict implementation of the EU cookie directive, aims to protect website visitors’ privacy by making tracking illegal. Tracking is a way of building a profile of you and your likes by monitoring which websites you visit. This profile can then be used to tailor advertisements to your tastes, or for far more heinous purposes.
Enforcement agency OPTA says it is not their job to determine the contours of the law. “We expect the market to take care of that.” The agency told Webwereld it will start enforcing the law right away, but will first focus on “sites with dangerous cookies, and sites with cookies that are hard to remove.”
Arnoud Engelfriet points out that even the government is still serving cookies without permission at rijksoverheid.nl.
24 Oranges is currently looking at its cookie use and responsibilities before the law. As you may gather from the above article, this matter is more complex than it seems at first sight, so apologies for the delay.
In the meantime if you’re worried about your privacy—as you should—consider disabling third-party cookies in your browser and installing ad blockers. Neither method is perfect as far as I know.
(Screenshot: the Telegraaf cookie banner)
Tags: cookies, privacy
Eight months ago the city of The Hague refused to provide Louise van Luijk with a passport, even though as a Dutch citizen she has the right to one. Last Monday (Webwereld) or Tuesday (De Stentor) Van Luijk was heard by an appeals court which expects to have a ruling ready on March 23.
As part of new European rules for biometric passports, Van Luijk would have to provide the state with her fingerprints, which she refuses to do. For that reason the city has refused to issue her a passport. Van Luijk claims this is a human rights issue, as all kinds of official activities in the Netherlands require being able to identify yourself.
The Dutch government wants to store fingerprints from passports in a central database—not required by the new European law—, and Van Luijk fears that the French company managing this database could sell her private data to other parties. The fear may be unfounded, but the Dutch government does not have a good track record when it comes to securing the private data of its citizens.
According to De Groene Amsterdammer, passports are required if you want to register with the Chamber of Commerce, file a report with the police, register a newborn with the municipality, vote, buy a house, and so on. Van Luijk’s personal experience is different: when her child was born, the city accepted a copy of her birth certificate as proof of her existence. People in the Netherlands are obliged to identify themselves to the authorities when asked.
Tags: biometrics, civil rights, fingerprints, passports, privacy