Sven Slootweg's Blog » law http://sven-slootweg.nl/blog Plenty bits and bytes. Mon, 23 Aug 2010 19:51:16 +0000 en hourly 1 http://wordpress.org/?v=3.0.1 New identification law in the Netherlands threatens privacy http://sven-slootweg.nl/blog/2009/09/20/new-identification-law-in-the-netherlands-threatens-privacy/ http://sven-slootweg.nl/blog/2009/09/20/new-identification-law-in-the-netherlands-threatens-privacy/#comments Sun, 20 Sep 2009 19:36:20 +0000 Sven Slootweg http://sven-slootweg.nl/blog/?p=73 A new law has been accepted in the Netherlands. It states that any Dutch citizen that wants to renew his passport or identification card, will need to give his fingerprints upon request. While the European laws indicate that two fingerprints have to be made, and have to be stored on the proof of identification, the Dutch government has decided to not only take 4 fingerprints instead of the 2 fingerprints that will be stored on the chip, but also to store all four of them in a nation-wide database.

A video from privacymatters.nl illustrates really well why this is a serious threat. People will say “I don’t have anything to hide”. But how would it feel to be tracked 24/7? How would it feel to know that the government can check up on what you say to your wife over the phone, or even worse, how would it feel if you were put in with a group of suspects for a criminal act, based on your fingerprints?

As the margin for comparison mistakes of fingerprints will be about 3%, there is a huge risk of getting involved with cases you initially had nothing to do with. Imagine a database with 16 million people. 3% of 16 million is still 480.000 wrongly suspected victims.

There are some exceptions however. If, for some reason, you cannot give fingerprints (medical conditions and such) you will be granted a proof of identification that will have to be renewed after 5 years. If the medical condition is only temporary, you will be granted a proof of identification that is valid for one year, after which it will have to be re-evaluated.

The government is not allowed to use the fingerprints in the database to look for a suspect. At least, not according to current law. In the law, however, there is a loophole that might allow the government to do this later. Which means the exact scenario I just outlined is actually possible.

Vrijbit, a Dutch organization that fights the disappearing of privacy, filed a complaint with the European Court of Human Rights about the storage of all fingerprints in a central database. Maybe the court will take action, but I’m very afraid that we don’t actually have any say in this.

The worst thing is that you have to renew your identification in time. Which means you have to give your fingerprints, and you can’t complain. Simply because walking around without a valid ID can get you in trouble. And given the current level of security of the Dutch government’s IT business, I don’t trust this at all. Besides being watched by the government 24/7 (your fingerprints are stored on a remotely readable RFID chip), criminals might get access to the database and use it against you.

Technological advancements aren’t always a good thing.

Watch the privacymatters.nl video here with English subtitles: http://www.youtube.com/watch?v=fAq9ExbZFQQ

Sources used for this article:
The article on the new law by Wilmer Heck and Annemarie Kas in nrc.next, Friday September 18, 2009
http://www.onzeprivacy.nl/
http://www.privacymatters.nl/
http://eur-lex.europa.eu/LexUriServ/LexUriServ.do?uri=OJ:L:2009:142:0001:0004:EN:PDF
]]> http://sven-slootweg.nl/blog/2009/09/20/new-identification-law-in-the-netherlands-threatens-privacy/feed/ 0