The police has been storing personal data for years – but is it allowed?
The Dutch police force has been deliberately storing personal data relating to millions of Dutch people for many years now. In doing so, the institution has been knowingly breaking the law. Bart Schermer, Professor of Law and Digital Technology expressed his concerns on Follow the Money – a platform for investigative journalism: ‘What the police wants simply isn’t allowed.’
Since its introduction in 2008, the Dutch police force has struggled to comply with the Dutch Police Data Act. In 2015, it came to light that the police failed to comply with the law due to ‘IT errors’. Three years later, it became clear that the force never intended to destroy the personal data. The reason? The information stored could be used in the future to help solve cold cases, and destroying the information would make those kinds of investigations ‘pointless’. Professor Schermer considers this unacceptable: ‘The police’s role is to enforce the law. They can’t just decide that this law isn’t convenient for them.’
Professor Schermer also argues that the police has no legal grounds whatsoever to store such sensitive information about so many people. He continues: ‘And even if they would have grounds to do so, it breaches the European Convention on Human Rights to store everything indefinitely. What the police wants simply isn’t allowed. The fact that senior police officers and the Minister nevertheless decide otherwise is particularly worrying.’
Hoarding this data does involve risk. In recent years, several incidents have occurred where information was leaked, misused or passed on. At Follow the Money's request, Professor Schermer examined government documents. Following his investigation, he has serious concerns: ‘If the police “know everything” about people, that data can be misused. The likelihood of that happening may be slim, but it’s never zero.’
More information
Read the full Follow the Money article (in Dutch, €)