AMSTERDAM - The Dutch Data Protection Authority (AP) wants to change the law regulating the reuse of government information so that the reuse of personal data is prohibited. The current proposal to amend the law still allows personal data to be shared without knowledge or consent. The AP wants that to change because the risk of abuse - like doxing and data trading - is too great, NOS reports.
The current bill states that as much government data as possible must be available for, for example, research or commercial use. The data must be searchable online and combinable with other data. Government agencies must assess for themselves what data is too sensitive to share.
The AP acknowledged that access to government data is important. The privacy watchdog applauds this access, as long as it involves things like the number of trees planted in a neighborhood or when last a street was redone.
“But when it comes to people and their address, telephone number, properties, it is something different,” AP vice-chairman Monique Verdier said. Everyone is in charge of their own personal data, and the decision on whether or not to share that data cannot be up to government agencies, she said. “Ultimately, you must decide for yourself about your data.”
The risks of, for example, doxing - sharing someone’s address or contact details online in order to threaten or harass them - are so much greater if people’s details are freely available online. “By running an algorithm on it and combining the personal data with other sources, companies can, for example, create profiles of people to sell them: data dreading.”
AP said that the new law must regulate when personal data may be reused. Doing so must be an exception, not the rule.