Tens of thousands of citizens in person-centred approach
On 2 April 2024, the House of Representatives passed, with reservations, the Data Processing Personalised Approach to Radicalisation and Terrorist Activities Bill adopted. Privacy First Foundation is concerned about this because it is estimated that tens of thousands of Dutch citizens in the Netherlands are already in Personalized Approach (PGA) with very far-reaching consequences for their fundamental rights and privacy, without adequate legal protection. Therefore, Privacy First believes that the existing practice should first be evaluated before legalisation of PGAs. Hopes are now pinned on the Senate to stop this bill until then.
Resocialising citizens
A Person-centred Approach means that the government wants a citizen "resocialisation". This is done at municipal level in a so-called case consultation under the responsibility of mayors and in cooperation with "chain partners", such as Police, Justice, Youth Care Bureau, GGD, mental health services, probation and housing associations. These chain partners exchange information on citizens' personal lives and discuss how to get them on the right track, re-educate them.
In a PGA, a citizen first receives a "help offer" from, for example, Bureau Jeugdzorg or the GGD. If that does not work, the citizen concerned will face repression such as initiating criminal cases or an out-of-home placement. Legally, there appears to be little that can be done against a Person-centred Approach. A PGA is not a "decision" within the meaning of the General Administrative Law Act and therefore no objection and appeal is possible. The AVG legislation does not work here in practice because the government does not release complete files. As a result, no due process is possible.
Political hesitations
The Lower House was hesitant about this new law. On the one hand, they think it is important to give municipalities the space to prevent terrorist attacks and radicalisation. On the other hand, they fear that the definition of "radicalisation" is too broad and that, with this law, too many Dutch citizens could end up in a PGA unjustly and with all its adverse consequences. For instance, the definition of radicalisation is so broadly defined that it can include troublesome and confused people, troublesome youth, activists, critical journalists and citizens who distrust the government.
Moreover, the current practice of cooperation between chain partners based on covenants - which this law anchors - is a cause for concern. Now that PGAs have been in existence for several years, more and more is becoming known about citizens who were or are in a PGA. Some were even innocently in one and appeared to have no legal recourse against it. Citizens in a PGA complain mainly about lack of transparency and that they have no access to justice. They have no chance of a fair trial because authorities and chain partners refuse to hand over complete files.
The invasions of privacy are not amiss either. PGAs are not only about data exchange between cooperating chain partners, as the new law makes it seem, but also about far-reaching interventions in someone's private life. Examples include the imposition of mediation care, out-of-home placements, video and audio recordings, the use of citizen informants, the building of criminal files using secret investigative methods from the so-called "toolboxes" and the frequent observation, patrolling, detention of citizens and making it impossible for them to exit.
Already tens of thousands of Dutch in a PGA
Privacy First estimates that tens of thousands of Dutch people are already in a PGA. This estimate is based on information from municipalities. The municipality of Amsterdam, for example, has made its PGA programmes here are listed. Some of them concern large target groups such as the Top600, Safe Alternative (formerly the Top400), ex-prisoners, confused people and the so-called bullying approach. So in Amsterdam alone, thousands of people are in PGAs. PGAs are used by numerous municipalities across the Netherlands.
Last February, the National Ombudsman, Reinier van Zutphen, raised the alarm over a similar issue: Dutch with a radicalisation and terror stamp in the police, the CTER code. According to research by Follow The Money last year, this would also be tens of thousands people are concerned. Last year, emeritus professor Bob de Graaff also wrote in the Groene Amsterdammer about the silent march of policies against terrorism and radicalisation. He also specifically mentioned PGAs and police CTER codes, pointing out that these practices are already very extensive.
As early as 2009, the world's highest human rights body, the UN Human Rights Committee, expressed concerns about the Dutch PGA policy, then called "person-centred disruption". In particular, the UN had concerns about the lack of legal safeguards and judicial oversight. Since then, little has improved.
Municipalities want PGAs enshrined in law
So far, PGAs are carried out on the basis of covenants between cooperating chain partners and are not enshrined in law. Legally, it is therefore questionable whether the current PGAs are lawful. Privacy First has been involved in a Top X PGA case for five years to litigate that out and provoke case law. The case is currently before the Council of State and will then be pursued at the European Court of Human Rights if necessary. As the government wants assurance that PGAs are lawful, this is the first time that there will be a legal basis for some of the existing PGAs.
House of Representatives reservations
In response to hesitations about the scope, applications, possible institutional racism and effectiveness of PGAs in practice, which this law is, after all, an entrenchment of, the House of Representatives stipulated that the new law will be reviewed on these issues in a year's time. There will then be a larger review in five years that will also address the legal protection of citizens in a PGA. Now it is up to the Senate to review the current bill review.
Testing and evaluation now
Privacy First believes that it is better to test and evaluate the existing practice of PGAs based on covenants between cooperating chain partners before enshrining them by law. According to Privacy First, this is possible because several cases of Dutch citizens in a PGA have been in the news in recent years. In addition, Privacy First knows and follows several citizens in a PGA and can put politicians in touch with them. In this way, politicians can already learn from mistakes made and adjust the law earlier and more precisely.
This article was also published at PONT Data & Privacy, see Tens of thousands of citizens in person-centred approach - Data&Privacyweb (privacyweb.co.uk).
Update 3 May 2024: at the instigation of Privacy First, the plenary debate and the motions and amendments tabled to this bill in the House of Representatives were more critical than expected beforehand by connoisseurs. (The Minister and some Lower House factions also seemed surprised by this.) In Privacy First's view, this is a win for the democratic rule of law. The same goes for the critical questions which have since been asked about the bill from the Senate on Privacy First's initiative. (To this end, Privacy First sent in the above article, among others letter form - with fuller source references - to the Senate). At the same time, Privacy First recognises, partly in response to signals we have since received from "the field", that PGAs are very diverse and can involve many different domains, target groups and associated individual (often complex) multi-problems. On the one hand, this requires effective cooperation without "one size fits all" (i.e. customisation). On the other hand, from an overarching human rights perspective, all these PGA domains require better guarantees of transparency and known legal protection (including more uniform, clear criteria per target group, legal assessment/supervision and possibilities for objection and appeal). Both among citizens and professionals, this first requires more awareness. Hopefully, Privacy First has already been able to contribute to this.
Update 27 July 2024: legal breakthrough in Top X PGA case
There was a groundbreaking development in an Amsterdam journalist's Top X PGA (Persoonsgerichte Aanpak) case - in which Privacy First has been legally involved for over five years - earlier this month. In her long-running lawsuit against the municipality of Amsterdam the Council of State ruled on 3 July last that a PGA should henceforth be regarded as an administrative law decision (within the meaning of the Awb). This is important for the legal protection of tens of thousands of other Dutch citizens who were or are in a PGA, as they can now file objections and appeals. Moreover, the Council of State decided that this journalist's inclusion in a Top X PGA - which lasted almost seven years - was unlawful. Perhaps this court case, among others, will continue at the European Court of Human Rights. Read more about the context of the case at the Parool (see also this previous comprehensive article). See also this later article at AT5 in which "the Action Centre for Safety and Care [Amsterdam municipality] informs that the Council of State's verdict indeed means that objections are now possible."