Volkskrant, 14 March 2012: 'The boundaries of our privacy are increasingly shifting: four questions on file linking in the fight against welfare fraud'

"The government wants to tackle welfare benefit fraud by linking all kinds of personal data. Is that even allowed?

Is it technically possible to link data from social services, student finance, banks, commercial register, the municipal database and the land register?

At the Ministry of Social Affairs, they think so. State secretary Paul de Krom wants to introduce the link already in the short term. 'The technology is ready for it,' also says Jan Friso Groote, professor of computer science at TU Eindhoven. 'But the people are not.' (...)

Can all this personal information be shared so widely?

The Dutch Data Protection Authority (CBP) is not yet commenting on De Krom's plan. Only when there is a legislative proposal will the board consider it. Kees de Vey Mestdagh, professor of Law and ict at the University of Groningen, is convinced that it should not be allowed. 'This is an unlawful idea. In the Personal Data Protection Act (WBP), there are a lot of conditions attached to sharing data. This plan ignores these. For example, data subjects must give permission for their data to be shared.'

Surely it should be possible to fight fraud?

Yes indeed, the law allows for this too. 'Using personal data is allowed, provided the data processing is necessary to fulfil a legal obligation to which the controller is subject.'

But, says De Vey Mestdagh, then the individual laws by which the institutions concerned are bound must also allow information sharing. For social services, student grants, banks, the commercial register, the municipal basic administration and the land register, it must be explicitly stipulated that they are allowed to cooperate in the fight against fraud. If this is not included in any of these laws, it will still have to be done. Dealing with such a necessary legislative amendment will then take years. 'By then there will already have been so much uproar about digital privacy that the chances of such an amendment proposal getting through parliament are slim,' De Vey Mestdagh expects.

If you do nothing wrong, you have nothing to fear from the intended linking of files, right?

It is a question De Vey Mestdagh also often gets from his students. 'It's a misconception,' he says. 'Imagine if your medical records became public, that could hurt you, for example, when applying for jobs.'
(…)
The boundaries are slowly shifting, says Vincent Böhre of Privacy First, an organisation campaigning for privacy protection. 'Before, they only pulled your data once you had committed a criminal offence. Now they have a picture of you even before you have done anything criminal.'"

Source: Volkskrant 14 March 2012, p. 11.