The Dutch Data Protection Authority (AP) said that the government’s plan to create a centralized database for all the personal data people provide when applying for passports, including photos, fingerprints, and signatures, would create a “goldmine for hackers.”
Currently, the data is stored at the municipality where someone is applying for the passport. However, the government wants to amend the Passport Act to create a central national database. The fingerprints would be stored until the issuance of the passport, but the photos and signatures would be stored for longer.
AP chair Aleid Wolfsen said: “The passport photos and signature of almost all Dutch people together, and then also the fingerprints of the people waiting for a passport: that’s a goldmine for cybercriminals. Instead of having to break into over 300 municipalities’ databases, criminals will soon be done with one hack.”
Wolfsen further noted that such data would be highly-valuable to criminal hackers as it can be used “to commit identity fraud or to discriminate against people.”
He also said that non-criminal access to the data could also be dangerous.
“This is a slippery slope,” he said. “We can end up in very undesirable situations with very small steps. First, the police want to use those fingerprints to solve very serious crimes, then also for slightly less serious crimes… Where does it end? You have to think about that carefully before you opt for a central database.”
The data watchdog argued that the government did not explain the necessity for the central database.
“It mainly mentions the advantages of a central system, but the disadvantages are not properly mapped out and weighed up.”
It is also unclear who will be responsible for the database, meaning “the government can hide behind each other if something goes wrong.”
The AP advised the government to reconsider the plan.
If you're tired of censorship and dystopian threats against civil liberties, subscribe to Reclaim The Net.
