Rights Groups Sue Dutch State for Profiling Citizens

The Dutch government has been using a risk profiling system that collects and analyzes citizens' data on a massive scale, all without their knowledge.

A group of civil society organizations is bringing a case against the Dutch government because of SyRI, a risk profiling system that collects and analyzes data on private citizens. The lawsuit aims to stop the risk profiling of unsuspected citizens in the Netherlands.

The action is being take by a coalition of rights groups consisting of Liberties member the Netherlands Committee of Jurists for Human Rights (NJCM), the Privacy First Foundation, the KDVP Foundation and the Civil Rights Protection Fund Foundation.

The suit is also being joined by author Tommy Wieringa as co-plaintiff. Together with publicist and philosopher Maxim Februari, Wieringa will act as ambassador of the public-facing campaign around the lawsuit. The procedure is handled by Deikwijs Attorneys and was set up by the Public Interest Litigation Project (PILP) of the NJCM.

How does SyRI work?

In SyRI, the System Risk Indication of the Ministry of Social Affairs and Employment, personal data of Dutch citizens is collected and analyzed on a large scale. Using secret algorithms, citizens are then subjected to a risk analysis. When there is an increased risk of violating one of the many laws that SyRI covers, individuals are included in the Risk Reports Register, which is accessible to many government agencies.

Every citizen can be secretly subjected to profiling in SyRI. He or she does not know what data or process of analysis was used to determined that he or she is a 'risk'. However, SyRI can have drastic consequences. Public authorities can take serious measures as a result of a risk statement, for instance by imposing fines, withdrawing benefits or even starting criminal proceedings. It is impossible for the citizen to find out how a risk report came about or to refute an incorrect report. In practice, this amounts to a reversal of the burden of proof.

Threat to the rule of law

The application of SyRI means a violation of fundamental rights, including the right to a fair trial. The general interest of combating fraud cannot justify this. Sensitive information is used by the government for purposes other than those for which it was collected, without any form of independent supervision. There are insufficient safeguards to prevent the risk profiles that SyRI makes about citizens to be deployed in other domains.

This 'black box' poses major risks for the democratic rule of law. The governmental power over information is expanded in an opaque manner and the trust relationship between government and citizens is undermined. Citizens are suspected in advance and virtually all information that they share with the government can be used against them without any suspicion or concrete cause.

Fundamental objections ignored

Despite fundamental objections from the Council of State and the Dutch Data Protection Authority about the lawfulness of the system, the legislation for SyRI was adopted by the Senate and the House of Representatives without much discussion.

Since the introduction in late 2014, thousands of Dutch citizens have been profiled by the system in two SyRI projects - not counting the 21 projects that took place before the legal introduction of the system.

Conflict with human rights law

The coalition believes that SyRI is in conflict with the right to privacy as laid down in Article 8 of the European Convention on Human Rights. That law is clearly violated by the Dutch government. It is not used as a test for the actions of the government, but rather misused to stretch powers.

The European member states have incorporated all sorts of exceptions in the new European Privacy Act that make systems like SyRI possible. By appealing to fundamental human rights, the coalition hopes to put a stop to this type of practice.