The Dutch Data Protection Authority (AP) has imposed a fine of 565,000 euros on the Ministry of Foreign Affairs because of the inadequate security of the system with which visas are granted for travel to the Netherlands. The ministry has broken the law “for years, on a large scale and in serious way,” the AP said in a statement press statement, with the risk that unauthorized persons could view and change files. It is not known whether any information was actually leaked, according to a spokesperson. The Ministry of Foreign Affairs was not immediately available for comment.
Over the past three years, the department has handled an average of 530,000 visa applications per year. The personal data that citizens are obliged to share, such as fingerprints, nationality and address, are then insufficiently secured. According to the AP, the Ministry of Foreign Affairs has been aware of the security risks of the system for some time, but has “not intervened quickly enough” and insufficiently. The department must immediately put security in order – for every two weeks that it has not already been done, it must pay a fine of 50,000 euros.
“Since citizens are obliged to hand over their personal data, the Ministry of Foreign Affairs should have immediately taken the necessary measures to properly protect that data,” writes AP Vice-President Monique Verdier. According to the regulator, the ministry is “seriously negligent” because the system has been failing for years.
The ministry has also failed to inform visa applicants when their personal data has been shared with third parties, while it is legally obliged to do so. Incidentally, according to the supervisor, the provision of information is now in order. The ministry can still appeal against the fine and the order subject to a penalty.
#Supervisor #fines #Ministry #Foreign #Affairs #due #privacy #risk