Judgement on Netherland’s Digital Identification Scheme | 15 Feb 2020
Why in News
In a first anywhere in the world, a court in the Netherlands has ruled against a digital identification mechanism called SyRI (System Risk Indicator) due to data privacy and human rights concerns.
- The Dutch Ministry of Social Affairs developed SyRI in 2014 to weed out those who are most likely to commit fraud and receive government benefits.
Key Points
- Working of SyRI:
- It is based on the algorithm that analyses data ( such as taxes, land registries, employment records,etc.) provided by the government and calculates risk scores.
- The calculated risk scores are sent to relevant government arms, which stores these on government databases for a maximum of two years.
- The government, in that time period, could open an investigation on the targeted person.
- Court’ Ruling :
- The Court found using new technology to control fraud as acceptable, but it held SyRI was invasive and violative of the privacy guarantees given by European Human Rights Law as well as the EU’s General Data Protection Regulation.
- It called it a case of ‘Algorithmic Governance’. As the algorithm would link socio-economic parameters like poverty and immigrant statuses with fraud risk.
- Such opaque algorithmic decision-making may put citizens at a disadvantage to challenge the resulting risk scores, consequently threatening democratic features of the country.
- It also ruled that SyRI was violative of principles of transparency and data minimisation.
- Dutch Government’s Stand:
- The government claimed that the new technology prevented abuse and acted as only a starting point for further investigation instead of a final determination.
- The Dutch Ministry of Social Affairs has released a statement stating it will study the ruling, not declaring a complete removal of their system.
Significance of the Ruling
- The ruling is an example of how a data protection regulation can be used against government surveillance.
- Other European tech initiatives have been stalled by the EU’s General Data Protection Regulation including a facial recognition system on students in Sweden and France.
- The ruling sets a strong legal precedent for other countries to follow, as this is one of the first times a court anywhere has stopped the use of digital technologies and abundant digital information by welfare authorities on human rights grounds.
- It also demonstrates that legislative arms need to balance the usage of technology in the social security system and the protection of the rights of their citizens.
Netherlands Court Ruling and India
- Similar to the Supreme Court’s Aadhaar judgment setting limits on the ID’s usage, the Hague Court attempted to balance social interest with personal privacy. However, the Aadhaar judgment was about data collection and not regarding algorithmic decision-making.
- India’s proposed Personal Data Protection Bill (2019) also contains many loopholes that could be potentially exploited like the USA.
- The usage of the open-ended terms like ‘National security’ or ‘reasonable’ may lead to intrusion of the state into the private lives of citizens.