Dutch security services AIVD and MIVD have been ordered to destroy a large amount of data from people who were not under investigation, but which was gathered during official hacks.
Security service watchdog CTIVD said the security services had kept the information – in total five bulk data sets – for longer than allowed by law and that it should be removed from their systems.
‘The law states this information can be kept for 18 months but they have kept it for much longer,’ spokeswoman Addie Stehouwer said. ‘This includes information which they know will never be relevant.’
The ruling follows a complaint by internet privacy campaigner Bits of Freedom.
Thank you for donating to DutchNews.nl.
We could not provide the Dutch News service, and keep it free of charge, without the generous support of our readers. Your donations allow us to report on issues you tell us matter, and provide you with a summary of the most important Dutch news each day.Make a donation