Thursday 07 July 2022

Security services ordered to destroy bulk data gleaned in hacks

Dutch security services AIVD and MIVD have been ordered to destroy a large amount of data from people who were not under investigation, but which was gathered during official hacks.

Security service watchdog CTIVD said the security services had kept the information – in total five bulk data sets – for longer than allowed by law and that it should be removed from their systems.

‘The law states this information can be kept for 18 months but they have kept it for much longer,’ spokeswoman Addie Stehouwer said. ‘This includes information which they know will never be relevant.’

The ruling follows a complaint by internet privacy campaigner Bits of Freedom.

Thank you for donating to

The team would like to thank all the generous readers who have made a donation in recent weeks. Your financial support has helped us to expand our coverage of the coronavirus crisis into the evenings and weekends and make sure you are kept up to date with the latest developments. has been free for 14 years, but without the financial backing of our readers, we would not be able to provide you with fair and accurate news and features about all things Dutch. Your contributions make this possible.

If you have not yet made a donation, but would like to, you can do so via Ideal, credit card or Paypal.