How can the digital innovations be managed by laws?
The digital society grew more and more because of Covid-19. Sometime in the beginning of 2020, Mark Rutte announced the 1.5m rule to be effective immediately in the Netherlands. That’s when everyone had to be creative in finding new solutions to still live their lives as normal as possible. Everything was on hold for a few months, but soon everyone found a digital alternative.1 For example, the universities and schools were giving online classes and work meetings were held via calling services such as Zoom and Microsoft Teams.
Now, in 2022 the pandemic finally seems to be over. But we still feel the effects Covid-19 has left on the people. If you look into the numbers of cybercrime, crimes which involved hacking and malware installations have increased with 73%.2
Despite all the vaccinations, we still need to test our way into festivals, concerts and events with more than 500 people at entities who ask us all our personal data. Most classes can still be followed from home and digital solutions are still up and running. But what are the side effects Covid-19 will have on our digital safety now the cybercrime rate has gone up?
During the pandemic the digital solutions on the problem of not being together brought problems of their own. As I mentioned earlier, the cybercrime rates are going through the roof. As a figure of speech, data has become as valuable as gold over the years. It is almost too easy for the criminals to get to the personal data of many civilians because of the digital society that was built in such a short time. The government did not exactly force the people to hand over their personal data to governmental and commercial testing bureaus, but there wasn’t an alternative if you wanted to participate in normal life again. In other words, civilians became somewhat dependent on certain entities. Of course, these entities contain a lot of privacy sensitive data, something that could be considered a gold mine to criminals.
For example, coworkers of the GGD (general health service) had access to the personal data of thousands of people and put their data up for sale.3 Medical passports were given out by the GGD for the greater good, but what would that do for the individual digital safety? Are laws enough? Some commercial testing agencies already agreed on deleting all the data every two weeks.4 Which forms a good beginning, but is also a remedy that is a little too late after 2 years of being a testing society.
As a figure of speech, data has become as valuable as gold over the years
In the case of those GGD coworkers, the paper mentions the concept ‘theft of data’. However, to speak of ‘theft’ as written in article 310 Sr of Dutch criminal law ‘data’ has to fit into the description of ‘goods’. Goods are unique and only one person can possess it. Data on the other hand can be copied, without someone losing possession of the same data. That is why the theft of data can’t be legally qualified as ‘theft’. Because of the modern ages and the dynamic growth of innovations, the law needed to be updated. Since some qualifications were problematic, the Dutch legislator introduced new laws regarding digital crime. In the last update, the legislator provided the legal system with laws that incriminates people who copy private data (even without hacking into the system first). In the case of the GGD coworkers, they got their sentence based on article 138ab Sr. The suspect had authorized access to the database, but only for a certain purpose of getting his job done. He passed this line and used his authority for other goals than to fulfill his duties. This could be qualified as trespassing in the database as described in art. 138ab Sr.6
As the example illustrates, the law is being updated in accordance with the growth of digital crime. Besides the law, the government needs to be active in raising awareness among the people to be safe online. In a manifest of the Ministry of Interior and Kingdom Relations, solutions and ambitions are written down on how to get on after the pandemic and the digital problems that arose.7 The step to get everyone involved in the digital society poses a good example. To make that happen, investments are needed from the government, and cooperation between a lot of involved parties such as the Ministry of Justice and Security will be needed for all steps into the process of becoming a successful digital society.
1 E. Huizingh, ‘Opinie: Versnelde digitalisering door jarig corona-virus.’, Dagblad van het Noorden, 24 November 2020, dvhn.nl.
2 ‘Corona vroeg veel van politie in 2021 en crime change zet door’, 14 January 2022, politie.nl.
3 C. Huisman, ‘Twaalf en 6 maanden geëist voor datalekken GGD’, De Volkskrant, 31 August 2021, volkskrant.nl.
4 R. Plantinga, ‘Door commerciële coronatesten belanden honderdduizenden persoonlijke gegevens bij bedrijven’, De Stentor, 27 May 2021, destentor.nl.
5 Ministerie van Justitie en Veiligheid, ‘Wet van 27 juni 2018 tot wijziging van het Wetboek van Strafrecht en het Wetboek van Strafvordering in verband met de verbetering en versterking van de opsporing en vervolging van computercriminaliteit (computercriminaliteit III)’, Staatsblad 2018/ 322, 21 September 2018.
6 Rb. Midden-Nederland 14 September 2021, ECLI:NL:RBMNE:2021:4419.
7 Bijlage bij Kamerstukken II 2019/20, 26643, nr. 708.