The main IT systems of the police are poorly secured, writes civil rights organization Bits of Freedom (BoF) Thursday after an analysis of the systems. The organization says that citizens and lawyers run “great risks” as a result and that the chance of fraud by agents increases.
‘Problems have been going on for years’
It concerns 36 applications that have been designated by the police as important to be able to perform work. For example, fingerprints and declarations are stored in the systems.
But because security is lacking, agents who switch roles, for example, retain access to systems from their previous work. BoF says that this gives corrupt agents unnecessary access to a lot of information. In addition, the organization says that the police often keep data for far too long.
Stephan den Hengst, chief data officer at the National Police, says to the WE that “it is true that many police systems do not meet the requirements of privacy and security in the Police Data Act”. According to him, that does not mean that there is police information on the street.
BoF researcher Rejo Zenger emphasizes that this is “very sensitive data”, which the police must handle with care. “The police are increasingly relying on ICT to help with their work, so it is important that it is in order.”
According to BoF, there have been ICT problems with the police for some time. “We also investigated compliance with police data law eight years ago,” said Zenger. “Then it actually went wrong on exactly the same parts. The fact that now, years later, exactly the same problems are playing is of course deeply sad.”
Den Hengst says to the WE that a central system has now been developed for granting access to police apps. This now works on the basis of profiles, which grant access to certain systems. In the event of a change of function, that authorization will then lapse.