The Tax Authorities have collected personal data of taxpayers – including statements on social media – from the internet on a large scale, stored them in a computer system and used them in their supervision and combating fraud. This happened despite internal doubts about the legality of this and about the “origin, accuracy and topicality” of the stored data.
The data was stored in the controversial database RAM, of which NRC unveiled the large-scale deployment this spring.
The privacy problems surrounding this Risk Analysis Model (RAM) that has been used for years are even greater than described in that publication, according to a report. internal reporting from 2017 that outgoing State Secretary Marnix van Rij (Tax, CDA) sent to the House of Representatives after the publication of NRC. Van Rij and fellow State Secretary Aukje de Vries (Benefits, VVD) have decided to conduct an external investigation into the use of RAM and its consequences for citizens. The possible role of RAM in the Benefits Scandal is also discussed.
RAM – which came into use around the turn of the century – was used for ‘profiling’, including on the basis of nationality, according to internal reporting. RAM also provided ‘surprise addresses’, where, according to the collected data, there were possibly deviant (read: suspicious) behavioral patterns.
Also read: The Tax Authorities thus became a frequent perpetrator of the misuse of personal data
Benefits Department
RAM was also deployed in the Benefits department, something Van Rij previously denied to Parliament. In his letter Van Rij has now corrected this to the House. Customs also used RAM, just like the Fiscal Intelligence and Investigation Service (FIOD), for ‘investigation purposes’. The Tax Authorities also used the system to monitor its own employees, with a view to “achieving production goals, production quality, anonymous aggregated overviews and integrity violation testing.”
The self-built database contained “data of a highly confidential nature, given the tax, financial and/or personal nature of the data,” the internal analysis said. “A lot of sensitive data from many people is brought together.” Tax authorities employees also had access to information about possible criminal prosecution or investigation via RAM.
The analyzes produced ‘surprising addresses’ with possibly deviating behavioral patterns
The Tax Authorities collected data from dozens of sources, inside and outside the government, so that hundreds of different data were stored per citizen. Not only general personal data such as address and age, but also information about someone’s (tax) partner, the start date of the relationship, the nationality of the partner, how often someone logged into the Tax Authorities’ systems or submitted objections, all data about income, assets and debt, how many cars, investments and real estate someone had, and so on. Through searches it was possible to “relate almost everything to everything,” the internal analysis said. In this way, department employees could identify individuals or groups for further investigation.
In 2016, there were already concerns within the top management of the Tax Authorities about the desirability of “distributing data on a large scale” via RAM, according to internal email correspondence. There had been frequent attempts to shut down or replace the program because it did not comply with privacy laws. But RAM was too popular internally to turn off. According to a confidential report from that time, there were “at least 2,000” customers of RAM data within the service.
Export without control
Who exactly used the system, what was extracted from it and to whom this information was sent was not tracked. Employees could export requested information without checking to Excel sheets and take them with them on their own disks or USB sticks.
Employees were aware that RAM allowed searches “that could be considered discriminatory.”
The Tax Authorities knew that storing personal information that citizens shared on the internet (“scraping/crawling, with or without the intervention of third-party software”) was legally problematic. ‘The legal basis for the processing of such data is [..] minimal subject of discussion and in a number of cases not permitted by the [Autoriteit Persoonsgegevens],” reads the internal analysis.
The system was officially turned off when new privacy legislation was introduced in May 2018, but according to internal documents, at least part of the database remained available to employees until January 2021.
The possible role of RAM in the Benefits Scandal will also be discussed in the investigation
The use of RAM and the major internal concerns about the violation of citizens’ privacy that it resulted in were always concealed from the House. Then MP Pieter Omtzigt (CDA at the time) in 2018 asked which internal assessments of privacy risks had been carried out at the Tax Authorities, then State Secretary Menno Snel (D66) concealed the existence of the internal analysis to RAM. When Van Rij informed the House of the existence of RAM in March 2022, it initially limited to the summary statement that there had been “an estimated 125 authorized users”.
Partly because of this, little is known about the concrete consequences of the large-scale use of RAM. The Ministry of Finance did not respond to questions because an external investigation is underway. The government wants to start selecting the external party that will carry out the research next month.
A version of this article also appeared in the September 14, 2023 newspaper.