By requesting information on students’ movements, DUO breached students’ privacy

Last Tuesday, De Volkskrant reported on its front page that DUO had unlawfully requested that Translink, the company that provides the subsidised public transport chip cards used by students, provide information on certain students’ movements. The newspaper discovered the unlawful request following a tip-off by the Maatschappij voor Beter OV (Association of Dutch Commuters), a passenger lobby group seeking to improve Dutch public transport.

Student grants may have been abolished in recent years, but students who embarked on their degrees three or more years ago still receive such grants. Students living with their parents may fraudulently claim to live elsewhere so as to become eligible for a grant for students living independently, which is more generous. By doing so, they increase their income by over 2,000 euro per year, a type of fraud that is costing the government millions of euros.

Ferreting out students committing fraud

DUO’s inspectors regularly request access to the travelling data of students suspected of fraud, thus allowing them to verify where the students are travelling on a day-to-day basis. However, according to the judge who presided over the case, such data inspection requests are not properly motivated, and so constitute a violation of the students’ privacy.

Previously, DUO lost one lawsuit after the other because the organisation had asked unauthorised inspectors (i.e., inspectors not actually employed by DUO) to visit the students’ houses. For this reason, the Agency came up with a different way of ferreting out students committing fraud, according to the judge’s verdict.

5 to 10 requests per week

According to a statement on the company’s website, Translink has not provided any information since the judge made his ruling, and DUO has not issued any requests for information. Before the judge’s ruling, the Agency submitted five to ten requests for information per week, Translink told De Volkskrant.

The Association of Dutch Commuters will ask the Dutch Data Protection Authority today to look into the matter.

Unacceptable, says ISO

The Interstedelijk Studenten Overleg, an organisation protecting Dutch students’ interests, is angry as well. ‘It is genuinely unacceptable that dozens of students’ privacy should have been violated like this,’ said ISO President Rhea van der Dong. ISO feels that the students affected by the breach should receive some form of compensation.