“Privacy is a right, but it should be a duty too”

In the era of big data, your private matters can be public knowledge without you even realizing it. Is it time to rethink our privacy laws? TiU researcher Bart van der Sloot will defend his dissertation at the University of Amsterdam tomorrow, arguing that privacy should not merely be a right of citizens. “For organizations that collect personal data, privacy protection should be an obligation.”

Whether we like it or not, companies like Google and Facebook collect online information from all of us. But public authorities like the police, the Department of Justice and the Tax Administration may also know more about you than you realize. They too have mastered big data technology, and, in addition, they can access any type of personal data collected by companies in the private sector.

Bart van der Sloot

Bart van der Sloot

Individuals can only guess how much of their personal information is out there. “Even experts don’t know”, says Bart van der Sloot, who works as an assistant professor at the Tilburg Law School and specializes in big data and privacy. Despite his expert knowledge in big data collection, Van der Sloot is in the same boat as the rest of us: “I have no idea what information is processed through the apps on my mobile phone, through the cookies on the websites I visit, or through surveillance cameras on street corners and in stores. There’s just no way of knowing.”

Right to privacy, duty to protect

Under current law, citizens can claim their individual right to privacy. But you can’t contest a breach of your privacy if you’re not aware of that breach in the first place. “Theoretically, there are ways for individuals to defend themselves against the collection of their personal data”, Van der Sloot says. “But practically, it’s impossible for individuals to keep track of the information that is gathered about them by companies and governmental institutions.”

And besides, why should the responsibility for big data privacy protection lie solely with citizens? “Big data processing is not about me as an individual. It’s about the entire city being surveilled with cameras. It goes far beyond individual smartphone owners and internet users. Isn’t it strange that all responsibility is placed on individuals, then?”


In his dissertation, Van der Sloot proposes a number of obligations that organizations collecting big data should conform to. “The processing of personal data should only be carried out if necessary, and if the effectiveness of the data processing has been demonstrated”, he explains. “Those are minimum standards that every data processing institution or company should conform to.”

In addition, public authorities should not just use their data processing powers to fight crime and punish offenders. “Authorities should also use big data analysis to help individuals”, Van der Sloot says. “Rather than just using big data against people, I believe the government also has an obligation to use its power in favor of its citizens.”

Bekijk meer recent nieuws

Schrijf je in voor onze nieuwsbrief

Blijf op de hoogte. Meld je aan voor de nieuwsbrief van Univers.