alt Hacker NewsCreating a database of their citizens using a private company has opened up exactly the kind of privacy problems that anyone on here could have expected. Maybe they should just use GDPR to delete the data before it’s exfiltrated?
Replies
GDPR isn't a technology, it doesn't work like that. Deleting data would cripple all digital services.
The problem is that they privatized it. But that in turn is caused by the wage structure; if you work for the government, you fall under its collective wage system, and the way it's set up... can't compete with private companies, especially not in IT services. So the government ends up outsourcing most IT projects, with mixed success and costing them a lot. But with this, it also opens them up to risk.
I get the wage thing, but they need to be able to control these things. 51% of nontransferable shares of all companies involved.
DigiD is "the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller", and thus falls under paragraph 3(b), which excempts this data from the Right to erasure. In much the same way that the IRS won't delete your data if you tell them you're a sovereign citizen.