‍

Data and AI|News

Secretary of State: Tax Administration should not have used RAM

The tax authorities used the RAM computer system to combine people's sensitive data and sometimes share it with others...

• March 7, 2025
• Sectors and organizations, Ethics

From our partners

‍

For years, the tax authorities violated citizens' privacy with the self-built RAM (Risk Analysis Model) computer system. Through this system, the tax authorities were able to combine people's sensitive data and share them with other government services, according to research by KPMG. State Secretary Van Oostenbruggen (Tax Administration, NSC) now finds that this was in violation of privacy legislation.

In violation of privacy laws

This is what Van Oostenbruggen writes in a letter to the House of Representatives. RAM did not meet the legal privacy, archiving and security requirements, according to the research by KPMG. “I note that the tax authorities should not and should not have used RAM and I regret that,” says the Secretary of State. The investigation was launched after NRC revealed the large-scale use of RAM.

The tax authorities used RAM between 1998 and 2018. The system made it possible to combine and share sensitive data about citizens. The tax authorities did this frequently, KPMG discovered. It involved hundreds of data, from address and age to the start date of someone's relationship, the number of cars someone owned, investments and real estate, etc. All in the context of the fight against fraud (even though there were internal concerns about privacy violations even then).

I note that the tax authorities should not and should not have used RAM and I regret that.

Tjebbe van Oostenbruggen, State Secretary for Finance

Second nationality and zip code

With the help of the system, overviews of citizens with a second nationality were made. Based on this, some people were faced with a tax investigation. “I do not think the presence of such data in RAM is correct, because that data could not simply be processed for other purposes and that processing should and should be surrounded by safeguards,” the Secretary of State said in the letter to Parliament.

Searches were also made in the system based on zip code. This may have made people the subject of tax research based on the neighborhood in which they lived. RAM was also used to share data with the Financial Expertise Center (FEC), the Regional Information and Expertise Centers (RIECs), and the National Intervention Teams Steering Committee (LSI).

There was hardly any control over the use of RAM, concludes KPMG. Years after the tax authorities stopped using the system, RAM data was on the tax authorities' network drives. They may also have been emailed unsecurely and placed on USB sticks.

Whether individual citizens' fundamental rights were violated with the use of RAM is the subject of additional investigation.

Violation of fundamental rights

Whether individual citizens' fundamental rights were violated with the use of RAM is the subject of additional investigation. The results are expected to be published in June 2025.

On March 1, 2025, the Data Sharing by Partnerships Act was enacted. in effect trodden. With this law, the government wants to combat criminal undermining by sharing information within partnerships between government agencies and private parties. Opponents of this law fear new privacy violations.

Also read:

• Tax authorities under fire again for misuse of personal data - iBestuur
• Implementing the AP supervisory arrangement for the tax authorities has started - iBestuur
• Senate approves WGS - iBestuur

About Editors & Governance

Editorial website iBestuur

Read more from Editors iBestuur

Post a comment

You must be logged in to post a comment.

logon

(advertisement)

iGovernance articles

• News
• Blogs
• Personals
• Background
• All articles

‍