leidensecurityand­globalaffairsblog

The Dutch Digital Infrastructure Part 2: Digital (mis)behaviour in the future Janneke Staaks via Flickr cc

The Dutch Digital Infrastructure Part 2: Digital (mis)behaviour in the future

Government problems with the national digital infrastructure (GDI) are evident in failures such as the unsuccessful digital transformation of the ‘Basisregistratie Personen’ or the recent ‘Zorgtoeslagaffaire’ in the Ministry of Finance.

After the abortive Digi Commissoner’s governance initiative – described in a previous blogpost – government has continued to act upon the opportunities offered by linking and analysing data. For example, software models for tax supervision and collection have been developed from 2012 onwards to detect non-compliant behaviour by using and manipulating data-sets. A Data Analytics Unit in the Ministry of Finance used special software to scrutinize taxpayer information, monitor real-time hundreds of thousands of known defaulters, and correlate data indicating irregularities within the millions of tax returns received annually. Behavioural change through conclusive tax law enforcement was the ultimate goal; customized treatment of taxpayers and optimization of tax returns the preferred outcome.

Former tax service director H. Blokpoel in 2016 acknowledged the importance of citizens’ trust in correct government behaviour. He considered this a top priority (‘Chefsache’): “If there is no societal support base for the instruments we apply, we have a serious and probably irreparable problem.” However, in 2017, questions in parliament were raised, highlighting improper use of data, questionable data integrity, and failing information security within the Data Analytics Unit.

In 2017, questions in parliament were raised highlighting improper use of data, questionable data integrity, and failing information security within the Data Analytics Unit.

These conclusions confirmed earlier findings regarding digital government policy. In 2011 the Netherlands Scientific Council for Government Policy (Wetenschappelijke Raad voor het Regeringsbeleid; WRR) reported that the government assumes the reliability of GDI-data, while ignoring error margins and shifting data related problems towards the citizen. According to the WRR (p. 216): “ … the assumption that information is correct needs to be replaced by the awareness that information … is in all probability not accurate, outdated, and sometimes even will be misused and manipulated.”

In 2018, research showed the correctness of the above for GDI-data and stated (p. 447) that “in tax law it is established that key [registry] data are decisive, the choice is made for a fictional state of the facts.” Fictional, because administrative authorities depend on GDI-data and the (automated) decisions that rest upon them. They do not take into account relevant information outside of the databases, and cannot verify or review administrative decisions since “the [automated] decision rules are not available in a way they can be assessed.” This has obvious consequences for citizens who cannot fully contest a decision, and for administrative judges who cannot fully determine whether a decision is made within the law.

Administrative authorities do not take into account relevant information outside of the databases, and so cannot adequately verify or review administrative decisions.

There is a lot of ‘noise’ in big data sets as a result of inaccurate or incomplete data. This can be compensated for in larger group samples, but correlations and conclusions extracted do not apply one-on-one to individuals. In September 2018 the Dutch Council of State (Raad van State) stressed the negative side of an envisioned digital government and warned against the distinct possibility of citizens getting caught in the system indefinitely. The ongoing ‘Zorgtoeslagaffaire’ proved this concern right. Big data systems resemble black boxes. No one really knows how they work and what their output stands for. However, bureaucrats and politicians seem mesmerized by linked information streams, the network opportunities they have to offer, and the multiplier effects accruing from them.

From the above can be concluded that (meta) data quality and digital security should receive far more emphasis. A decade after publication, the WRR-conclusions from 2011 are as valid as ever (pp. 216): “The attention for the quality of information cannot be limited to the information itself, but has to focus on the meta data as well.” Meta data are indispensable in information management. They play a crucial role in tracing the provenance of information and analysing its original context. In addition, the WRR rightfully addressed often neglected technical and organizational pre-conditions (pp.216-217): “Attention for the quality of information also demands thorough attention for … security, working processes, and a trustworthy authentication and identification infrastructure.” However, three years ago Dutch cyber readiness, i.e. the quality of its digital infrastructure as well as its security in general, was still assessed insufficient with central governance and adequate budgets lacking.

Bureaucrats and politicians seem mesmerized by linked information streams, the network opportunities they have to offer, and the multiplier effects accruing from them.

Over the last few years pressure has been building to officially designate the GDI a vital infrastructure. Although cyber security appears to be a priority, the ultimate push forward will most likely require a significant shock to the system, i.e. a future cyber incident of national proportion. Hopefully, it will not have to take a national cyber disaster to put a stop the present lethargic attitude towards digital data quality and security. The Dutch digital infrastructure is of indispensable value in the digital twenty-first century. This calls for law-based centralized governance aided by structural and elaborate budgets. No one questions the need for an ‘expensive’ Ministry of Infrastructure and Water Management, or the forceful governance of the Delta Commissioner to prevent disastrous water floods. Skip water, add digital!?