Data breach of data published under the Government Information Public Access Act

Earlier this year, the COA received a request under the Wob from the programme ARGOS by broadcaster VPRO about signals of human trafficking and migrant smuggling among Nigerian asylum seekers. In the context of this request, Argos received a list of signals from the reception centres of human trafficking and migrant smuggling. This Excel list contains signals about various nationalities. The list was cleaned up for nationalities other than Nigerian. The personal data of Nigerian asylum seekers on this list were subsequently made blank.

After publication of the list on the website, it turned out that personal data of residents and/or employees could be made visible on the list after all. Subsequently, the list was removed from the website immediately.

Even though the response after discovery was adequate, it cannot be ruled out that third parties have had access to personal data of residents and/or employees. We deeply regret this and have immediately reported the data breach to the Dutch Data Protection Authority. We are currently taking a number of follow-up actions. Publication of this notification is one of them.