The information question Authority in the BRP API Persons

The purpose of the algorithm is to provide targeted information to organisations using the BRP (users), rather than loose data that users have to process into information themselves. The algorithm converts the loose data into information, based on rules. That information is provided to users from the central BRP, instead of the entire set of data needed to arrive at that information. As a result, less data is provided to BRP users; this achieves data minimisation.

In addition to data minimisation, the deployment of algorithms in the BRP APIs has the following objectives.

• Preventing errors in the use of BRP data, such as incorrect derivation of the registration name based on separate name data, so that citizens' rights are protected as much as possible.
• More transparency for citizens; citizens can also see how the data has been used because the derivation rules are public (the derivation rules used by BRP users themselves are mostly not known and, moreover, differ from one user to another).
• Long-term cost savings:
• because BRP users no longer have to manage copy files;
• lower connection costs to the BRP for users;
• centralisation of rules at the provider of BRP data, instead of implementation at many users;
• Faster and cheaper implementation of changes to the BRP due to social developments. Organisations now use rules themselves -each on their own- to derive information from BRP data. With the BRP APIs, deriving information from BRP data is done centrally. By centralising these rules, the impact of a change on connected government systems is much smaller than now.

The deployment of the algorithm provides benefits because the central processing ensures that less (sensitive) data is provided to users. These are government organisations, municipalities and other organisations performing a statutory task. By deploying the algorithm, there is less risk of unlawful processing of personal data. And the negative consequences that may arise from data breaches are reduced. The information query Age is used by organisations that need only the person's age, and not the date of birth, to carry out their processes.

The only alternative to RvIG centrally processing the personal data is for users to process the data into information themselves - if required. This is the current practice. This means that the data from the BRP must first be provided to the user, after which the user himself edits the data into information. This represents a major invasion of the citizen's privacy compared to the use of the algorithm, as more personal data is provided than would be the case with the algorithm. It also entails each user having to develop their own 'computational rules' to convert the data - if desired - into information. As a result, the same data may yield different information at different organisations. For example, whether or not to capitalise the prefix to the surname.

The risk of errors in processing, resulting in incorrect information being provided to the buyer on the basis of which wrong decisions are made, is covered by:

• The ability to deviate from the information provided;
• A procedure at the processor, the Rijksdienst voor Identiteitsgegevens (RvIG), for reporting potentially incorrect information;
• Extensive and structured testing in advance.

The risk that verification and correction by the data subject becomes more difficult because the information provided is generated on a transaction-by-transaction basis is covered by:

• The possibility for the recipient to deviate from the information provided;
• A procedure at RvIG for reporting potentially erroneous information.

The risk of repeating errors in processing due to the fact that BZK is not authorised to correct basic data on person lists is covered by:

• The possibility for the recipient to deviate from the information provided;
• A procedure at RvIG for reporting potentially incorrect information.

The risk of changing calculation rules without following the necessary procedures is covered by:

• Following standard procedures when adding, changing or deleting calculation rules;
• Following the regulatory process.

The risk of fragmented assessment of effects of information provision per customer is covered by making arrangements in the covenant.

The risk of automated decision-making without human intervention is covered by making agreements in the covenant.

The residual risk is estimated as LOW for all risks mentioned above.

Person's citizen service number

First name of person

Gender name person

Date of birth person

Country of birth person

Document data person

Parents' citizen service number

First names of parents

Gender names parents

Gender parents

Date of commencement of parental relationship

Citizen service number (marriage) partner

Date of marriage/commencement of registered partnership

Place of marriage/commencement of registered partnership

Country of marriage/commencement of registered partnership

Date of dissolution of marriage/registered partnership

Place of dissolution of marriage/registered partnership

Country dissolution of marriage/registered partnership

Reason for dissolution of marriage/registered partnership

Date of death

Indication of secrecy

Municipality of registration

Country from where registered

Date of establishment in the Netherlands

Child's citizen service number

Child's first name

Child's sex name

Date of birth of child

Indication of authority of minor

Guardianship indication

Date of validity Legal relationship

The API can be used through different inputs:

• via the minor querying who the custody holders are;
• via the adult query over whom the person has parental authority;
• via an address (object) to find out which authority relations the persons registered have.

The authority relations are inferred based on derivation rules. For details, see: https://github.com/BRP-API/Haal-Centraal-BRP-bevragen/blob/master/docs/features/Stroomschema%20gezag%20in%20BRP%20API.pdf