Welcome to the website of Wijnand Jongen

Wijnand Jongen is managing director of Thuiswinkel.org, the branch organisation for businesses involved in the distance sale of products and/or services to consumers via the internet, catalogues, post, etc.

Don't let hackers get off scot-free

13 feb 2012 - It's happened again. During ‘leak-tober’ the media paid lots of attention to the leakage of personal data via government agencies and businesses. Now we are in for round two. The hacking of KPN, Baby-Dump and Bavaria sharpened all our wits again.

For the sake of clarity: it is a good thing that it gets attention. The protection of personal data is extremely important in our society and essential for the confidence consumers have in the government, in businesses and – last but not least – in webshops. However, another question is also justified: should hackers be allowed to simply carry on with what they are doing? Surely there's no justification for doing something that is punishable. Suppose someone breaks into a house: who is punishable here? Is it the owner because he failed to install the newest type of hinges and locks? Or the burglar who steals things that do not belong to him?

Topsy-turvy world
It certainly looks as though we are in a topsy-turvy world at the moment. People seem to think nothing of it that businesses are being pilloried because hackers are not only tracking down abuse but also publishing the personal data they find. Everyone seems to have lost sight of the fact that ‘hacking’ is simply illegal and not as wonderful as lots of people want to believe. Let's get rid of all the romance surrounding this. Sure, I have a bit of sympathy for ‘ethical’ hackers who may be trying to unmask abuse and lack of security. As far as I´m concerned this should be allowed, and perhaps it is acceptable seen from the perspective of our Dutch high-tolerance model. But the data they obtained should never be published. It leads to no end of judicial problems. After all, when is hacking responsible and when is it not? The point of departure must be that hacking is always punishable. Leave it to the courts to decide in which situations ethical hacking is – and in which it is not – allowed.

Better hinges and locks
I am therefore asking politicians and the judiciary: don't let the hackers get off scot-free! You wouldn't accept it if your own house were involved. Criminals are not heroes. Seize them. In the meantime, we are working towards safer webshops. The fact is that, unfortunately, Thuiswinkel Waarborg will never be able to provide a guarantee – as much as we would like to – against hackers. We make no such claim. As lobby organisation for web-retailers, we do expect our members to process personal data in accordance with the Personal Data Protection Act. Web-pages where personal data are visible or which have to be filled in must be secured with at least an SSL-certificate. We also expect of our members maximum efforts with respect to the obligation to ensure the safe transport, safe processing and safe storage of personal data. We call them to account on these matters and provide them with continual information via our information channels.
We are helping create those better hinges and locks!

Video: Wijnand Jongen speaks at the EBAday, Barcelona 2011