top of page
  • Foto van schrijverMaria Sejfryd

Dutch public transport - a railroad to surveillance?

A few months ago, we wrote an article about Michiel Jonker – a privacy activist who lost his appeal over the anonymous OV-chipkaart.[1] Michiel started his battle against national surveillance in 2014, by objecting to the practices of Dutch companies that process citizens' data on a massive scale, because: ‘it is necessary to fulfil the contract’.[2] The legal dispute started in 2015, when an official complaint to the Dutch Data Protection Authority (Autoriteit Persoonsgegevens - AP) was filed. AP decided not to investigate, which led Jonker to bring up the case to the court of first appeal. After 6 years of proceedings, the case finally went to the supreme court, which rejected all three appeals - closing the domestic legal path. Exhaustion of national remedies, however, created the possibility of referring the case to the European judicial authorities. This is what Michiel did in February 2022, by writing an official application to the European Court of Human Rights (ECtHR).

Volgende halte - goodbye privacy!

Until 2014, all travellers in the Netherlands were free to use the public transport without the fear of their privacy being at stake. Paper tickets used separately or in combination with a personal card showing the right to a reduced price were available not only in the machines, but also at the bus driver and ticket counters at larger railway stations. At those ticket counters, people could pay with cash, including banknotes.This situation changed in 2014, when the NS, the Dutch National Railways (DNR), ended the system of paper tickets. The only options that remained available were: a personal OV-chipkaart (with owner’s photo, name and surname), the anonymous OV-chipkaart (without printed details, but with an unique number connected to the travel data) and single tickets with a chip. Therefore all carrying information, some of which (in)directly identifies the holder of the card. In 2018, bus company Connexxion completely ended the possibility to pay for tickets with cash in the bus. The same year, NS started to demand names and dates of birth when selling international train tickets.

Above mentioned changes raised concerns in relation to possible violations. Travellers who used a single chip-ticket, had to pay much higher prices than travellers who used an anonymous personalised card, and could not travel with reduction anymore, regardless of whether they had a right to a lower fee. The discount had to be personalised and attached to the card itself. Outside rush hours, the holders of an anonymous OV- chipkaart were not allowed to travel with reduced prices at all, regardless of their actual right to the discounted travel. This amounted to price discrimination of those who care about their privacy, hence since the change, travellers who do not want to ‘enter the system’, are simply not allowed to make use of the deductions. Therefore: they pay more. And if they want to pay less – they must share their personal data.

Is the „anonymous OV-chipkaart" anonymous?

Consider the following case: a person using an anonymous card loses it on the street. An anonymous OV-chipkaart contains a 16-digits number, which, inserted on the website „”, shows detailed history of travelling from the last 1,5 years. A piece of plastic does not look suspicious, but how would you feel if you would lose your notebook with detailed information about your movement history? Anonymous card does not have the name of its owner on it but carries a lot of personal information anyway. In the age of digital surveillance, those who are aware, know how to avoid being tracked. But not only the privacy enthusiasts should be able to secure their identity and their personal travel data. We have all heard about the companies which overuse our data. However, what about governments which, by definition, should strive to protect our privacy by at least avoiding the practices that undermine it? DNR, performing public tasks, having a dominant position in the market, should be expected to treat its customers' privacy seriously. However, the product which in its name has the word anonymity, cannot be seen as anonymous itself (!). What is more, as underlined by Michiel: “the money is not loaded directly on these cards, but to a server in the back-office of a subsidiary owned by NS and a few other public transport companies.” The use of the word anonymous is therefore clearly misleading and creates a misconception about how anonymous and secure you are actually are.

A final step

Recently, a number of issues connected to the system of OV-chipkaart were presented by Jonker in his application to the ECtHR. Other privacy violations mentioned in the same document are the refusal of cash payment in buses, demand of personal data when refunding unused money and demand of personal data when selling international tickets. The whole text of the application is available here. Currently, Michiel is waiting for the reaction from the Court. “I am very conscious of the fact that the European Court of Human Rights declares more than 90% of incoming applications inadmissible. I can only hope that the legal officers of the Court will recognise and appreciate the implications of this case - not only for the privacy of EU citizens who depend on public transport, but also for the legitimacy of the legal system which the EU claims "protects" its citizens.” – says Michiel. “In theory, there is "rule of law" in the EU. In practice, I have serious doubts about it,” he adds.

[2] Art. 6(1)(b) of the General Data Protection Regulation.


bottom of page