Ten Dutch municipalities fined for illegally processing sensitive information about Muslim communities

Published: 6 February 2026
muslims_amsterdam_little_boy_scooter

The Dutch Data Protection Authority (DPA) has issued fines, totaling €250,000, to ten municipalities for collecting and processing sensitive information about Muslim residents without their consent or knowledge.

The privacy and data protection regulator is imposing €25,000 fines on the cities of Delft, Ede, Eindhoven, Haarlemmermeer, Hilversum, Huizen, Gooise Meren, Tilburg, Veenendaal, and Zoetermeer.

For a long time, these municipalities monitored members of Muslim communities as part of an investigation into alleged terrorism. The government and National Coordinator for Counterterrorism and Security (NCTV) pushed for a robust local approach to detecting radicalization and preventing travel abroad. Municipalities were given a key role in this.

ADVERTISEMENT

Numerous municipalities chose to hire a research agency to gather intelligence about Islamic communities, including names, photos, information about family members, which movement of Islam they adhere to, and the mosque they visit.

In some cases, detailed personal profiles of individuals ended up in the reports. A limited number of reports were then sent to law enforcement authorities, the NCTV, and the Ministry of Social Affairs and Employment.

jurgita justinasv Izabelė Pukėnaitė vilius Ernestas Naprys Gintaras Radauskas
Don't miss our latest stories on Google News. Add us as your Preferred Source on Google
Follow us

“People in Islamic communities were investigated without their knowledge. This involved reports containing sensitive data about their religious beliefs and other personal information about them and their families. The municipalities had no grounds whatsoever for obtaining this information. The privacy of the people affected was seriously violated. This has damaged trust in many municipalities,” DPA Chairman Aleid Wolfsen says in a statement.

The involved municipalities weren’t allowed to process this sensitive information, which is an infringement of Articles 5, 6, and 9 of the General Data Protection Regulation (GDPR). According to the privacy supervisor, they were insufficiently aware of their own role and responsibility, and have acknowledged that their approach was wrong. They have already taken steps to repair their relationship with the Muslim community.

Several municipalities, including Delft and Tilburg, have apologized for the investigation that was conducted into the Islamic community.

Unlock more exclusive Cybernews content on YouTube.

ADVERTISEMENT
Share
Post
Share
Share
Share
More from Cybernews
Companies using Fable 5 beware: it’s collecting your data, and there are no exceptions
World’s leading mathematicians ridicule AI hype in high-IQ declaration
Democrats are far more worried than Republicans that AI will take jobs, new poll finds
Europe’s tech revolution feels like Soviet déjà vu
New York demands advertisers use “synthetic performer” label or else
The surprising way Elon Musk is powering your next holiday flight
ADVERTISEMENT