THIRD SECTION

DECISION

Application no . 30894/09 Fuat OZTURK against the Netherlands

The European Court of Human Rights ( Third Section), sitting on 14 October 2014 as a Chamber composed of:

Josep Casadevall , President, Alvina Gyulumyan , Ján Šikuta , Dragoljub Popović , Johannes Silvis , Valeriu Griţco , Iulia Antoanella Motoc , judges,

and Marialena Tsirli, Deputy Section Registrar,

Having regard to the above application lodged on 28 May 2009 ,

Having regard to the observations submitted by the parties ,

Having deliberated, decides as follows:

THE FACTS

1. The applicant, Mr Fuat Öztürk, is a Turkish national, who was born in 1968 and lives in Rotterdam. He is represented before the Court by Ms J. Serrarens, a lawyer practising in Maastricht. The Netherlands Government (“the Government”) were represented by their Agent, Mr R.A.A. Böcker, and their Deputy Agent, Ms L. Egmond, both of the Ministry of Foreign Affairs.

2. The Government of the Republic of Turkey were informed of their right to take part in the proceedings (Article 36 § 1 of the Convention) but did not express the desire to do so.

A . The circumstances of the case

3. The facts of the case, as submitted by the parties , may be summarised as follows.

4. In April 2007 the applicant , a convict prisoner who had been in detention since 1999, was transferred to the Penal Institution “ Dordtse Poorten” in Dordrecht.

5. By letter of 2 April 2007 the Correctional Institutions Agency of the Ministry of Justice ( Dienst Justitiële Inrichtingen van het Ministerie van Justitie ) informed the Governor of “Dordtse Poorten” about a project for the taking of prisoners ’ biometric data (photographic likenesses and fingerprints), referred to by the name of “Biometrics” , which was prompted by the finding that a number of prisoners in a different institution had assumed a false identity . The project, referred to as a “catch-up exercise” ( inhaalslag ), was intended to constitute the initial phase of a complete overhaul of the prisoner identification system. As part of this project, the Governor of “Dordtse Poorten” was asked to take biometric data of certain prisoners in his institution.

6. As one of the prisoners chosen, the applicant was informed by letter of the intention of the Governor to take his fingerprints and digital photograph. The letter did not provide information on the storage or use of the data taken. The applicant states that the penal institution ’ s staff members , when asked, told him that the data would be stored for “ decades ” in a national database that would be accessible to the police and the judicial authorities.

7. On 23 April 2007 the applicant was asked to submit to the taking of his fingerprints and a digital photograph. He refused to do so, firstly, because he had already given these data when he was admitted to the penal institution and, secondly, because he opposed the fact that his data would be stored in a national database for an unknown length of time and that they would be accessible to the police and the judicial authorities.

8. Because of the applicant ’ s refusal to cooperate, the Unit Director of the penal institution imposed on the applicant three days ’ solitary confinement in his own cell which included the removal of his television, starting on 24 April 2007. Later that day, the applicant submitted a complaint against this punishment to the Complaints Commission ( beklagcommissie ) of the penal institution ’ s Supervisory Board ( Commissie van Toezicht ), stating that he had complied with his obligations under Section 28 (2) of the Prisons Act ( Penitentiaire Beginselenwet ) when he had submitted to the taking of his fingerprints and digital photograph during his admittance to the penal institution. He further argued that he was not obliged to submit his data again because they would not be used internally, within the penal institution, but for a national database for which there was no legal basis in the Prisons Act or any other act.

9. On 25 July 2007 the Unit Director sanctioned the applicant a second time and the institution ’ s staff members threatened to report the applicant to the Public Prosecution Service for refusal to comply with an official order if he continued to refuse to provide his fingerprints and digital photograph. Following this threat, the applicant cooperated and submitted his data. He was, neither then, nor after his release, given any information on the way his data would be stored or used.

10. On 24 June 2008 the Complaints Commission of the penal institution ’ s Supervisory Board rejected the applicant ’ s complaint . It held that the sanction had not been unreasonable because the Governor had been obliged to comply with the instructions of the Correctional Institutions Agency ; because the refusal of a prisoner to comply with an order of the Governor was a disciplinary offence ; and because the applicant had refused to submit his data when o rdered to do so by the Governor .

11. In his appeal to the Appeals Board ( beroepscommissie ) of the Council for the Application of Criminal Justice and Protection of Juveniles ( Raad voor Strafrechtstoepassing en Jeugdbescherming ) the applicant largely restated his arguments. He further submitted that the existence of a Determination of the Identity of Suspects , Convicted Persons and Witnesses Bill ( Wetsvoorstel Wet identiteitsvaststelling verdachten, veroordeelden en getuigen ), which provided a legal basis for the taking and processing of prisoners ’ biometric data in a national database, proved that section 28 (2) of the Prisons Act did not yet confer any such power.

12. On 3 December 2008 the Appeals Board noted that in practice the identity of prisoners was checked at the time of admission to the institution. It further noted that on entering the institution the applicant had complied with this obligation to submit identifying data as provided for in section 28 (2) of the Prisons Act. It held that, even though the collection of the data itself had not been unlawful, it had been up to the Governor to explain to the applicant why his data needed to be taken a second time and to provide him afterwards with another opportunity to submit his data. As the Governor had failed to do so, the Appeals Board held that the sanction had been unreasonable. The Appeals Board awarded the applicant financial compensation in an amount of 22.50 euros (EUR).

13. The applicant was released on 7 September 2009.

B. Documents submitted by the Government

14. In their further observations submitted in response to the applicant ’ s observations, the Government submitted a written statement on paper bearing the letterhead of the Judicial Information Service ( Justitiële Informatiedienst ) and dated 22 March 2013 . It reads as follows:

“Destruction

The undersigned, J.J. Wiltvank, General Director of the Judicial Information Service, makes the following declaration:

...

I declare this to be a statement of the truth, made on 26 March 2012 [sic].

J.J. Wiltvank

General Director of the Judicial Information Service”

This document bears no manuscript signature.

15. Also annexed to the Government ’ s further observations were an official record attesting the destruction of “personal data of the catch-up exercise”, recording the destruction of information stored on CDs and external hard disc drives by Ministry of Justice officials and of the original fingerprints by a waste-processing company, Milieu Service Nederland . The official record includes the following:

“ Instruction

On 21 November 2012 the Director of the Judicial Information Service instructed the undersigned to ensure the destruction of any personal data from the catch-up exercise that might still unjustifiably be stored ( de mogelijk nog ten onrechte in bewaring zijnde persoonsgegevens ).

Stocktaking

...

During stocktaking a search was carried out for other media that might exist outside the Judicial Information Service. From the information obtained from the then keeper of the mobile kits it appears that

Attached to the official record is a “Destruction and Recycling Certificate” dated 10 December 2012, provided by Milieu Service Nederland .

C . Relevant domestic law

1. The Prisons Act

(a) Legislation

16. T he Prisons Act, as in force at the relevant time, in its relevant part provided as follows:

Section 28

“ 1. The Governor can oblige the prisoner to carry a valid identity document and to show this at the request of a civil servant or a staff member.

2. The prisoner is obliged to cooperate with the recording of his digital photograph, the taking of a fingerprint or the taking of a hand scan.”

Section 59

“Rules will be laid down by or pursuant to order in council concerning the creation of files. These rules will in any event give a definition of the detainees about whom a file must be created, the nature of the information contained therein, the right of the detainee concerned to inspect or obtain a copy of the file and the limits to this right, and the length of time and way in which the file is to be kept.”

Section 60

“ 1. A detainee may lodge a complaint with the Complaints Committee against a decision concerning him taken by or on behalf of the Governor.

2. A failure or refusal to give a decision is equated with a decision as referred to in subsection 1. If no decision has been given within the statutory time limit or, in the absence thereof, within a reasonable time limit, this is deemed to be a failure or refusal to give a decision.

3. The Governor must ensure that a detainee wishing to lodge a complaint is given an opportunity to do so as quickly as possible.”

(b) Parliamentary documents

17. The following is taken from the drafting history of the Prisons Act (Explanatory Memorandum ( Memorie van Toelichting ), Lower House of Parliament, no. 24,263, 1994-95 session, no. 3):

“ ...

Chapter VI of the Bill specifies permissible interferences with the constitutional rights of respect for one ’ s privacy and for the integrity of the body, the clothing and of the prisoner ’ s bodily secretion.

...

The following powers are granted to the Governor to exercise control over the prisoners and the use of force against them:

a. to impose a duty to provide proof of identity;

...

a. Duty to provide identity

The duty to provide proof of identity is copied from section 27 of the [former] Prison Rules ( Gevangenismaatregel ) with the addition of the [prisoner ’ s] explicit duty to cooperate with the recording of his likeness, or the taking of a fingerprint for the purpose of an identity check.”

2. The Prison Rules

18. The Prison Rules ( Penitentiaire maatregel ) , as in force at the relevant time, in their relevant part provided as follows:

Rule 37

“...

2. The other documents relating to the detainee are to be collated in an institutional file [i.e. a file peculiar to the institution]. They are to be arranged by subject in chronological order.”

Rule 39(4)

“...

4. The institutional file referred to in article 37, paragraph 2 must be destroyed six months after the detainee ’ s stay at the institution has ended. If the detainee is again confined in the institution before the end of this period, the limited retention period ceases to apply.”

Rule 40

“1. In the event that inspection by the detainee of his file is denied on one of the grounds laid down in section 43 of the Personal Data Protection Act, the Governor may arrange for a member of the Supervisory Committee authorised by the detainee to inspect the data which the detainee has been denied leave to inspect. Sections 57 and 58 of the Act [i.e. the Prisons Act] apply mutatis mutandis .

2. Data from the file may be disclosed to Our Minister and the civil servant or staff designated by him in so far as necessary with a view to:

a. dealing with requests concerning the detainee;

b. dealing with procedures concerning the detainee;

c. managing the files;

d. dealing with other decisions concerning the detainee. The same applies to the assignment officer, the Governor and the civil servants or staff designated by them.”

3. Subsequent developments

19. The Act on the determination of the identity of suspects, convicted persons and witnesses ( Wet identiteitsvaststelling verdachten , veroordeelden en getuigen ) entered into force on 1 October 2010 . It altered section 28 of the Prisons Act so as to empower the Governor to take a prisoner ’ s biometric data (fingerprints, DNA, photographic likeness). Delegated legislation is to govern the processing of these data.

20. Article 27b § 4 of the Code of Criminal Procedure ( Wetboek van Strafvordering ) now provides for data needed to establish the identity of a suspect or convict to be stored in the “criminal procedure database” ( strafrechtsketendatabank ).

21. Detailed regulation of the criminal procedure database is provided by the Determination of the Identity of Suspects and Convicted Persons Decree ( Besluit identiteitsvaststelling verdachten en veroordeelden ) , which also entered into force on 1 October 2010. Th is Decree sets rules for the organisation of the database in which biometric data of convicted persons are kept , storage and destruction of those data and access to them .

COMPLAINT

22. The applicant complain ed that the obligation to cooperate with the taking of his fingerprints and his digital photograph and the storage of those data in a national database violated his rights under Article 8 of the Convention, as this interference was neither in accordance with the law nor necessary in a democratic society.

THE LAW

Complaint under Article 8 of the Convention

23. The applicant complained that he had been compelled to allow his fingerprints and his digital likeness to be taken and stored in a national database. He submitted that he had been a victim of a violation of his rights under Article 8 of the Convention, which in its relevant part provides as follows:

“1. Everyone has the right to respect for his private ... life ...

2. There shall be no interference by a public authority with the exercise of this right except such as is in accordance with the law and is necessary in a democratic society in the interests of national security, public safety or the economic well-being of the country, for the prevention of disorder or crime, for the protection of health or morals, or for the protection of the rights and freedoms of others.”

The Government disputed this.

1. Arguments before the Court

24. The Government submitted in the first place that the applicant could no longer claim to be a “victim” within the meaning of Article 34 of the Convention. They pointed to the decision given by the Appeals Board of the Central Council for the Administration of Criminal Justice on 3 December 2008, which had been in the applicant ’ s favour. Moreover, the applicant ’ s biometric data had been destroyed.

25. The Government further argued that a violation of Article 8 could not be found on the facts of the case. A statutory basis for the collection of biometric data existed, namely section 28(2) of the Prisons Act; the statutory basis for their storage was section 59 of the Prisons Act in conjunction with Rule 35 (the Court understands that Rule 37 is meant) of the Prison Rules. Safeguards against abuse were in place.

26. The “legitimate aims” pursued were “the prevention of disorder or crime” and “the protection of the rights and freedoms of others”.

27. Relying on Vasileva v. Denmark , no. 52792/99, 25 September 2003 , in which the Court had held that law enforcement required the police to be able to establish the identity of citizens, the Government further submitted that establishing the identity of prisoners was crucial to obviate the risk of implementing a prison sentence or non-punitive order on the wrong person. Thus, it had been considered necessary to check the applicant ’ s identity as part of the catch-up exercise.

28. The applicant took the view that he could still claim to be a “victim” of the violation alleged. He contended that the decision of the Appeals Board of the Central Council for the Administration of Criminal Justice had not held that the collection and storing of his biometric data was illegal and had not actually ordered their destruction.

29. In the applicant ’ s submission, the point was that the Netherlands authorities had not only collected and stored his biometric data in the institution; these data had actually left the prison and had been handed over to authorities outside the prison. The information given to him by prison staff suggested that the data would be stored in a national database. Had the applicant ’ s biometrical data been collected in 2007 solely for the purpose of establishing his identity in the prison itself, he would not have refused to cooperate; nor would he have lodged an application with the Court.

2. As to whether the applicant can still be considered a “victim”

30. The Court does not consider it necessary to decide whether the applicant can still be considered a “victim” of the violation which he alleged. That is because the application is in any case inadmissible as will be seen below.

3. Establishment of the facts

31. The applicant alleged that the biometric data taken from him by the Penal Institution “Dordtse Poorten” in July 2007 were kept in a national database in violation of the law. The Government, in their observations, stated that these data had been destroyed without having left the prison.

32. The applicant submitted that he had been told by prison staff that his data would be stored in a national database for decades to come. He asked the Court not to take the Government ’ s denial at face value.

33. T he applicant has profferred no evidence to prove the truth of his bald allegation that his biometric data were unlawfully stored. The Court observes , however, that Convention proceedings do not in all cases lend themselves to a rigorous application of the principle affirmanti incumbit probatio (“he who alleges must prove”) because in certain instances the respondent Government alone have access to information capable of corroborating or refuting allegations (see, among other authorities, Idalov v. Russia [GC], no. 5826/03 , § 98 , 22 May 2012 ) . Such is the situation faced by the Court on this occasion. The Government will therefore have to satisfy the Court that the applicant ’ s allegations are unfounded.

34. In their observations, the Government described the background to the facts complained of as follows:

“7. In November 2004, two members of the House of Representatives of the States General [i.e. the Lower House of Parliament, Tweede Kamer ] put questions to the then Minister of Justice after a case of mistaken identity involving a detainee ( Proceedings of the House of Representatives [i.e. of the Lower House of Parliament; Handelingen van de Tweede Kamer ] 2004 -2005, p. 1461 ). Acting on these and other signals, the Ministry of Justice carried out a study to assess the scope for and desirability of structural improvements to the way the identity of suspects and convicted persons was established and checked. Random checks at three institutions in early 2006 involving 707 inmates revealed that, in 22% of cases, there were doubts as to whether the identities recorded were correct. Of these, 15% seemed to relate to administrative errors and 7% were cases of suspected identity fraud.

8. The then Minister of Justice subsequently set out his plans, again in response to questions in the House of Representatives, in his letter of 6 December 2006 ( Parliamentary Papers, House of Representatives [ Kamerstukken II ], 2006-2000, 30 800 VI and 29 271, no. 23, p. 4 ) The main thrust of the letter concerned the measures already being prepared as part of the criminal justice system information provision programme (PROGIS). These measures focus on carefully establishing the identity of suspects when they first come into contact with the criminal justice system (investigation) and subsequent verification of the identity of suspects or convicted persons by other partners in the criminal justice system, e.g. when their case is heard or when they serve their sentence. The then Minister of Justice also announced in his letter hat ‘ all detainees in the Netherlands will have their photographs and fingerprints taken in a one-off catch-up exercise ’ . The aim of the exercise was to check and verify the identities of the detainees.”

The applicant did not dispute this.

35. The Court must next have regard to the documents submitted by the Government in their further observations (paragraphs 14 and 15 above). These include a written statement bearing the name but not the signature of the General Director of the Judicial Information Service, an official record attesting to the destruction of the data collected in the course of the catch-up exercise, and a certificate delivered by the waste-processing company which destroyed the original fingerprints.

36. Even though the statement is not signed, the Court is disposed, in the light of the background as described above (paragraph 34), the official record and the certificate, to accept that it reflects the truth. It therefore finds that the applicant ’ s biometric data were used once only, for the purpose of establishing his identity in prison, and destroyed without having been stored in a national database.

4. The Court ’ s conclusion

37. The Court notes that, as the applicant himself acknowledges, his complaint presupposes that his biometric data were taken not merely to establish his identity, but in order to be kept outside the prison for future use. It follows from the Court ’ s findings of fact (see paragraph 36 above) that this was not the case.

38. It follows that the application is manifestly ill-founded and must be rejected in accordance with Article 35 §§ 3 (a) and 4 of the Convention.

For these reasons, the Court, by a majority,

Declares the application inadmissible.

Marialena Tsirli Josep Casadevall Deputy Registrar President