How the Dutch postal services completely disregarded the privacy of Dutch citizens by introducing a cool new feature
The Dutch postal services (PostNL) introduced a new feature in their app back in October 2017 which is called “Mijn Post” (My Mail). This feature sends push notifications to your phone with pictures of your mail before something reaches your mailbox. This is actually quite a nice feature. No more surprises when opening the mailbox. Someone at PostNL probably came up with this as they already took pictures of the mail to have the system sort them automatically. They’re not actually reading the address, this is done by computers. The problem is that they didn’t cover everything when launching this app, such as what happens when people move. Back when they introduced this feature I immediately assumed that this system was connected to the computer systems at the municipality and that they would simply disconnect an app when someone moved and changed their address.
After moving and getting the key to your new mailbox, what you are expected to do is install their App and register for this service. They will then send a letter with a code and after entering the code in the app the service starts working. This is how you prove to them that you actually live there. There are two options after registering for this service. You can disconnect your app from that address or you can disconnect your address from the service. You have to do the latter to make sure that the people that lived there before you (and maybe even the people before them) stop getting these pictures of your mail. Nobody is aware of this and I can’t find any information about this on their website. What I do know is that they are not allowed to set this up in this way.
A lot of people aren’t even aware that this service exists and some people haven’t installed their app to check the tracking info of parcels sent to them. This feature in the app needs to be removed as long as they can’t automatically prevent people from getting pictures of mail that
Why hasn’t anyone noticed this before? Well, this only works for one address. People moving to a new place simply remove it and register their new address. After registering their new address, the service simply works and they move on. People that abuse this simply keep using the service for the previous address and can use a different phone to get the pictures of their own mail. There is an incentive to do this as it can be rather convenient to check if someone is sending mail to your previous address.
What can we learn from this? Innovation is great, but you need to cover all scenarios. It amazes me that the people working for PostNL didn’t think that this was an issue. We’re not talking about a small company, they deliver the mail for all Dutch citizens and the majority of the parcels. They also operate in Belgium, Luxembourg, Germany, Italy
We should never make assumptions on how companies protect our privacy. We need to reach out to them and ask. When I called them to ask about this, they confirmed that this is the way the service has been built and that they were convinced that the company already made sure that all of this was fine from a legal perspective. We all love cool new features, but take a few minutes to think about the risks and reach out to them before jumping to conclusions. Do you live in the Netherlands and did you move after October 2017? Then you need to sign up and disconnect the address to make sure that nobody is getting pictures of mail sent to you. You can sign up again if you want to make use it. You also need to be aware that these services exist. You might not be interested in these apps, but you actually have to install them to see what features they offer.