Citizens and businesses must be able to trust that their data exchanges with the government through the web or email are secure. This does not happen automatically. To ensure this, governments need to implement various information security standards. These standards, for example, help prevent phishing and spoofing. They also secure the connection between a government website and its visitors. Details on what the standards specifically entail can be found on the Netherlands Standardisation Forum website.
Use of information security standards
The Netherlands Standardisation Forum conducts biannual assessments of more than 2,500 government domains to check if the standards are being correctly applied. According to the measurements presented in June 2023, 56% of the domain names met all mandatory website standards. Email standards lagged behind, with only 50% compliance.
These measurements utilise the tools from the Dutch Internet Standards Platform, a collaboration between the government and the Dutch internet community. More information can be found on internet.nl.
Implementation agreements
Governments have agreed on when and how standards should be implemented within the government. An overview of these ‘target model agreements’ is available on the the Netherlands Standarisation Forum website. If the standards are still not sufficiently applied by government organisations – despite these agreements set by the Government-wide Digital Government Policy Consultation (OBDO) – the Minister of the Interior may impose legal obligations in the future under the Digital Government Act (Wdo).