How can we prevent foreign entities from acquiring sensitive knowledge? How do we make sure that Dutch research findings aren’t misused to strengthen the armies of China, Russia or North Korea?
Universities, other knowledge institutions and individual researchers have a responsibility to assess knowledge security risks when collaborating with foreign researchers – which can be challenging.
Following a series of remarkable revelations about China’s long arm in science, years of excitement surrounding the benefits of international collaboration were quickly overshadowed by growing concerns about knowledge security.
House in order
In 2022, then education minister Robbert Dijkgraaf (D66) believed that higher education had been naive. The sector needed to get its house in order, as he put it. His ministry also announced plans to start screening foreign researchers who wanted to work in the Netherlands.
As things stand, however, institutions still have to rely on their own judgement. If they have questions about international collaborations, they can contact the National Contact Point for Knowledge Security, which was launched in January 2022. It is consulted more than 100 times a year.
In many cases, questions involve specific individuals. While this was to be expected, the contact point is doing everything it can to minimise the amount of personal information it receives. “Do not send personal data directly to the Contact Point”, the organisation writes on its website. “This includes names, addresses, email addresses, phone numbers, publications, CVs and photos.”
Freek Vonk
Information that can be combined to identify individuals – so-called indirect personal data – cannot be submitted either. If, for example, someone reports concerns about a globetrotting endowed professor of biology who often appears on television, most people would immediately recognise the person involved as Freek Vonk. Moreover, academia is a small world where everyone knows each other.
But it’s difficult to provide useful advice based on vague information, and the government has received ‘signals’ suggesting that the contact point does sometimes process personal data, despite the privacy restrictions in place. To address this, a bill is being drafted to formally empower the organisation to process such personal data.
If the bill is adopted, it will also be allowed to process personal data ‘of a criminal nature’. This includes information about specific researchers who have been prosecuted for espionage or theft of trade secrets.
Surprised
The bill is unlikely to meet strong opposition. If anything, policymakers will be surprised to learn that the contact point wasn’t already authorised to process researchers’ names.
The bill is now available online for consultation, which means that anyone can submit feedback. The government may use this feedback to make changes to the bill before submitting it to the Council of State. Once the latter has reviewed it, it will be submitted to the House of Representatives.