model-privacy-protocol-ondermijning

star 0

Reference guide for the Model Privacy Protocol on intra-municipal data exchange for combating undermining crime (ondermijning). Use for phase guidance (1–4), privacy checks (1, 2A, 2B), proportionality/subsidiarity, and legality/compatibility assessments.

btezcan00 By btezcan00 schedule Updated 1/19/2026
play_arrow Run Skill in Manus View GitHub

name: model-privacy-protocol-ondermijning description: Reference guide for the Model Privacy Protocol on intra-municipal data exchange for combating undermining crime (ondermijning). Use for phase guidance (1–4), privacy checks (1, 2A, 2B), proportionality/subsidiarity, and legality/compatibility assessments.

Model Privacy Protocol (Onder­mijning) — Skill Reference

Overview

This skill provides quick, accurate guidance based on the Model Privacy Protocol for binnengemeentelijke gegevensuitwisseling (intra-municipal data sharing) in support of the administrative/integrated approach to undermining crime (ondermijning).

It helps users navigate:

  • The 4-phase workflow (signal intake → weighting → source check → plan of approach)
  • The two privacy check moments (Privacy check 1; Privacy check 2A/2B)
  • The required legal reasoning: purpose limitation / compatibility, necessity & proportionality, and subsidiarity
  • Practical safeguards: retention, information duties, and data minimization

When to Use

Use this skill when you need to:

  • Explain or apply Phase 1–4 steps in the protocol
  • Decide whether a signal is in scope (ondermijning + municipal task + municipal territory)
  • Determine whether you may query sources using hit/no-hit
  • Decide whether gathered data may be shared internally for case handling (2A) and for executing the chosen approach (2B)
  • Clarify privacy/legal guardrails (AVG/UAVG + sectoral laws) and required documentation

What This Skill Covers

Phase Summary (Protocol Workflow)

Phase 1 — Receipt & intake of the signal

  • Qualify: does the signal relate to ondermijning (using the checklist / indicators)?
  • Check: is there a municipal task or power that could apply (2A)?
  • Check: does it concern the municipality’s territory (2B)?

Phase 2 — Weighting the signal

  • Assess severity/concreteness/relevance using objective local criteria.
  • Decide: no action vs route internally vs route externally/RIEC vs continue to Phase 3.

Phase 3 — Source research (Bronnenonderzoek)

  • Execute Privacy check 1 to determine:
    • which municipal sources may be queried
    • hit/no-hit first (data minimization), then only relevant “what-information” if justified
  • After hits: weigh results and decide whether to move to Phase 4.

Phase 4 — Plan of approach (Plan van aanpak)

  • Before the signal/case meeting: do Privacy check 2A (what may be shared for deciding the approach).
  • After approach is chosen: do Privacy check 2B (what sharing is allowed/necessary to execute the approach + intended legal powers).

Privacy Checks (Core Logic)

Privacy check 1 (start Phase 3) Answer per case: A) What is the legal basis of the primary collection/use of the data?
B) Is further use for “combatting undermining” compatible with the original purpose?

  • Apply the compatibility factors (context, data type, impact, safeguards, etc.) C) Is it necessary & proportionate, and does it meet subsidiarity?
  • Start with hit/no-hit where possible; avoid opening underlying details unless needed.

Privacy check 2A (start Phase 4)

  • Which of the gathered Phase 1–3 data may be shared with which internal participants to determine the approach?
  • Share only with the domains that need it (role-based minimization).

Privacy check 2B (during Phase 4 execution planning)

  • Given the chosen intervention and legal powers, confirm whether additional internal sharing is:
    • legally allowed (sectoral regime may restrict)
    • necessary and proportionate for the concrete execution

Inputs This Skill Expects

Provide (as available):

  • The signal (what happened, when, who/what is involved)
  • Whether it concerns an object (location/premises) or subject (person/entity)
  • The suspected phenomenon (e.g., exploitation, drugs, fraud, etc.)
  • Intended municipal task/power you think might apply (if known)
  • Which internal domains/sources might be relevant (if known)

Outputs This Skill Should Produce

Depending on the request, return one of:

  • A phase-by-phase next step (what to do now, what to document)
  • A privacy check decision summary, including:
    • primary legal basis
    • compatibility reasoning
    • necessity/proportionality/subsidiarity notes
    • “hit/no-hit first” guidance
  • A sharing recommendation for Phase 4:
    • who can receive what data (2A)
    • what additional sharing is allowed for execution (2B)
  • A short risk/guardrail note: retention, transparency/information duties, and limits

Guardrails & Non-Goals

  • Do not invent legal permissions. If the applicable sectoral regime is unclear, state what must be verified.
  • Prefer minimal data use and hit/no-hit before opening detailed records.
  • The protocol is a model; municipalities must adapt it to local structure/policy
Install via CLI
npx skills add https://github.com/btezcan00/claude-agent --skill model-privacy-protocol-ondermijning
Repository Details
star Stars 0
call_split Forks 0
navigation Branch main
article Path SKILL.md
More from Creator
btezcan00
btezcan00 Explore all skills →