News

The latest news from the Dutch Safety Board (Dutch)

Effects of COVID measures not clear enough

The Cabinet did very little to monitor or evaluate the effects of the COVID measures. As a result, little is known about both the desired and undesired effects of the measures. More knowledge about the effects of the measures that were taken would allow the Cabinet to make better-informed decisions in the event of coronavirus resurgences or future pandemics. This is what the Dutch Safety Board writes in its investigation report Approach to the COVID-19 crisis, Part 2, which covers the period from September 2020 to July 2021. In this second sub-report, the Board focuses on three measures: the facemask requirement, the closure of primary and secondary schools, and the curfew. The handling of the vaccination programme was also examined.

Long-term crisis

The Dutch Safety Board’s second research report looks at the period after the relatively calm summer of 2020, during which the Netherlands faced a new surge in coronavirus infections and hospital admissions. This was when the general public started to realise that the coronavirus pandemic was not over yet, and that it would be a long-term crisis. In the autumn of 2020 and the winter of 2020-2021, the Cabinet introduced far-reaching measures to curb the spread of the virus. These included a facemask requirement, the closure of primary and secondary schools, and a curfew. Little was known at the time about the effects these measures would have, an uncertainty that persists to this day as a result of insufficient monitoring and evaluation. The Board recommends that more knowledge be collected about the effects of the measures, as this would allow the Cabinet to make better-informed decisions in the event of coronavirus resurgences or future pandemics.

Vaccination programme

European cooperation enabled effective vaccines to be developed and made available within an unprecedented timeframe. The Netherlands played an active role in this process. When the vaccination campaign started in early January 2021, expectations were high. However, vaccines remained in short supply for several months, whereupon it became necessary to prioritize. The Dutch Health Council advised the Cabinet to vaccinate the most vulnerable groups first: the elderly and people who were at risk due to medical reasons. The Cabinet chose to deviate from this advice to some extent. Healthcare workers in long-term care were vaccinated first, followed by people the government classified as vulnerable to the virus due to medical reasons. The latter group, however, did not include all at-risk groups. As a result, at-risk groups that were not eligible for early vaccination felt unfairly disadvantaged. In the end, they were vaccinated months later than originally planned. After a hesitant start, the vaccination campaign started to pick up steam, and by June 2021 a large proportion of the population was vaccinated.

Division of roles and scenarios

Looking at this second period of the COVID-19 crisis, the Board observes the same patterns it saw in the first part of its investigation. In its first sub-report, the Board concluded that the division of roles – the Cabinet as decision-maker and the experts as advisers – was not always clear. The Board notes that this was also the case during the decision-making process regarding the facemask requirement. Initially, the Cabinet followed the Outbreak Management Team’s (OMT) recommendation not to institute a facemask requirement. Only later, as a result of political pressure, did the Cabinet change its view on the matter. The OMT did not always adhere to its formal role at times, for instance when it allowed the scarcity of facemasks to become a factor in its negative recommendation regarding facemask requirement.

In addition, the Board again notes that the Cabinet did not sufficiently consider a variety of possible scenarios. For instance, in preparing the vaccination campaign, the Cabinet assumed that the vaccine would be administered by general practitioners. All preparations were geared towards that scenario. When it eventually became apparent that the first vaccine to become available was not suitable for distribution through general practitioners, a last-minute switch to large-scale vaccination by the Municipal Health Departments (GGDs) was required. This put significant pressure on the Municipal Health Departments (GGDs) to set up large vaccination sites in a short timespan.

 

Onderzoek herbevestigt conclusies OVV-rapport mortierongeval Mali

Vandaag publiceert de Onderzoeksraad voor Veiligheid de bevindingen uit het heropende onderzoek naar het mortierongeval in Mali in 2016. De Raad stelt vast dat er geen nieuwe feiten zijn gevonden die aanleiding geven tot heroverweging van de conclusies uit het eerdere onderzoek. De Onderzoeksraad heropende het eigen onderzoek uit 2016 nadat bleek dat in een vervolgonderzoek van de Koninklijke Marechaussee (KMar) nieuwe feiten naar voren zouden zijn gekomen. Door de nieuwe feiten zou de door de Onderzoeksraad vastgestelde toedracht van het ongeval mogelijk ter discussie staan. Jeroen Dijsselbloem, voorzitter van de Onderzoeksraad voor Veiligheid: “Het is onze plicht naar de nabestaanden en de samenleving om bij twijfel opnieuw de feiten te onderzoeken. Voor de Raad is het van belang dat onze rapporten boven iedere twijfel verheven zijn. Tijdens het heropende onderzoek vonden we echter meer bevestiging voor onze eerdere conclusies.”

Twijfel over herkomst granaatscherven

Nadat de nabestaanden in april 2018 aangifte deden tegen Defensie bij het Openbaar Ministerie (OM) heeft het OM aan de Koninklijke Marechaussee (KMar) opdracht gegeven tot aanvullend onderzoek. De KMar gaf in dit aanvullend onderzoek aan dat het niet uit te sluiten was dat de onderzochte granaatscherven vermengd waren geraakt met andere granaatscherven. Dit KMar-onderzoek was tot oktober 2021 niet bekend bij de Raad. Nadat de Raad hierop werd gewezen is het onderzoek heropend om de mogelijk nieuwe feiten te onderzoeken.

Conclusies en aanbevelingen uit 2017 herbevestigd

Het heropende onderzoek door de Raad heeft geen nieuwe feiten naar voren gebracht. Wel leverde het onderzoek extra informatie op waardoor de eerdere conclusies worden bevestigd. De Raad vond uitsluitsel over het verzamelen van de granaatscherven na het fatale ongeval. De onderzochte granaatscherven zijn niet vermengd geraakt met andere granaatscherven. De granaatscherven van het ongeval zijn direct verzameld en afgevoerd, overige granaten zijn daarna vernietigd. Dit wordt bevestigd door getuigen van de Franse eenheid die destijds in Mali aanwezig waren.

De Onderzoeksraad stelde in het eerste rapport dat aan de granaatscherven te zien is dat het ontstekingsmechanisme van de mortiergranaat instabiel was. Door vocht en warmte was oxidatie ontstaan in de mortiergranaat. Hierdoor ontstonden koperazide kristallen in het ontstekingsmechanisme. Koperazide is schokgevoelig en explosief, dit veroorzaakte de vroegtijdige ontploffing van de mortiergranaat. Dit scenario is ook bevestigd door een munitiedeskundige, verbonden aan de Britse defensieafdeling Defence Equipment and Support, die een onafhankelijk rapport opstelde in opdracht van het Nederlandse Openbaar Ministerie.

Aandacht voor de munitiebeheer

Uit het eerste OVV-onderzoek bleek dat de aanschaf, beheer en gebruik van munitie binnen Defensie niet verliep volgens de eigen richtlijnen. Na het fatale ongeluk in Mali zijn de resterende circa 10.000 granaten geblokkeerd en wachten nog steeds op ontmanteling. Het blijft van groot belang dat de veiligheid en gezondheid van de betrokken medewerkers bij de ontmanteling geborgd is. In het licht van de geschiedenis van dit fatale ongeluk zou het goed zijn als de minister van Defensie de Tweede Kamer periodiek informeert over de voortgang van de ontmanteling en de kwalitatieve verbeteringen in het munitiebeheer.

Bekijk de volledige onderzoekspagina ‘Mortierongeval Mali

 

 

Broader view crucial to approach to the COVID-19 crisis

The Netherlands was not well prepared for a protracted, national health crisis. The country’s crisis structure and crisis communication proved to be inadequate. People from all sectors involved in tackling the crisis worked hard and in difficult circumstances. But the effort put in by so many does not detract from the fact that improvements in the crisis approach are both possible and necessary. This is the conclusion reached by the Dutch Safety Board in its report Approach to COVID-19 crisis, Part 1, published today. The research report examines the Dutch preparations for a pandemic and the approach taken during the first six months of the crisis. “The COVID-19 crisis touched people’s lives throughout the world. Here, the health crisis spilled over into the biggest social crisis we have seen in decades,” says Jeroen Dijsselbloem, chairman of the Dutch Safety Board. “The Netherlands proved to be vulnerable. This was due to the structures the government had in place for the health sector and the crisis response: they fell short given the nature and scope of the crisis.”

Improvising in an unprecedented crisis

The government and its advisors tried in various ways to minimize the uncertainties presented by this crisis. The lack of knowledge about the virus and the limitations of the testing policy in place in the investigated period meant that information on the spread of the virus and the effectiveness of the chosen approach was not sufficiently clear. Signals about social effects such as loneliness were snowed under in the advisory and decision-making process. “Dealing with uncertainty is part of a crisis,” Jeroen Dijsselbloem observes. “Advisors should not filter out uncertainties, but should rather put them forward to decision-makers including encouraging or disappointing scenarios. This is the only way decisions can be taken, and scenarios can be prepared in a timely manner.”

The Dutch government based its decisions on the advice of the Outbreak Management Team (OMT). This was a conscious decision. But it also meant that the Dutch focus during the first wave in the crisis of COVID-19 infections became overly fixated on the hospitals. Little attention was paid to the other effects of a crisis that was having an unprecedented impact on nursing homes, education, cultural institutions, and small and medium-sized businesses, among other sectors. These effects turned the health crisis into a wider social crisis. The Dutch Safety Board concludes that the government could have improved the effectiveness of its crisis response by making a greater effort to look further ahead and by seeking advice on a wider range of issues than the effects of the virus on acute care.

Limited government communication

During the early months of the pandemic, there was broad public support for the government’s approach. This decreased as the crisis continued. The government’s message failed to reach some groups in society, many of whom did not feel heard or did not agree with how the crisis was being handled. The Dutch Safety Board highlights the one-sided approach to crisis communication and argues that the government should engage more with citizens about their concerns and their needs. By being clear about what is or is not known about the course of the crisis while being less insistent, the government can avoid creating unrealistic expectations among the public about what the future might bring.

Nursing homes

This study takes a particularly close look at how the government’s approach to the crisis impacted on nursing homes. In the early stages of the crisis, all eyes were directed towards acute care and hospitals, and the government only had a limited view of the effects on non-acute care. The Board concludes that, as a result, the impact of the crisis on staff and residents in nursing homes was not adequately incorporated in the decision-making process. Despite the government’s stated goal of protecting the vulnerable in society, the focus was on the vulnerable COVID-patients in hospitals. Scant attention was given to the protection of vulnerable elderly people in nursing homes during the first period. This had serious consequences. It meant that initially protective equipment was primarily made available to hospitals and acute care, and not to nursing homes. When the gravity of the situation in nursing homes became clear, the government issued a ban on visits at the request of the nursing home sector. The social and psychological impact of this measure was keenly felt, leading to loneliness and in some cases denying family members the opportunity to say goodbye to loved ones who lost their lives. The Board speaks of a “silent disaster”: about half of the COVID-related deaths in the Netherlands up to September 2020 were nursing home residents.

Learning lessons for the future

From the numerous interviews conducted by the Dutch Safety Board, it is clear that, across all sectors, those involved in combating the crisis worked hard, while also coping with the effects that the crisis and the Covid measures were having on their private lives. Despite the tremendous resilience that the Board has seen, it is essential that the Netherlands looks closely at the early stages of the pandemic and learns lessons for the future. Because the responsibility for dealing with the COVID-19 crisis lies with the government, the Board addresses all of its recommendations to the government: Strengthen crisis preparedness within government by further developing scenarios and formulating the effects of those scenarios in greater detail. Develop the capacity to improvise. Adapt crisis structures by incorporating an implementation assessment and by considering long-term implications alongside an acute crisis-approach as part of the decision-making process. Ensure that you have an accurate and up-to-date view of the crisis and a good sense of the effect measures will have. Be acutely aware of the needs of vulnerable groups and monitor the approach to make sure that it is working for them. Lastly, when tackling a crisis, there should be a clear separation between the role of the advisors (the experts) and the role of the decision makers (the government officials). The government and parliament should explicitly make and account for the far-reaching considerations they sometimes inevitably have to make in very difficult  circumstances in a crisis.

Fundamental intervention is needed to ensure Dutch digital safety and security

The Netherlands’ approach to digital safety and security needs to change rapidly and fundamentally to prevent Dutch society from being disrupted by cyber-attacks. This is the conclusion reached by the Dutch Safety Board in its report ‘Vulnerable through software’ published today. The Board investigated security breaches that occurred in thousands of organizations due to vulnerabilities in Citrix software. Jeroen Dijsselbloem, Chairman of the Dutch Safety Board, commented, “These incidents show that Dutch government organizations and businesses are highly vulnerable to cyber-attacks. They highlight the lack of a national structure capable of alerting all potential victims of cyber-attacks in a timely manner.”

Attacks via Citrix
On 17 December 2019, Citrix disclosed a vulnerability in its software and took temporary measures to mitigate the risks. But before the thousands of organizations using Citrix could be made aware of the acute risks and install the temporary measures, attackers had penetrated some systems. The National Cyber Security Centre (NCSC) issued a direct alert to the Dutch national government and vital operators, for which it considers itself responsible. Other organizations and the wider business community were not alerted directly by the NCSC, leaving the attackers free to infiltrate digital systems on a large scale. To this day, attackers have illegal access to systems and data in organizations. They can use this capability at any time to disrupt business processes and services, and affect privacy and security.

Manufacturers’ responsibility
Secure software is primarily the responsibility of the manufacturer. The Dutch Safety Board argues that manufacturers should invest greater resources on a more continuous basis to improve software security. At present, manufacturers inundate software users with patches and updates to fix flaws in their software without coming up with structural solutions. There are no instruments to provide software purchasers with independent insights into the security of the product they are buying. In addition, customers often lack the expertise and power to demand more secure software from the manufacturers. Some customers do not recognize the importance of doing so.

Limited government approach
As things stand, early warning systems do not reach all organizations that use software and are therefore potential victims of cyber-attacks. The NCSC sees no legal mandate for itself in terms of warning organizations beyond national government and vital operators. The Dutch Safety Board believes it is essential that the government should adopt a centralized approach to identifying threats and issuing quick and direct warnings to all potential cyber-attack victims, backed by a sufficient mandate and legal safeguards.

Recommendations of the Dutch Safety Board
Society is becoming increasingly dependent on digital systems. Manufacturers, governments and organizations will have to work together to come up with an effective approach that will make the Netherlands more resilient to cybercrime. This requires manufacturers to improve the security of their software on a fundamental and continuous basis. The Dutch Safety Board recommends that software quality requirements be set at a European level to compel software manufacturers to take responsibility for the security of their products. The Board advises the relevant government bodies and the business community to join forces. By working together, they can strengthen their position in relation to the software manufacturers and make better use of their limited expertise.

Within government, the monitoring of digital safety and security can be regulated in the same way as the monitoring of prudent fiscal policy as laid down in relevant legislature. Such legislation requires a single government official and a central service to oversee the relevant processes, to intervene where necessary and to be held accountable. The Board also recommends that larger companies and organizations be held legally accountable for how they manage their digital safety and security.

The report and recommendations are on the research page 'Vulnerable through software - Lessons resulting from security breaches relating to Citrix software'