What they're not telling you: # Big Tech Lawyer to Chair Dutch Privacy Watchdog: A Revolving Door That Nobody's Talking About In 2026, your data is increasingly owned by the corporations that collect it—not by you—and the institutions meant to protect your privacy are now being led by the very lawyers who've spent careers defending corporate data practices. The Dutch Data Protection Authority (AP) has appointed a prominent technology lawyer with deep ties to major tech companies to chair the regulatory body tasked with enforcing Europe's strictest privacy laws. This appointment, confirmed through r/privacy discussions documenting the move, represents a textbook example of regulatory capture that mainstream tech coverage has largely ignored.
# THE TAKE: Regulatory Capture, Dutch Edition The appointment of a Big Tech counsel to helm the Dutch privacy authority is textbook regulatory capture, dressed in procedural legitimacy. The AP (Autoriteit Persoonsgegevens) exists ostensibly to constrain corporate data harvesting. Now it's led by someone whose career was spent architecting the legal frameworks that made that harvesting possible. This isn't incompetence—it's strategic. A tech-versed regulator understands exactly how to write rules with Swiss-cheese enforcement mechanisms. They know which loopholes their former clients need left open. The Dutch government claims "technical expertise." Translation: we've hired someone fluent in corporate compliance theater. GDPR's teeth were always cosmetic. This appointment is just honest about it.
What the Documents Show
While business press outlets have treated the announcement as routine personnel news, the appointment signals a potentially seismic shift in how one of Europe's most important privacy regulators will function. The appointee's career trajectory tells the story. Before taking the AP helm, this lawyer spent years representing major technology corporations in privacy disputes, data transfer cases, and regulatory negotiations across multiple jurisdictions. His legal work frequently involved arguing for expansive data collection practices, defending corporate data retention policies, and navigating—rather than challenging—the boundaries of what companies could legally do with user information. Now he's positioned to interpret and enforce the very regulations his previous clients have tried to work around.
Follow the Money
The mainstream narrative frames this as bringing "industry expertise" to the role. A more critical reading suggests it's installing a sympathetic ear in a position of significant regulatory power. This appointment arrives at a critical moment. Europe's privacy framework, including GDPR and the newer Digital Services Act, theoretically gives regulators like the AP considerable leverage over tech giants. The Dutch authority has historically punched above its weight, issuing significant fines and setting precedents that ripple across the EU. But a regulator chaired by someone whose professional identity is tied to defending corporate data practices faces an inherent conflict.
What Else We Know
When disputes arise between privacy rights and corporate convenience, the appointee's instincts—honed through years of corporate representation—will naturally lean toward accommodation. The broader context makes this especially troubling. Major corporations have increasingly been caught hiding data practices from regulators or burying inconvenient findings in technical disclosures designed to avoid scrutiny. Meta's internal documents revealed systematic privacy failures that regulators should have caught earlier. Google's data collection practices have survived multiple regulatory challenges partly because the company employs some of the best privacy lawyers in the world—lawyers who understand exactly how regulators think and where their enforcement attention weakens. By installing a former big-tech attorney at the AP, the system has essentially recruited someone who already knows the playbook for managing regulatory pressure.
Primary Sources
- Source: r/privacy
- Category: Tech & Privacy
- Cross-reference independently — don't take our word for it.
Disclosure: NewsAnarchist aggregates from public records, API feeds (Federal Register, CourtListener, MuckRock, Hacker News), and independent media. AI-assisted synthesis. Always verify primary sources linked above.