Two weeks ago Emerce reported that the major Dutch banks had streamlined their terms and conditions with regards to theft resulting from phishing.
The new terms and conditions, which will come into effect on 1 January 2014, set out five conditions phishing victims must meet to be able to claim damages from their bank. Customers must:
- Never give their passwords to anyone.
- Never let others use their bank card.
- Adequately protect the equipment they use for electronic banking (i.e. install virus scanners and so on).
- Regularly check their bank statements.
- Report incidents right away.
Financial news site Z24 believes that these new rules are bad news for bank customers—they will have to pay for the damages of phishing attacks themselves in a greater number of cases. The site quotes Jurgen Braspenning of Tilburg University who accuses some consumers of being lazy and careless. “It would seem that extremely unfair or dubious cases may still count on the kindness of banks in the future.”
A spokesperson for the Nederlandse Vereniging van Banken (Dutch association of banks) tries to downplay the effects of the new rules: “it is not our intention to make customers more often responsible for the costs and we don’t expect them to be.” According to Z24 the burden of proof is always with the bank.