I thought it was already posted here that you can submit most of the info and leave out certain fields and still receive the coin.  The Dev has to find a healthy balance so people aren't scamming the system and only the Dutch are receiving coins.  

The current method is the down and dirty method, which yes, is causing a slight uproar.  Though it's not as if this can't be changed, I still haven't seen any solid recommendations to how they should proceed that protects your identities AND wards of identity spoofing to receive coins.  

There's 2 worst case scenarios that I see regarding the distribution.

1)  Site gets hacked/database gets compromised and that information is leaked (bad).  This is easily remedied if he purges the database to offline storage every 24 hours and encrypted.  Ensuring the information of the individual is not kept online and easily accessible.  Since it's just for verification purposes anyway, after the coin is handed out, there's no need for it to be accessible online anymore.

2)  The system is changed with less strict information.  Spoofers find a loophole and get coins that were supposed go to the Dutch citizens, pre-mine doesn't have enough to cover all Citizens.  Thus the whole trust factor is gone, and the system fails.

1 is the easiest workaround for now.

2 I don't see as feasible, too risky.

I'd recommend almost going through a third party verification system.  I don't know if your country has one (short of government levels of course), but that would be the happy medium.  Bottom line, there's always a risk.  Sony's been hacked, Yahoo's been hacked, Target's been hacked, the list goes on.  Millions of user information and CC and such distributed (and those are just in the last two years).  The internet is a "risky" place, you jeopardize your privacy for the freedom of it by going on it daily.  I'd assume your country has safeguards in place for identity theft, I know we do.  I've never, in over a decade of IT experience had someone get identity theft and the CC/Bank not cover them for losses completely.  

I suspect if the dev is passionate about this project, safeguards will be put in place over time, and things will be improved to quell concerns.

IDK if you guys follow world news, but consider my country (USA) healthcare.gov site.  First few days into it all information was no more secure than this dev's site, and that's my government with enormous spending, social security #'s, etc all non-encrypted across the front end.  Let's face it, in terms of security on the net, most dev's tend to be reactive, not proactive unfortunately.

I recommend you guys just keep positive, send in some ideas that are functional rather than offering no solutions and just complaining.  If realistic ideas come up, and the dev's don't follow it, then you can pounce on them.

Sorry for the novel, just trying to keep things constructive.