An international coalition of more than 40 civil rights organizations and security experts is “gravely concerned” about a Dutch proposal to break into foreign computers and search and delete data. In a letter handed over by Dutch digital rights organization Bits of Freedom to the minister of Security & Justice yesterday, the coalition urgently calls upon the minister to withdraw his proposal. The proposal will be debated in Dutch parliament this week.
The proposal would grant powers to the Dutch police to break into computers, including those located in other countries, in order to search and delete data and install spyware. The Dutch government argues that the new powers are required to effectively combat cybercrime in the Netherlands.
According to the international coalition, the proposal poses serious risks to the human rights and cybersecurity of individuals worldwide. This is aggravated by the fact that countries will likely follow the initiative of the Netherlands. This will lead to a situation where countries will enforce their local laws on foreign computers. These local laws would not solely address cybercrime, but also issues deemed illegal in other countries, such as blasphemy and political criticism.
The coalition strongly urges the minister to withdraw his proposal. The letter is signed by more than 40 members of civil society (see below). These include civil rights organizations such as the Electronic Frontier Foundation (US), Privacy International (UK) and European Digital Rights (EU). In addition, renowned security-experts and software developers Bruce Schneier (US), Richard Stallman (US) and Ron Deibert (Canada) signed the letter.
List of signatories:
April – France
Access – International
Agorà Digitale – Italy
Alternative Informatics Association – Turkey
Article 19 – UK
Association for Technology and Internet – Romania
Bitbureauet – Denmark
Bits of Freedom – Netherlands
Bruce Schneier – US
Chaos Computer Club – Germany
Civil Rights Society Vrijbit – Netherlands
Digitalcourage (FoeBuD) – Germany
Digitale Gesellschaft – Germany
Digital Rights – Ireland
Electronic Frontier Finland – Finland
Electronic Frontier Foundation – International, US
European Digital Rights (EDRi) – Europe
Foundation for Information Policy Research (FIPR) – UK
Free Press Unlimited – Netherlands
Global Voices – International
Humanistic Association – Netherlands
Imaginons un réseau Internet solidaire (IRIS) – France
International Modern Media Institute (IMMI) – Iceland
Internet Protection Lab – Netherlands
Internet Society – Bulgaria
IT-Political Association of Denmark – Denmark
Iuridicum Remedium (IuRe) – Czech Republic
La Quadrature du Net – Europe, France
Net Users’ Rights Protection Association – Belgium
Netzpolitik – Germany
No2-ID Foundation – Netherlands
Open Rights Group – UK
padeluun – Germany
Panoptykon Foundation – Poland
Parents Online – Netherlands
Platform for the Protection of Civil Rights – Netherlands
Privacy First Foundation – Netherlands
Privacy International – UK
Quintessenz – Austria
Richard Stallman – US
Ron Deibert, Director, The Citizen Lab and Canada Centre for Global Security Studies, University of Toronto – Canada
I have mixed feelings on this one.
In principle, I agree with BoF and the other signatories. It’s dangerous. Not only for civilians, but also for the government itself. It may (technologically) backfire, with a lot of risks for information security.
On the other hand, countries like the US, Russia, China, Iran etc. already use these methods, also in The Netherlands. So I wouldn’t mind my government having the (legal) opportunity to countermeasure this.
Trouble is, I’m not sure the Dutch government dares to use it on ‘allies’ or ‘friends’. It probably will be used mainly on Dutch civillians (and not only the criminal ones).
So, as I said: mixed feelings, here. Tending to opposing it.
Firstly: Tools of any kind have historically proven to be used in ways they weren’t built for, especially by governments. The same goes for power. Combine this with current bureaucracy, and you’ve got the recipe for a nightmare.
Secondly: Countermeasures are fine, but these are not defensive techniques, but rather offensive ones. Weapons in their own right (spyware, trojans). As you said, the Dutch populace is the most likely target.
Defense against digital incursions is good, but following the Chinese in their murky practices is just ridiculous.
Besides, the thing with these proposals is that they are based on fear-mongering, doubt and misinformation. There is no way that by allowing officials to use these tools there’s going to be improvement in anything in The Netherlands. The only thing that happens is that the officials gain more power, and that in itself is enough reason to oppose it vehemently.
Reaction on your First:
Governments, historically, also use tools and power for good things. We tend to forget that, because that’s what governments are for. Not saying it’s the case in the current situation (it’s even very doubtful, I agree), but let’s not make an automated conspiracy out of it.
Reaction on you Second:
Countermeasures can tactically be offensive and therefor strategically defensive. It has some nasty side-effects (like an arms race), but it’s still a countermeasure.
Putting my hair splitting aside, I agree with your reaction. That’s why I’m against this proposal.
[…] At the same time other countries, such as China, will use the powers as a justification for their own activities. They will follow the Dutch example by allowing their police to use the same methods, including hacking abroad, in order to delete controversial data. Civilians will become the victims in an arms race between hacking governments. International cooperation, especially in the field of cybercrime, will be at stake. Therefore, it’s not surprising that an earlier version of the proposal was met with global opposition. […]
Odich
I have mixed feelings on this one.
In principle, I agree with BoF and the other signatories. It’s dangerous. Not only for civilians, but also for the government itself. It may (technologically) backfire, with a lot of risks for information security.
On the other hand, countries like the US, Russia, China, Iran etc. already use these methods, also in The Netherlands. So I wouldn’t mind my government having the (legal) opportunity to countermeasure this.
Trouble is, I’m not sure the Dutch government dares to use it on ‘allies’ or ‘friends’. It probably will be used mainly on Dutch civillians (and not only the criminal ones).
So, as I said: mixed feelings, here. Tending to opposing it.
Mark
@Odich: Two things.
Firstly: Tools of any kind have historically proven to be used in ways they weren’t built for, especially by governments. The same goes for power. Combine this with current bureaucracy, and you’ve got the recipe for a nightmare.
Secondly: Countermeasures are fine, but these are not defensive techniques, but rather offensive ones. Weapons in their own right (spyware, trojans). As you said, the Dutch populace is the most likely target.
Defense against digital incursions is good, but following the Chinese in their murky practices is just ridiculous.
Besides, the thing with these proposals is that they are based on fear-mongering, doubt and misinformation. There is no way that by allowing officials to use these tools there’s going to be improvement in anything in The Netherlands. The only thing that happens is that the officials gain more power, and that in itself is enough reason to oppose it vehemently.
Odich
@Mark
Reaction on your First:
Governments, historically, also use tools and power for good things. We tend to forget that, because that’s what governments are for. Not saying it’s the case in the current situation (it’s even very doubtful, I agree), but let’s not make an automated conspiracy out of it.
Reaction on you Second:
Countermeasures can tactically be offensive and therefor strategically defensive. It has some nasty side-effects (like an arms race), but it’s still a countermeasure.
Putting my hair splitting aside, I agree with your reaction. That’s why I’m against this proposal.
Usenet
Opstelten is the worse Dutch minister I have ever seen.
This plan is one of his dumbest things a Dutch politician ever tried to do.
Freeman
I quite like reading through an article that will make people think.
Also, thanks for permitting me to comment!
Dutch hacking proposal puts citizens at risk « Bits of Freedom
[…] At the same time other countries, such as China, will use the powers as a justification for their own activities. They will follow the Dutch example by allowing their police to use the same methods, including hacking abroad, in order to delete controversial data. Civilians will become the victims in an arms race between hacking governments. International cooperation, especially in the field of cybercrime, will be at stake. Therefore, it’s not surprising that an earlier version of the proposal was met with global opposition. […]