The police should be allowed to hack into mobile phones and computers, even when these are located abroad. This is proposed by the Dutch government on May 2nd of 2013. While this appears to be a powerful asset for law enforcement, in reality it creates unnecessary vulnerabilities for citizens. Also, the proposal ignores several alternative solutions. The police already has the necessary means to fight cyber crime, but fails to apply them, due to limited resources and knowledge. Cyber crime must be addressed by expanding the resources of the police. Therefore the solution lies in expanding these resources rather than expanding the powers of the police.

The controversial proposal (in Dutch) doesn’t only allow the hacking of mobile phones and computers, it extends to spying on users and the deletion of data. It would also include devices which are located abroad. Furthermore, keeping your password secret from the police and fencing on the internet becomes, to a certain degree, punishable.

Combating cyber crime is important, but through this proposal we’re rushed into legislation which is unnecessary and raises serious safety risks for citizens.

The police lacks knowledge and resources

The police already has the necessary powers to act against cyber crime, but fails to act adequately. A recent publication by McAfee stated that over one hundred command & control servers are located in the Netherlands. It is possible to take those servers off line, investigate the data trail and block the internet connection of the server. But apparently none of this is being done, due to the lack of expertise and capacity.

Innocent civilians become victims

Instead, Opstelten, the Dutch minister of Justice, focuses on a very infringing hacking methods which turns civilians into victims by introducing additional safety risks. Examples from Germany show how easily the spyware used by the police could be abused by criminals. The same goes for backdoors in software, which are necessary to enable the police to hack computers. Furthermore, it is unclear how anti virus software should (and will) respond when it traces this spyware.

Slippery slope

At the same time other countries, such as China, will use the powers as a justification for their own activities. They will follow the Dutch example by allowing their police to use the same methods, including hacking abroad, in order to delete controversial data. Civilians will become the victims in an arms race between hacking governments. International cooperation, especially in the field of cybercrime, will be at stake. Therefore, it’s not surprising that an earlier version of the proposal was met with global opposition.

The government should withdraw this proposal

In conclusion: the proposal of the government is bad for our cyber security. The government should be fixing security problems instead of creating them. Furthermore, more attention should be paid to improving the basic security of computers. Bits of Freedom urges the government to reconsider this proposal.

We call upon everyone to share their concerns and opinions on this proposal with the Dutch government.