The board of the Dutch internet exchange AMS-IX proposed to its members to expand to the United States. The vote on this will take place on September 27. Bits of Freedom likes to provide the members with a few considerations when voting.
One of the most significant worries brought forward by members is that the NSA by this expansion would be legally authorised to gain access to data handled on the Dutch AMS-IX. An advice of a US lawyer to the board of AMS-IX suggests that these concerns are not justified. This is broadly in line with messages we received from a friendly lawyer. The advice to AMS-IX’s board is, however, not very clear on this point, and given the interests at stake, we deem it important to attract clearer advice from a US lawyer specialised in US intelligence services.
More importantly, the leaks on the NSA of the past months demonstrate that the NSA is very aggressive in gaining access to private data, up to the point that one can question to what extent legal restrictions pose a relevant check on its activities. By expanding into the home territory of the NSA, AMS-IX will give the agency further opportunities to break into the Dutch AMS-IX, through technological and social means. We do not know to what extent the board considered these risk and whether the members have been informed about these risks.
For the sake of completeness: we already deem these risks to be present for the Dutch AMS-IX, and expansion would merely increase those. We were thus dismayed when AMS-IX at a hearing at the Dutch parliament discussing information security stated that it did not consider the Dutch secret services to be part of its threat model. We hope AMS-IX since then has started considering the NSA and the Dutch secret service as a part thereof. This is even more relevant as a Dutch law will be proposed which would give the Dutch secret service the powers to wiretap internet traffic on a large scale.
Lastly, as the leaks show, the US in the past decade covertly built a far-reaching surveillance infrastructure targeting millions of ordinary citizens. It, together with other services such as the UK service GCHQ, intercepts and stores intimate communications on a large scale, including for example at cable landing points. It exchanges information, also with the Dutch secret services. While journalists are still busy uncovering the scale and depth of this infrastructure, the US government keeps on defending its necessity. It is therefore possible to question the political wisdom of expanding into such a country, but such an expansion should at the least be accompanied by serious plans to contribute to ending this surveillance infrastructure.
Users will not be able to enjoy the internet if they are under permanent surveillance. AMS-IX and its members bear a responsibility in ensuring that this surveillance infrastructure is broken down, in the US, but also in The Netherlands.