The secret services have been calling for more powers and less supervision for a long time. And they do not shy away from seizing crisis situations. There is now a new proposal on the way, which gives the secret services virtually free rein.
In the Intelligence and Security Services Act 2017, the secret services were given powers with which they can collect data of millions of citizens they are not investigating. It is not for nothing that we call this law the 'dragnet' law, and it was met with much resistance. This led to the Dutch population voted against it in a referendum. Nevertheless, the law was passed, with a number of promises and concessions.
Russia's invasion of Ukraine, however, is now being used to create momentum for an Act that does exactly that: Scaling down supervision and making the powers of the secret services even greater and more untargeted. The protection of our fundamental rights and freedoms will thus come off rather badly.
What is in the proposal?
The proposal is still secret, so we don't know everything yet, but we do know a few things based on articles by de VolkskrantRead the article by Huib Modderkolk in de Volkskrant here and NRCRead the article by NRC here. In the proposal the government gives the secret services a lot more power. The trend seems to be to make it easier to collect and process large amounts of untargeted data. A good example of this is the so-called 'targeting requirement'. As a result of the referendum results, this requirement to gather and process data as targeted as possible, was explicitly included in the law. It is now proposed to remove this requirement from the law.
The same trend is visible in the proposed power to deploy the so-called dragnet capability in a completely unfocused manner. The current interception capability has to be limited to a certain investigation. In the proposal this is abandoned in order to be able to use the tool for 'target discovery'. In other words: unfocused monitoring and listening to the entire Internet to see if there is something in it that interests the secret services.
The mountains of data that the secret services collect in this way must then be analysed with the help of algorithms that look for patterns and connections. At the moment, this still requires permission from the TIB, but this premission is scrapped in the proposal. The proposal also would make it easier for secret services to apply their hacking capability. Easier here means: without prior supervision. And that also applies to the devices of possible Dutch victims of a hacking attack.
Why this is a terrible idea
The capabilities that are proposed in this Act are very far-reaching and give the secret services virtually free rein. Will we soon be able to use the Internet without our data being analysed by the algorithms of the secret services?
And on top of that, with this law, the government is breaking down supervision. There is constant talk of making supervision 'dynamic' and moving it from the TIB, which has to give its permission beforehand, to the CTIVD. The CTIVD now only carries out checks during and after the event. But the main difference between these two supervisors is that only the TIB has binding powers, and can therefore really intervene. In this so-called 'relocation', supervision is therefore being sidelined. We must not let that happen.
When the Evaluation Committee came up with proposals last year that scaled down the TIB's supervision, there was an immediate reaction in Parliament. Various motions were submitted calling on the government not to scale down supervision. We do not want to detract from the humanitarian disaster that is now taking place in Ukraine as a result of Russian aggression or the threat that this poses to Europe and the Netherlands. However, this crisis should not lead us to blindly throw away safeguards and put our rights and freedoms at risk. That is not the way to protect a free and democratic Europe.