Dutch intelligence agencies hope to expand their hacking and wiretapping capabilities in response to the Ukraine crisis.

The Volkskrant, a reputable Dutch newspaper, claims to have seen a private bill that proposes to expand the hacking and interception capabilities of intelligence agencies in the Netherlands.

Since 2017, national hacking and interception capabilities have been limited and supervised by the TIB, an independent authority. In the draft seen by the Volkskrant, the government proposes new possibilities for large-scale interception of business and consumer Internet traffic. It also touches upon the hacking of suspect companies, institutions and citizens without obtaining permission from current supervisors and authorities.

Wiretapping

The draft proposes to permit automated data analysis (GDA) without the supervision of the TIB. GDA is used to automatically examine large amounts of data for patterns and connections between networks, telephones and computers. This constitutes a major invasion of privacy. Beforehand, intelligence services must specify the data they wish to process and prove that the analysis is as targeted as possible.

Additionally, the draft proposes to permit large-scale wiretapping to discover unknown targets. In the event of a clear digital threat such as the Ukraine crisis, the intelligence agencies will be able to intercept and query Internet traffic on a large scale. Again, the TIB’s permission would become redundant. The TIB only permits the wiretapping of pre-defined targets at this time.

Tracking and hacking

Furthermore, the bill seeks to ensure that intelligence agencies continue monitoring hackers and other targets after they switch devices. Currently, the AIVD and MIVD require permission for each device. In addition, the government requests approval to hack the victims of cyberattacks, which allows agencies to quickly gather intelligence after an attack.

Revanche for law from 2017

According to the Volkskrant, the bill conflicts with a recent ruling by the European Court of Human Rights (ECHR). European legislature requires member states to limit wiretapping and surveillance to a certain extent. In the Netherlands, compliance is ensured by the Intelligence and Security Services Act (WIV). Dutch intelligence agencies find their work unnecessarily difficult and limited due to the WIV.