Wednesday, 12 July 2017 - 10:41

Dutch Senate approves data mining law

A majority in the Eerste Kamer, the Dutch Senate, voted for implementing a new data mining law that will give the Dutch intelligence services the authority to intercept data on a large scale. The new law was drawn up by Interior Minister Ronald Plasterk and will take effect on January 1st, NOS reports.

The biggest change the new law brings about is giving intelligence service AIVD and its military counterpart MIVD the power to intercept more internet communications. Currently the services are only allowed to tap into individual internet connections. In the new law they can do so on a larger scale. So far the government hasn't given information about how this power will be used. But documents NOS received last ear showed that the government is considering tapping into WiFi hotspots and chat apps, according to the broadcaster.

The new law also gives the intelligence services more power to hack into people's devices. Currently your computer, phones and tablets can only be hacked when you are suspected of a crime. Under the new law, you can also be hacked if someone you know is suspected of a crime. The idea is that the intelligence service's 'targets' are often so well protected digitally that they can't be hacked, so now the intelligence services can get to them through a friend or family member. By hacking into a device, the services can read or destroy documents on it, or listen in on conversations through the device's microphone, according to NOS.

Finally the law also states that the AIVD and MIVD can now use companies as informants, instead of only individual people. As with human informants, companies can now also provide the services with real-time information on a voluntary basis. This is similar to the revelations that got NSA whistleblower Edward Snowden in so much trouble three years ago, according to NOS. He revealed that NSA was able to retrieve information from Microsoft, Google and Apple servers, among others.

To balance out these extra powers, the services will be subject to more supervision. A new review committee will be established to check whether these data mining capabilities are used properly.

While this new law faced relatively little opposition in politics, the resistance in society was much greater. Civil rights organizations, the Council for the Courts of Justice, the Dutch Association for Journalists, the scientific council for government policy WRR and the Council of State all criticized the data mining law.

Privacy activists are particularly concerned about the AIVD and MIVD being able to get information through companies' back doors. The question is which companies will give the secret services voluntary access to their servers, and how voluntary this access will really be. "I think people are not yet able to estimate the consequences of this", David Korteweg of Bits of Freedom said to NOS. He points out that it may well be more beneficial for companies to give the services access than to deny them.

Information law professor Nico van Eijk wonders how strict this new review committee will be in practice. "It very much depends on how the committee will work", he said to the broadcaster. "This is a law with many open ends."