Phone Tapping

Watching the Watchers

Oversight of the intelligence services is now the big topic. While half the population apparently expects their phones to be tapped, politics is finally starting to rumble on the issue. Its been a long time coming.

Back in January 2001 Dutch Defence Minister Frank de Grave informed parliament that the United States would soon be able to collect data from everything, including cable communications. That was before 9/11. The events of that September morning only multiplied a thousandfold the determination of the US intelligence apparatus to avoid anything similar again – an understandable reaction. But to succeed, they also needed the cooperation of allied services for data, information, sources, access. Nothing strange here: Madrid, London, van Gogh, there were enough threats and enough foiled plots to cooperate.

Yet it pretty soon went in extreme directions. Invading Iraq based on fake evidence. Abu Ghraib. Guantanamo. Rendition. Security at what price? And was this even about security at all, or was the US itself going rogue? Twelve years on and the surveillance practices of the NSA look more sinister than safety-first.

Phone Tapping

Code-breaking and surveillance has been going on for centuries, but what is different now is the scale. The problem is that collecting everything does not mean preventing every threat from becoming a reality. What does this actually produce? Who checks this? Most would be in favor of an effective intelligence/security service, but we also need to see effective oversight from both the government and the parliament. The services are still part of the apparatus of the state, and the state should be democratically accountable.

These days, few people seem to have good words for the AIVD. Leadership problems, awkward relations with the political masters at the Ministry of Interior. Unable to present itself and what it does in an effective way. Defensive. The MIVD, smaller and better at staying out of the headlines, gets more respect. How the two work together in the future is a crucial issue for Dutch security. The recently-created Joint Cyber-Security Unit, with over 300 personnel drawn from both services, is a potential step forward, but its the NCIV that is driving this, and its too early to tell if its a real paradigm shift. Both services have been through a difficult year of budget cuts, in particular the AIVD, which at one point faced the end of its international role.

One way forward would be that the MIVD becomes the international service and the AIVD the domestic, as it was before 2002 with the BVD. It is difficult to change institutional cultures like this. But keeping the AIVD’s international role means introducing cuts elsewhere, and now we have the Minister of the Interior Ronald Plasterk saying that less attention will be given to security for governmental communications. This is no solution either.

Security for Governmental Communications

Lack of effective oversight is now the main issue. Last weekend the NRC, with its Dutch Snowden Series now up and running, focused on the AIVD’s practice of targeting suspect websites and collecting data on all the users, while the 2002 Intelligence and Security Law (WIV) only permits gathering data on specific suspects.

The Dessens Committee issued a report on Monday covering the legal basis for the Dutch services. Dessens was set up in line with the long-standing agreement to examine the 2002 law after ten years. Unsurprisingly, the report states that the (WIV), which does not allow for data retrieval from cables, is now inadequate and needs updating. The report balances these extra powers with extra controls from the CTIVD. But the report did not have a mandate to examine exactly what the serves have been doing, or why – it is a document concerned purely with the legal ramifications.

The CTIVD will be issuing its own report at the end of the year, but that will be another missed opportunity. It was supposed to cover how the Dutch services gathered ‘big data’ and what information was being drawn from it on suspects (or otherwise). Instead its aim was altered to cover the ‘specific needs’ of the services. Dessens hardly mentioned the issue of cooperation with foreign services – it remains to be seen how far the CTIVD report will cover it as well.

Beyond that, there is little evidence that the so-called ‘Committee Stiekem’, which keeps the parliamentary party leaders informed, plays any useful role at all.

Not only has the level of political oversight always been poor, but the standard of reporting in the media has not been much better. The collection of big data by the NSA does not refer to eavesdropping, its purely the gathering of telephone numbers, IP-addresses, material from which networks can be mapped. All the attention goes to the AIVD, but the Netherlands really has three services, with the National Signals Intelligence Organisation (NSO), set up in 2007, being the third. Considering its capabilities, the NSO is in many ways the most relevant in the NSA debate. Yet so far Plasterk has received the most criticism, while the Ministry of Defence’s MIVD has been left alone, and hardly anyone ever mentions the Ministry’s responsibility for the NSO.

In fact, the service that actually carries out the most collection of communications data, that tracks the most individuals and that makes the Netherlands one of the most ‘tapped’ countries in general, never gets a mention at all: the National Police. They are not covered by the CTIVD and they are not in the Dessens report either.

To its credit, the Dessens report does also emphasize the need for greater transparency – it recognizes the role of the media in raising issues of concern, and it even promotes the value of historical research on the intelligence and security services. It is to be hoped that at least this aspect will be carried through.…