The new law on the intelligence services is satisfactory in many areas, but needs to be improved here and there. That is the main conclusion of the evaluation committee that examined the law.
In addition, the investigation shows that the intelligence services, the new power that was most discussed, the broader power to tap conversations, has not yet yielded anything in practice.
Among other things, the committee wants clearer rules for processing large amounts of data. Stricter rules must also be introduced for sharing data with foreign intelligence services.
Three years ago there was much to do about the intelligence act, which gives the intelligence services AIVD and MIVD more powers. A majority voted against in a referendum. The law was nevertheless introduced, but with the promise that it would be re-evaluated after it was introduced. That has now happened.
One of the new powers under the new law was widespread data interception. This was much criticized: opponents spoke of a ‘drag net’ and called the law the ‘drag law’.
Two and a half years after the introduction of the law, data is being tapped, but that information has not yet been used in practice.
The previous intelligence law allowed only targeted tapping, from a specific person or organization. The new law also allows larger amounts of connections to be searched.
In practice, it turned out to be difficult to arrange this technically and organisationally, and it took a while before the watchdog of the intelligence services gave its approval to the plans. In the meantime, experiments have been carried out with tapping, to see what exactly goes over the line. But that data was not used in practice during the research.
In the current law there are strict rules for tapping data. This may involve large amounts of data, including from innocent civilians. But if the AIVD or MIVD gets exactly the same data through a different route, for example by hacking, then the rules are much more flexible. That is strange, according to the committee.
There has been criticism for some time about the lack of regulations for so-called ‘bulk hacks’, whereby data of innocent civilians can also be seized. That is why unambiguous rules should be introduced for dealing with such large amounts of data, the committee believes.
Stricter rules for exchanging data with foreign intelligence services are also necessary, the committee believes. For example, the services should do their best to retrieve the data of Dutch people and people in sensitive professions such as lawyers and journalists from datasets before they are shared with a foreign service.
At the same time, the law is also an improvement, the committee believes. For example, the services have been given extra powers, and on the other hand, there is extra control over their functioning.