AIVD and MIVD must permanently delete data
The General and Military Intelligence and Security Service (AIVD and MIVD) must destroy the data of millions of Dutch citizens. The supervisor instructed the services to do so. In a letter to Bits of Freedom, the cabinet confirms that they have three months at the latest.
That writes the civil rights organization in a press statement.
Minister ignores supervisor’s advice
The AIVD and MIVD were created to watch over the national security of our country. To fulfil this task, the intelligence services collect large amounts of data from millions of Dutch citizens. For this, they use a technique called ‘snapshotting’ . The internet cable is then tapped for two hours.
This mountain of information contains a lot of irrelevant data. But given the amount of data, the security services cannot simply judge that: they need time to analyze the bulk data. The Intelligence and Security Services Act (Wiv 2017) states that they have a year and a half to do so. They must then indicate within two weeks how and when they will destroy unnecessary data.
The intelligence services have exceeded the retention period several times. The Commission of Supervision of Intelligence and Security Services (CTIVD) reprimanded the AIVD and MIVD for this, but without success. The then Minister of the Interior and Kingdom Relations Kajsa Ollongren did not intervene.
Services get three months to destroy data
Bits of Freedom found the state of affairs unacceptable and decided to take action. At the end of May, the civil rights movement filed a complaint with the CTIVD. She demanded that the security services destroy all non-relevant data as soon as possible. “The amounts of data that the secret services have started to collect about us are so large that the services can no longer handle it themselves. They assess that data too late, and as a whole mountain. As a result, they channel huge amounts of data from you and me into their systems, without that data being relevant to an investigation,” said Bits of Freedom.
The regulator investigated the matter and concluded that the security services had stored the data of millions of Dutch people for too long. The CTIVD ordered the services to destroy five data sets.
The cabinet is now also tackling. In a letter, Defense Minister Ollongren and Interior Minister Hanke Bruins Slot inform Bits of Freedom that the data has already been rendered useless. The services have three months at the latest to destroy all non-relevant data.
Mumps advocates binding supervision
The interest group is pleased with this outcome. But there is no solution to the underlying problem yet. “This whole process shows that the oversight of the secret services is not strong enough. That really has to be different. We, therefore, remain committed to binding oversight that does not depend on organizations such as Bits of Freedom. So that your rights and freedoms are better protected,” said BoF director Evelyn Austin.
If we are to believe the civil rights movement, the services must permanently destroy all superfluous data. The government previously made a reservation: bulk datasets containing data for research against threats from abroad could be kept. “There is still work to be done to see which data you can still use because they are part of ongoing research. Those sets contain things that you may not want to throw away and that you do not have to throw away from the CTIVD,” a spokesperson for the AIVD said last month.
Catch up on more articles here
Follow us on Twitter here