The Commission of Oversight of the Intelligence and Security Services (CTIVD) has investigated the provision of personal data by Dutch intelligence and security services to foreign services between September 2019 and March 2020. At the General Intelligence and Security Service (AIVD), the researchers found that everything was mostly in order. At the Military Intelligence and Security Service (MIVD), on the other hand, there is still room for improvement.
The CTIVD comes to this conclusion in the 73rd supervisory report, which was published on Tuesday.
This is what you need to know about the CTIVD
The Committee of Supervision of the Intelligence and Security Services (CTIVD) is a committee that checks whether the AIVD and MIVD comply with the rules laid down in the Intelligence and Security Services Act (Wiv 2017). The law describes the security of the power services have to watch over our national security. It states, among other things, that the services may intercept and process internet traffic, but also under what circumstances they may hack into computers and information systems and share data with foreign information services.
Of course, this cannot be done lightly. Security services are not allowed to use their powers as they see fit. All this is done under the strict supervision of two committees – the CTIVD and the Assessment Committee Deployment of Powers (TIB) – and only after the Minister has given his approval. In this way, the government tries to find a balance between justified privacy infringement and the right to privacy.
When the Wiv 2017 was drafted, policymakers, politicians and critics were concerned about the international cooperation between our security services and foreign partners and the exchange of personal data. Before the law came into effect, it had been agreed that the CTIVD would keep a serious and attentive eye on this subject. And that was a good thing: previous investigations showed that the AIVD and MIVD did not have their affairs in order in this area.
Both AIVD and MIVD go wrong
In the latest investigation report, the CTIVD evaluated whether the AIVD and MIVD lawfully shared personal data with foreign intelligence and security services between September 2019 and March 2020. The Commission looked at dozens of examples.
The CTIVD has come to the conclusion that mistakes were made at both services when sharing (personal) data with foreign services. Both the AIVD and the MIVD must act more carefully when they share information with countries with an ‘increased risk profile’. These are countries where it is known or suspected that, for example, human rights are not respected, or that they prey on high-tech knowledge and expertise from our country.
Security services must get to work and improve working methods
At the AIVD, the process of providing data to foreign intelligence services was largely in order. In policy, the AIVD provides for specific guarantees, such as a written motivation of the necessity and proportionality of the provision, advice from legal matters and permission by the head of the AIVD, the CTIVD writes. In practice, illegalities occurred in the use of overarching permissions and of a group assessment. The service must develop these subjects in policy and work instructions in the short term, the Committee advises.
At the MIVD, the researchers found that the process design left something to be desired. This is because internal policy in which umbrella authorization notes for research assignments played a prominent role had not been implemented. As a result, in more than half of the cases, the correct permission was not granted. “For the majority of the disclosures, there was no permission and in no case was a motivation recorded,” according to the CTIVD. As with the AIVD, the Committee advocates further elaboration of these subjects as soon as possible.
The CITVD has asked the outgoing cabinet to present a plan within three months to improve the working method at the AIVD and MIVD.
Cabinet promises recovery
Outgoing Minister of the Interior and Kingdom Relations Kajsa Ollongren and outgoing Minister of Defense Henk Kamp write in a policy response that they are grateful to the CTIVD for their research and recommendations. They promise to come up with a plan before the end of the year outlining a plan of approach to improve international cooperation with foreign security services.
“We endorse the importance of effective safeguards in cooperation with foreign services, a subject that has been discussed a lot around the implementation of the Wiv 2017. Over the past period, the CTIVD has conducted several in-depth investigations into various aspects of international cooperation and reported on the progress in the progress reports. We are grateful to the regulator for its efforts in this area.”
Catch up on more articles here
Follow us on Twitter here