Update on the Dutch “Dragnet-Act”: One step forward, two steps back?

21/07
After a referendum in 2018 where a majority of participants voted against the Intelligence and Security Services Act, a first Amendment Proposal has now been passed by the Dutch Senate. The slight improvements regarding oversight and safeguards that come with this Amendment are, however, put into question by the controversial recommendations of an Evaluation Committee that might significantly weaken effective oversight.

This blog was first published at about:intel.

A wolf in sheep\'s clothing?The millions of Dutch citizens that voted against the so-called “Dragnet-Act” – the Netherlands‘ Intelligence and Security Services Act – got two concessions: An Amendment to the Act and a promise that the Act would be evaluated early. Now, the Amendment, containing minor improvements, has passed the Dutch Senate. But the recommendations from the Evaluation Committee show that the promised evaluation was a wolf in sheep‘s clothing.

The controversial recommendations from the Evaluation Committee are being prepared by the Interior Ministry. The report of the Evaluation Committee contains fundamental proposals of which some have the potential to weaken effective oversight. The current government has ‘embraced’ the report by the Evaluation Committee and thus its recommendations. In the following debate, however, the government back-pedaled regarding what this endorsement means in actual practice. It is feared that the second proposal might harm the small improvements with regards to safeguards that were put forward in the first amendment that has just been passed.

In case you don\'t see the law through all the changesSince the process is getting complicated, let me take you back in time to provide some necessary context. In March 2018, millions of Dutch citizens voted against the new Intelligence and Security Services Act, or “Dragnet-Act,” in a referendum. The Dragnet-Act, which came into force just two months later in May 2018 despite the protests, allowed for large-scale untargeted interception of communications. The message from the referendum was clear: The law must be improved. Bits of Freedom campaigned for five central demands to improve the law: 1) The dragnet needs to be removed from the Act. 2) Unevaluated datasets should not be able to fall into the hands of foreign services. 3) More safeguards are needed for the service’s ability to get real time access to databases. 4) Zero Days must be reported. 5) The ex post oversight committee CTIVD needs binding powers.

Improvements were promised, materialising in a number of policies: the Amendment Proposal that was accepted by the Dutch Senate as well as the assurance to conduct an early evaluation of the Act, two years after it came into effect. At the time, Bits of Freedom described the proposed improvements as cosmetic, because many fundamental issues of the Act that had been the subject of the referendum were not addressed.

At this moment, the situation has slightly changed. Conducting an early evaluation was a promise made by the Dutch government to address the great concerns of citizens. The outcome of the evaluation, though, resulted in recommendations from the Evaluation Committee that threaten effective oversight of the Dutch intelligence and security services AIVD and MIVD. The report contains 57 recommendations such as proposals to reduce the number of surveillance powers which require ex ante approval by the independent judicial oversight body called TIB (Investigatory Powers Committee). Another proposal is to limit the ex ante approval power of the TIB to the collection of data, instead of taking into account the subsequent data use, too. This excludes the question whether data must be immediately deleted or may be shared with foreign services from the independent approval process. Since the current government ’embraced’ the evaluation report, it will most likely introduce additional Amendments addressing these topics.

The good stuff in this proposalAs said, I see the first Amendment that just passed as a missed chance to address the fundamental objections that civil society voices raised and as a missed opportunity to improve the Act. However, there are a number of adjustments which are a small step in the right direction:

The ‘as targeted as possible’ requirement is included in the law. This means that the secret services must exercise their surveillance powers in such a way that they are as narrowly targeted as possible. They also must demonstrate and justify what measures they use to comply with this requirement.
The TIB, the oversight committee that reviews the legality of surveillance authorisation before they are implemented, can appoint deputy members. With only three TIB members to oversee two intelligence services with thousands of employees, these additional members are urgently needed.
When exchanging unevaluated data with foreign services, the Dutch Review Committee on the Intelligence and Security Services (CTIVD) must always be informed. Previously, that was only required if the data had been collected with the dragnet capability.

Senators did see the connectionThe recommendations that have been made by the Evaluation Committee, however, would severely limit the TIB’s oversight of data collection by removing the further processing of collected data from its oversight mandate. This seems to be a contradiction to the ‘as targeted as possible’ requirement and the minor improvements to strengthen the legal safeguards when it comes to exchanging data with foreign services.

In the weeks before the Amendment was going to pass the Senate, the heads of both oversight committees published op-eds in national newspapers to draw attention to these important legal changes, which is quite exceptional. The head of the TIB even announced to resign from her post if the recommendations of the Evaluation Committee would be implemented, because she would refuse to be downgraded to a “stamping machine”. Performing a robust proportionality assessment on the collection of data would no longer be possible, if the TIB would no longer be allowed to take into account the subsequent processing of collected data.

From the discussion in the Dutch Senate, it became apparent that not only civil society voices and the oversight bodies are very concerned about the newly announced changes. The Senators asked highly relevant questions, such as how the Cabinet justifies proposing changes that would strengthen legal safeguards, while simultaneously embracing the recommendations from the Evaluation Committee to scale them down.

It would, indeed, be strange to respond in the first Amendment to the concerns expressed by citizens in the referendum, only to scale down oversight and safeguards again with the subsequent second proposal put forward by the Evaluation Committee.

Now what?The first Amendment Act has passed the Senate, and thus the adjustments in it are now part of the legal framework. We at Bits of Freedom continue to closely monitor how the recommendations from the Evaluation Report will be handled and we are actively taking part in the discussions that these recommendations have given rise to. We will be working hard to protect our rights and freedoms in that process leading to the next Amendment. And we call on our representatives in parliament to also pay close attention to this. The recommendations to scale down TIB’s oversight mandate should not be adopted, in my view. Supervision should in fact be strengthened with binding powers for the CTIVD.

The adventure that started with a sensational referendum and a government that repeatedly downplayed its results may have become less mediagenic, but certainly no less important. So even though the topic is not discussed in talk shows, you can still count on us to stay alert.

With many thanks to Philip Westbroek for the translation of the Dutch blog.

Datum: woensdag 21 juli 2021, 16:54
Bron: BitsOfFreedom
Categorie: Internet en ICT

Gerelateerde berichten:

Reacties:

Er zijn nog geen reacties op dit bericht.


Website by Web Chemistry