Tag Archives: Tweede Kamer

Dutch Intelligence Agencies AIVD/MIVD go TEMPORA

On November 21, 2014, the Dutch Ministry of the Interior and Relations within the Realm (Ministerie van Binnenlandse Zaken en Koninkrijksrelaties),¬†sent a message to Parliament about the — in their view — necessary changes that need to be made to the Wet op de inlichtingen- en veiligheidsdiensten (Wiv) 2002 (Intelligence and Security Act 2002). The old law (Wiv 2002), differentiates between cable-bound and non-cable-bound (as in: satellite or radio) communications, and gives the intelligence agencies different powers for each of these two cases. In general, under the old law, according to Article 27, it’s legal for the AIVD and MIVD to bulk-intercept non-cable-bound communications. It isn’t legal for them to do so for cable-bound communications (as in: internet fibre optic cables, etc.) In this latter case, of cable-bound communications, it’s only legal for them to intercept the communications of specific intelligence targets (as put forward in Articles 25 and 26). In the case of targeted surveillance, the intercepted information can come from any source.

outline_dutch_intercept_network

An outline of the new Dutch interception framework. Click for larger version. Official document in Dutch can be found here.

The Dessens Committee concluded (PDF, on pages 10 and 11) that this distinction between the various sources of the communication (cable vs non-cable) is no longer appropriate in the modern day and age, where the largest chunk of the communications in the world travel via cables. The way the cabinet wants to solve this problem is by changing the law such that the AIVD and its military sister MIVD can lawfully intercept cable-bound communications in bulk, expanding their powers significantly. So, in other words, the Dutch government is planning to go full TEMPORA (original source PDF courtesy of Edward Snowden), and basically implement what GCHQ has done in the case of Britain: bulk intercept everything that goes across the internet.

Why does this matter?

This matters because by bulk-intercepting everything that goes across the internet, the communications of people who aren’t legitimate intelligence targets get intercepted and analysed as well. By intercepting everything, no-one can have any expectation of privacy on the internet anymore, except when we all pro-actively take measures (like using strong encryption, Tor, OTR chat, VPNs, using free/open source software, etc.) to make sure that our privacy is not being surreptitiously invaded by the spooks. It is especially important to do this when there isn’t any proper democratic oversight in place, which could stop the AIVD or MIVD from breaking the law, and provide meaningful oversight and corrections to corrupting tendencies (after all, as we all know, power corrupts).

Also, the Netherlands is home to the second-largest internet exchange in the world, the Amsterdam Internet Exchange (Ams-IX), second only to the German exchange DE-CIX in Frankfurt. So a very large amount of data goes across Ams-IX’s cables, and this makes it interesting from an intelligence point of view to bulk-intercept everything that goes across it. This was previously not allowed in the Netherlands. Now, of course, if the AIVD wanted access to these bulk-intercepts, it could simply ask its sister organisation GCHQ in Britain. There is a lively market for sharing intelligence in the world. For instance, in many jurisdictions where it would be illegal for a domestic intelligence agency to spy on their own citizens, a foreign intelligence agency has no such limitations, and can then subsequently share the gained intel with the domestic intelligence agency. But now, they are building their own capacity to do this in Amsterdam on a massive scale.

In terms of intelligence targets, the AIVD currently focuses on jihadists, Islamic extremists, and due to their historical tendencies still left over from the BVD-era, left-wing activists. The BVD’s surveillance on the left-leaning portion of the Dutch population was legendary.

Legalising certain practices of intelligence agencies is something that we see more and more, which is what happens here.

Lawyer-client confidentiality routinely broken

A few weeks ago, I read on RT that MI5, MI6 and GHCQ routinely snoop on lawyers’ client communications. In the Netherlands, lawyer-client communications are routinely intercepted by police, prison administrations, and intelligence agencies. In a normal criminal case with the police or prisons doing the intercepting, this is illegal, and any intel gained isn’t supposed to end up in court documents. But in the case of intelligence agencies doing the intercepting, this is currently legal since there are no legal provisions prohibiting the Dutch intelligence community from not recording and analysing lawyer-client communications. But in a few occasions, these communications did end up in court documents. This strongly indicates that these communications are routinely intercepted and analysed. There is in fact a whole IT infrastructure in place to “exclude” these communications from the phone tap records, for instance. On this page, the Dutch Bar Association is explaining to their members how to submit their phone numbers into this system so that their conversations with their clients are (ostensibly) excluded from the taps (only the taps by Police though, the intelligence community is, as I’ve explained above, not affected by this.)

This trend is incredibly dangerous to the right to a fair trial. If one cannot honestly speak to one’s lawyer any more, where every word spoken to one’s lawyer is intercepted and analysed, suddenly the government holds all the cards, and will always be one step ahead. How can one build a defence based on that?

The Netherlands is by the way still the country with the dubious distinction of having the largest absolute number of wire-taps in the world, and that’s just gleaned from (partial) police records. We don’t even know how much the AIVD and MIVD tap, since that information is classified, and “threatens national security if released,” which in my opinion is spy-speak for: “We tap so much that you’d fall off your chair in outrage if we told you, so it’s better that we don’t.”

Instead of holding the intelligence community accountable for their actions for once, and make these practices stop at once, the government has always taken the position of legalising current practices instead, which, if you are the government minister responsible for the oversight on the intelligence community, sure is a lot easier than confronting a powerful intelligence agency, which maybe holds some dirt on you.

All of these developments are so dangerous to our way of living and any sane definition of a free and open, democratic society where government is accountable to the people that they claim to represent, that it makes me want to proclaim, as Cicero exasperatedly proclaimed in his first oration against Senator Catilina:

“O tempora! O mores!”

In the Roman case, Catilina conspired to overthrow the Republic & Senate, and Cicero was frustrated that, in spite of all the evidence presented, Catilina was still not sentenced for the coup, whereas in previous times in Roman history, Cicero noted, people have been executed based on far less evidence.

Maccari-CiceroNow we have the situation, that in spite of all the mountains of evidence we now have, thanks to Snowden, governments around the world still won’t take the prudent and necessary steps to hold the intelligence community to account. We need to take action, and start to encrypt. As soon as the vast majority of the world’s communications are encrypted using strong encryption (not the ones where the NSA “helpfully” gives NIST the special factor to use for calculations in their standardisation of a crypto algorithm, all for free), soon, blatantly collecting everything will be of no use.

Privacy in danger, but there’s light at end of the tunnel

Note: This article is also available in Portuguese, translated by Anders Bateva.

Last week I read an article about the plan by the National Police of the Netherlands to connect all CCTV cameras to the national camera network which is operated by the police. SurveillanceThe upper echelon of the Dutch police is currently secretly writing their policy document entitled¬†Sensing, in which the definite plans will be written out in further detail. It would be interesting to know the contents of this secret report, since I’m pretty sure all the standard, same old arguments about why this should be implemented will be brought to the table again. They will probably say that it’ll prevent crime and deter hoodlums, etcetera. We’ve read the arguments for it again and again, but fact of the matter is that more cameras doesn’t mean less crime, CCTV cameras have never stopped criminals from committing a crime, they are ineffective, and it’s an invasion to our privacy, especially when it’s all connected into a single, nation-wide network, recording all our movements. It’s the Panopticon! This then gets stored indefinitely, because governments the world over only remember the ‘delete’ command (‘rm -rf’ if you will) when it’s in their interest to delete stuff. All other stuff (like these camera images, but also information stored by our various intelligence agencies, financial information, the sites you visit, your e-mail, call records, medical records, etcetera) never gets deleted. That’s why the NSA is building their new data-bunker in Bluffdale, Utah, to create more storage space so they get to keep storing all kinds of data about our lives that goes over a wire. And our intelligence agencies are all in on it. Dutch Home Office Minister Ronald Plasterk had a bit of a row with parliament, with MPs being angry about a tiny parliamentary technicality, namely that Plasterk lied to them, claiming the NSA collected metadata on 1.8 million phone calls in the Netherlands, while it was in fact our own intelligence service, the AIVD, doing it. The sad thing of our political system is that they put all the focus on this tiny parliamentary technicality, when they totally forget about the big picture, namely that 1.8 million phone calls were being tapped, and that we should do something about this. 1.8 million is an enormous number for a country of 17 million people. Even more scary is that the parliamentary commission which is supposed to provide oversight over the intelligence community, the Commisie van Toezicht op de Inlichtingen- en Veiligheidsdiensten (CTIVD), also known as Commissie Stiekem, had no knowledge about this, and didn’t know that this was even happening. So much for oversight. The problem with oversight over intelligence agencies is that because of the very nature of these agencies they keep their information a secret, and they can lie to our elected representatives with impunity, and there’s no way to check until someone brave enough to blow the whistle steps forward.

This House Would Call Edward Snowden A Hero: 212 yay, 171 nay

Edward SnowdenMeanwhile, at an Oxford Union debate last week in Oxford, United Kingdom, the Union passed a motion to call Edward Snowden a hero by 212 votes against 171. It was a lively debate, both from the members of the proposition and the members of the opposition, and I have to side with the proposition, because without people like Snowden, who has given up his previous comfortable life on Hawaii to blow the whistle, the world would have never known about the crimes of the spies. Eventually there comes a point where you’re asked to forget about it! so many times and about such egregious crimes that you can no longer look at yourself in the mirror any more, and something has to be done, the people need to be informed. During the debate I heard the opposition say that Snowden “violated his oath”. This is an argument that popped up again and again in various articles I’ve read in which people vilified Snowden. In fact, he didn’t swear an oath to secrecy, no-one does. He swore an oath to the Constitution of the United States; to uphold the Constitution. He hasn’t violated the Constitution; the U.S. government and the NSA in particular violated it. Yes spies spy, that’s not surprising, but they claim all is done in the name of national security, when it is in fact often corporate espionage that these intelligence agencies engage in. It’s about making sure the lucrative contract goes to Boeing instead of to Airbus; it has nothing to do with national security, but more with corporate profits. And there’s no meaningful oversight whatsoever: these people lie with impunity. That alone is already endangering our very democracies, having people with absolute power without any form of effective oversight is very detrimental and damaging to our very democracies and free societies. Snowden mentioned that whilst working at Booz Allen Hamilton, he had the power to tap everyone, including the President of the United States. And he wasn’t the only one with that kind of security clearance either. In the United States, almost 5 million people have a security clearance, with more than 1.4 million people having access to TOP SECRET documents. Imagine what kind of information the intelligence community has about the private life of the President and his family, and how a less honest person might use that. It would be easy to blackmail the President into doing the spooks’ bidding! And in the United States, more and more tasks that used to be done by government exclusively (like intelligence), is now being done by companies like Booz Allen Hamilton, or Academi (which I like to call: the company previously known as Blackwater USA). This is a very scary development because these companies have profit as their basic motivation. They do not have our best interests at heart. Lord Acton wrote in 1887:

“Power tends to corrupt, and absolute power corrupts absolutely. Great men are almost always bad men, even when they exercise influence and not authority, still more when you super-add the tendency or the certainty of corruption by authority. There is no worse heresy than that the office sanctifies the holder of it.”

Chelsea Manning Receives Sam Adams Award 2014

Also at the Oxford Union last week, the Sam Adams Associates for Integrity in Intelligence awarded Chelsea Manning their award for the year 2014, meant for people who display extraordinary integrity in intelligence. The group and award was named after Sam Adams, a CIA intelligence analyst, who in 1967 discovered that there were far more Communist forces under arms in Vietnam, roughly twice the number U.S. command in Saigon would admit to. This intelligence revealed that the Pentagon was vastly under-reporting the number of enemy forces. But I digress.. Collateral MurderChelsea Manning revealed, by releasing the Collateral Murder video to WikiLeaks, that U.S. forces were committing war crimes. This showed the crew of a U.S. Apache attack helicopter firing away at unarmed civilians, Reuters journalists, and a father who was bringing his children to school and stopped his van to help one of the Reuters journalists who tried to drag himself onto the curb, heavily wounded. The U.S. forces were yelling like it was some sort of snuff video game, it’s absolutely horrific, and these people should be brought to trial and charged with war crimes and crimes against humanity. Because that’s what it is. Chelsea Manning displayed extraordinary courage in releasing these documents, and rightly deserves this award. Meanwhile, I’m looking forward to the day the U.S. government and the crew of the Apache helicopter in question, are indicted for multiple counts of war crimes and crimes against humanity. At which point the United States will invoke the American Service-Members’ Protection Act (also known as the The Hague Invasion Act). But that’s another story.

Security Measures against Terrorism: Costs v. Benefits

Note: This article is also available in Portuguese, translated by Anders Bateva.

Plasterk in Tweede KamerA few days ago, the Dutch Home Office Minister Ronald Plasterk said in a debate in parliament¬†that he’s apparently OK with the American intelligence community, the NSA among others, to spy on the Netherlands. His reasoning is flawed from the get-go, and went somewhat like this (paraphrased): “I don’t want to say that Dutch citizens may never be spied upon. Because that Dutch citizen can also be a stone-cold terrorist. And it’s good if that terrorist can be found.” Here’s the full quote (in Dutch):

“Ik wil dan ook wel oppassen om in het woordgebruik bijvoorbeeld te zeggen: ja maar, er mag nooit naar Nederlandse burgers worden gekeken. Want die Nederlandse burger kan natuurlijk een keiharde terrorist zijn, en dan zijn we toch blij dat die op een gegeven moment ergens op de rader verschijnt, en dat moet natuurlijk volgens de wetten gebeuren, maar dat die op de radar verschijnt, en dat er vervolgens actie kan worden ondernomen.”

Plasterk later denied saying that, but he did in fact say this during the debate. More evidence can be found here.

Is No Price Too High For Security?

Benjamin Franklin once said something like “They who give up essential liberty to obtain a little temporary safety, deserve neither liberty nor safety.” This quote has been used a lot, but it is applicable here. The question we need to answer is the following: When do security measures stop benefiting the greater good, and infringe on our privacy and liberty, which are values that used to define our very societies? When does the price we have to pay for that little extra security becomes too great? Combating terrorism certainly seems like a very noble goal, and while I do agree that there are some people out there who aim to change our societal structures through violent methods (although one has to note that one man’s terrorist is the other man’s freedom fighter; the definition of the term is a bit in the eye of the beholder), there does come a point where the price we have to pay for a little increase in security becomes too great, compared to the potential benefits.

Terrorism is Really Rare

Chances Terrorist Attack One thing we have to understand is that acts of terrorism on the scale of 9/11 or the London public transport bombings on 7/7, awful as they may be, are still very rare indeed. Extremely rare in fact. Even President Obama has said so, although he does have an interesting choice of words. The chance that you’re involved in a traffic accident tomorrow are several orders of magnitude greater than the chance that the next aircraft you are in will end up in a building instead of on the runway. This is also valid for other acts of terrorism, not just the ones involving aircraft. And even the TSA agrees now that terrorists are not plotting against aviation. So why do we still have to cope with all the draconian security measures then, if it’s clear that it didn’t help one bit? You see the same thing happening with CCTV cameras. Governments and corporations put these things up everywhere, but there isn’t the tiniest shred of evidence that these cameras actually help prevent crimes. But still the TSA and their European counterparts continue to tell people to leave their water bottles and baby food and butter knifes at the checkpoint. Bruce Schneier put a lot of thought into this problem, and he said that we currently try to protect against specific movie-like terrorist plots, instead of doing a thorough risk analysis and protect ourselves with more generic measures that may actually work against multiple types of plots. Terrorists bring down aircraft, so we increase security at airports; terrorists used box cutters, so we ban box cutters; someone brought a bomb on board hidden in his shoe, so we’re telling people to take their shoes off. These are all very specific actions taken against these types of movie-like plots. The security measures taken here are way too specific to work against anything other than the movie plot attack. As soon as terrorists modify their plan just one tiny bit, the entire strategy to combat them becomes ineffective. Humans are unfortunately excruciatingly bad at evaluating risks, and if you give them a very specific, movie-like terrorist plot, they will rate the risk from that much higher than it is in reality, because of the specificity of the plot. We humans have evolutionary been conditioned to consider specific threats a greater risk than a more general threat. On Wired, Schneier states:

If you’re a higher-order primate living in the jungle and you’re attacked by a lion, it makes sense that you develop a lifelong fear of lions, or at least fear lions more than another animal you haven’t personally been attacked by.

We are conditioned to think: it happened once, so it’s likely that it’ll happen again. And you see politicians using that knowledge to their advantage. It is insightful to consider that most measures we’ve currently taken against terrorism, would never even be considered had the events of 9/11 not happened.

Moving On..

With regard to the comments made by Mr. Plasterk: I think a lot of politicians still think that the United States is one of the ‘good guys’, when there’s more and more evidence coming out that politically speaking, it is not our ally, and certainly not our friend. They serve their own self-interests, just like any other nation on earth, and it’s important to never forget that. I even heard some politicians say that we should demand that Dutch citizens shall be treated the same as Americans under US law. It is laughable to think that the Americans across the pond will say: “Oh no! We angered the Dutch! Quickly change our laws to treat them the same as we treat Americans before they start re-colonizing New York!” At most, what these politicians will get is a nice letter from the US Embassy in which they solemnly promise that it will never happen again, meanwhile not changing their laws or practices in the US. And the NSA happily continues to trample upon their NATO allies’ rights. And our politicians are apparently very happy to accept that. We have to reconsider our position and alliances after the numerous disclosures of classified documents by whistle-blower Edward Snowden. For what good is a friend who spies on you behind your back? President Roussef of Brazil has taken decisive action by severing ties with the United States and even building new fibre optic cable connections that circumvent United States territory. Where is the outrage in Dutch society? Here, AMS-IX (the Amsterdam Internet Exchange, the second-largest Internet exchange in the world), sets up shop in the US, making it subject to the PATRIOT Act. Have these people been living under a rock these past months? Or are there other, commercial interests at play here? We need to start demanding answers while at the same time strengthening our own privacy protections. Privacy is a human right, nothing more, nothing less. We need to start using it, or risk losing it.