Dutch Government Details How It Will Allow Bulk Cable Interception For Intelligence Services
from the that's-the-way-to-do-it dept
Earlier this year, Techdirt reported on details that have emerged about how GCHQ and the NSA tap underwater cables carrying large quantities of the world's Internet traffic. Now, in a long and detailed post from Matthijs R. Koot, we learn that the Dutch government is planning to give similar powers to its own intelligence and security services. Dutch intelligence services can already carry out bulk collection of wireless communications, provided those have at least a foreign source or foreign destination -- that is, domestic bulk intercept is not permitted. A committee reviewed the law governing interception, and recommended that it should become "technology-neutral" so as to allow bulk collection of cable signals too. Most of Koot's post is taken up with a translation of the Dutch government's response to that recommendation. The new framework for interception consists of three phases:Goal-oriented collection [in Dutch: "doelgerichte verzameling"] of telecommunications,The response then goes on to spell out those safeguards, as well as describing other key areas, such as co-operation with network providers and data exchange with foreign security services. All-in-all, the document demonstrates nicely how a government can be transparent about the way that it is approaching bulk interception, but without jeopardizing any aspect of its operations. It's a pity other governments are unable to do the same.
preprocessing of intercepted telecommunications, and
(further) processing of the telecommunications.
In the first phase -- collection -- goal-oriented relevant data are intercepted and made accessible (for instance by decryption), after advance approval from the Minister based on an investigation goal defined as accurately as possible. Preparatory technical activities aimed at goal-oriented collection of data and making the data accessible, can be part of this phase. Individuals or organizations are not yet being investigated in this phase, meaning that the infringement on privacy is limited. The second phase -- preprocessing -- is aimed at optimizing, in broad sense, the interception process, in the context of ongoing, approved investigatory assignments using the collected data. As this optimization can require metadata analysis or briefly taking a look at the contents of telecommunication, the infringement on privacy is greater than in the first phase. In the third phase -- processing -- selection of relevant telecommunications takes place, and selected data are used to gain insight into the intentions, capabilities and behavior of individuals and organizations that are subject of investigation. In this phase, target-oriented investigation takes place, in which the contents of telecommunications and metadata are analyzed to identify individuals or organizations, and to recognize patterns.
An increasing insight into the personal life is thus obtained from phase to phase. The safeguards that will be laid down in legislation, must be stronger as the infringement on privacy is greater.
Follow me @glynmoody on Twitter or identi.ca, and +glynmoody on Google+
Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Filed Under: cable interception, netherlands, surveillance, tapping
Reader Comments
Subscribe: RSS
View by: Time | Thread
[ link to this | view in chronology ]
Re:
Note that at no point here have I said that the bulk data collection is a good thing.
[ link to this | view in chronology ]
Re: Re:
As usual, they're falling behind their targets. GCHQ (British) are inhaling hundreds of Gb/sec. tapping undersea cables, when in reality (eg.) ISIS isn't even using the net to communicate (except for PR purposes).
So what do Dutch taxpayers get for all the money spent on security services' eavesdropping, considering none of this eavesdropping has lead to a single arrest anywhere? The politicians should be questioning why they're going this way when it doesn't get them anywhere. What a lot of waste and nothing to show for it.
[ link to this | view in chronology ]
Re:
Way to go Glyn, this article really showcases your keen ability to accentuate the tiny piece of undigested nut in a big steaming pile of pooh.
It's no more complicated than this - If all communications are collected and stored, there is a 100% probability that that information will be abused to the advantage of those who control that information.
No other factors than the human nature of those who lust for power, money, and prestige need be entertained to come to this conclusion.
I hope you'll reconsider any future attempts to polish this turd.
[ link to this | view in chronology ]
Re: Re:
[ link to this | view in chronology ]
[ link to this | view in chronology ]
If I understand this correctly...if I send an email from my home in the Netherlands to, say, my neighbor through his gmail-account, because the google servers are placed outside of the Netherlands that communication can be intercepted?
The usual loophole......
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Response to: Anonymous Coward on Dec 1st, 2014 @ 4:21am
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
translation
Back to reading... :-)
[ link to this | view in chronology ]
Ah yes. In this phase, we will collect all information about everyone and store it in a convenient format for us to look at later. Since we will never have any employees that abuse power and will never have a data breach, the collection of this information is perfectly private. Oh, and we can catalog the contents of your closets and drawers, but until we actually decide we need to use this information against you, we have not violated your privacy.
Nice.
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Re: Re:
[ link to this | view in chronology ]
Re: Re: Re:
[ link to this | view in chronology ]
it's not that they are unable, they just dont want to. all this people surveillance to find terrorists is complete bullshit! they have no desire to find terrorists as they cant stop them from doing whatever it is they want to do. this is just an excuse being used to hide the real reason. that reason is that all the governments only want to be able to spy on their own citizens! they know they wont be able to find out where the terrorists are or what they're up to. they are in the main too clever to give themselves, their comrades or the intentions away. much easier to spy on us ordinary people. we've got nothing to hide, so dont have to let alone try to! the only time we are going to do so is when we get so pissed off at our governments, at home and abroad, spying on our every move, our every message, phone call and journey. that is going to force us to take the very measures the governments are scared we will take, but they will be to blame!! and we are within a smidgeon of that time now, but they are so stupid, wont take the hint and back off!!
[ link to this | view in chronology ]
[ link to this | view in chronology ]
How does decryption and scanning for relevance to a given "goal" happen before even reaching the "preprocessing" phase?
Individuals or organizations are not yet being investigated in this phase, meaning that the infringement on privacy is limited.
Looking at everything casually is much less invasive than looking at some things a little more closely?
The second phase -- preprocessing -- is aimed at optimizing, in broad sense, the interception process...
Collect everything possible (and decrypt it -- how?) in Phase One, then worry about the interception in Phase Two?
Is this just weirdness caused by translation? Awkwardness due to bureaucratic government terminology? Or are we looking at another case of nebulous "selectors" and capture & storage not counting as "collection"?
[ link to this | view in chronology ]
TOR
[ link to this | view in chronology ]