Memorandum of Amendment to ‘Temporary Act’ AIVD and MIVD sent to House of Representatives | News item

News item | 01-09-2023 | 16:09

This Memorandum of Amendment is an addition to the ‘Temporary law’ submitted at the end of 2022. This bill should enable the AIVD and MIVD to conduct effective investigations into the ongoing activities of countries with an offensive cyber program against the Netherlands or Dutch interests, even in the current international setting. Think of threats of disruption or sabotage of critical infrastructure such as payment traffic or the energy supply, but also of digital espionage aimed at innovative technologies.

Minister Bruins Slot: “The temporary cyber operations law is necessary because of the major cyber threat posed by countries such as Russia, China, North Korea and Iran. In order to counter this threat, it is necessary that the intelligence and security services can act more quickly and effectively. This temporary law is an important instrument for that”.

Minister Ollongren: “Every day we read about cyber threats facing the Netherlands. The AIVD and MIVD must be sufficiently capable of adequately dealing with this cyber threat. Waiting for a complete review of the legal framework within which they do their work will take a long time. This temporary law should bridge this gap.”

The additions to the Memorandum of Amendment mainly concern two points: provisions for bulk datasets obtained with special powers, and a binding prior assessment by the Toetsingscommissie Deployment Authorities (TIB) of permissions granted for the real-time interception of traffic and location data. Due to a number of developments, including a ruling by the Complaints Handling Department of the CTIVD regarding the relevance assessment of a number of bulk datasets, the government, together with the Supervisory Committee on the Intelligence and Security Services (CTIVD) and the Assessment Committee for Deployment of Powers (TIB), believes that in the interests of national security and for the protection of fundamental rights, these issues should be regulated as quickly as possible. It is therefore not possible to wait for the complete revision of the Wiv 2017.

In view of the nature and content of the proposed amendments, the Council of State was asked for advice earlier this year. The advice received from the Council of State has been embraced and incorporated into the Memorandum of Amendment as follows:
• There is better substantiation as to why the scope of the regulation extends to all bulk datasets acquired with special powers. In the original bill, this was limited to investigations into countries with an offensive cyber threat. This substantiation indicates, among other things, that bulk datasets fulfill an important function not only in investigations in the cyber domain, but in all investigations.
• A legal term of one and a half years has been included for the storage of bulk datasets, which can only be deviated from in case of urgent reasons with a view to national security.
• If it is desirable to deviate from the deadline, the criteria for assessing a request for a new deadline for a bulk dataset (maximum one year) are laid down by law. These criteria explicitly include the importance of protecting the privacy of citizens.