The opposition is afraid of changes to the intelligence law: will citizens suffer?

According to the outgoing government, the Netherlands is unable to adequately protect itself against hackers and cyber attacks. Today the House of Representatives will vote on an amendment to the Intelligence and Security Services Act (Wiv) that will make it easier to detect cyber attacks and thus better protect our security and economy. Opponents criticize, such as SP and Forum for Democracy. They fear that so much information will be extracted that citizens, journalists and lawyers will become victims.

The SP and FVD want to prevent intelligence services from collecting unnecessary data that could violate everyone’s privacy. Cybersecurity expert Inge Briand says on NPO 1’s Good Morning Dutch that she can understand this fear. But she suspects it stems from “the fact that most people don’t understand the difference between ‘bulk interception’ and ‘targeted interception’.”

“Interception is literally eavesdropping on signals and intercepting them. High volume means you literally put a big cut on the cable and copy an entire portion of Internet traffic and then look at it with a specific mission in mind,” Brian says.

Therefore, services will not simply look at what you are doing online, but will look for the technical specifications of a cyber attack. “This is very different from tapping someone’s phone.”

Did you miss Good Morning Netherlands? Watch the episode here Back on the NPO Begins.

Identify cyber attacks

Brian says Wiv has been around since 2018 and is ready to modernize. Over the past year, there have been numerous examples of major cyber attacks, such as the attack on the KNVB, various Dutch ports, and the International Criminal Court in The Hague. “There are tens of thousands of attacks every day,” Brian says. Really big attacks aren’t something that happens every day. This requires more time to prepare and we can make a difference by sharing data about what those attacks look like.

“When you encounter it, you don’t immediately know what you’re dealing with. The majority of attacks on our systems are criminal in nature, about 99%,” says the cybersecurity expert. “A very small portion belongs to countries, and then you have to really think In Iran, Russia and China, but also the United States and the United Kingdom. Let’s make that clear.

WNL Haagse Lobby previously did this podcast about our digital security. Listen to it below:

More flexibility is needed

Brian says changes to the law will see a shift in surveillance, making it easier to detect such attacks. For example, if the AIVD and MIVD now wanted to conduct an investigation, authorization would have to be sought and assessed by two supervisors of the intelligence and security services. “This is the CTIVD Committee, which has been doing its work since 2002. Then there is the Use of Powers (TIB) assessment, which has been in place since the law was amended in 2018.” The change in law transfers some of the TIB’s functions to a larger committee that looks at the entire work of the services, according to Bryan.

The cybersecurity expert explains that if you want to see a cyberattack, you first have to create a picture by analyzing a lot of data. “Then at a certain point you see something happening and you have to look into it. “Then you may be in the wrong place and have to look elsewhere, or you may have to take that into account as you work,” the cyber expert explains. “There is no such flexibility.” If you always have to ask for permission in advance to specifically view everything.” The main advantage is creating more flexibility.

Read also:

ChatGPT paradise for cybercriminals: Experts warn of a flood of phishing emails

See more

By: Matthias Molblock