The Netherlands’ Review Committee on Intelligence and Security Services (CTIVD) has turned up serious statutory violations by the General Intelligence and Security Service (AIVD) and the Military Intelligence and Security Service (MIVD) in how they handle large-scale databases containing sensitive personal information. According to the CTIVD report, more and more intelligence units are working with massive data sets, yet there is no central oversight in place to ensure compliance with established requirements. Instances have come to light where access to classified information was granted to a number of employees without proper clearance.
What is referred to as bulk data collection can encompass millions of records on individuals’ personal data, including names, phone numbers, and geolocation information. This data may be sourced from other government agencies as well as from private companies.
Intelligence services draw on such information to look into threats relating to terrorism and espionage. However, the law lays down strict protocols for handling this type of data: access must be confined to a narrowly defined group of authorized personnel, and any superfluous information has to be wiped.
Evelyn Austin, director of the civil liberties group Bits of Freedom, has voiced concerns over the steady expansion of intelligence agencies’ authority. “They keep showing they can’t even manage the powers they’ve already been given,” Austin remarked. “They’re not getting their data management in order, and they’re not letting the law rein them in.”
