The hacking authority from the so-called towing law, which allows the AIVD and the MIVD to collect large amounts of data, is being investigated. This is announced by the Supervisory Committee for the Intelligence and Security Service (CTIVD).
The investigation addresses the question of whether the General Intelligence and Security Service (AIVD) and the Military Intelligence and Security Service (MIVD) comply with the law when deploying and applying hacks in which large amounts of data can be acquired.
The services may collect the bulk data sets based on the hacking authority. The authority was extended when the Intelligence and Security Services Act (Wiv), better known as the towing act, came into force in 2018.
By extending the hacking authority, the security services are allowed to collect and process large amounts of data, also known as bulk hacks. This should help the services to detect and investigate criminals and terrorists.
The bulk data sets consist largely of data from organizations and individuals who are not part of a survey. The law states that these data that are not relevant to the investigation must be destroyed as quickly as possible.
AIVD and MIVD did not comply with the Wiv in earlier investigations
Earlier this year, CTIVD published a report stating that the AIVD and MIVD did not yet comply with the Wiv and that the services still had to do a lot of work. This included, among other things, the obligation to "collect and process data as specifically as possible".
The investigation into the extensive hacking authority is part of the evaluation of the Wiv. The regulator wants to publish a report in May 2020 with conclusions about the implementation of the Wiv.