The hacking authority from the so-called towing law, which allows the AIVD and the MIVD to collect large amounts of data, is being investigated. The Supervisory Committee for the Intelligence and Security Service (CTIVD) announced this on Wednesday.
The investigation addresses the question of whether the General Intelligence and Security Service (GISS) and the Military Intelligence and Security Service (GISS) complied with the law when deploying and applying hacks whereby large amounts of data can be acquired.
The services may collect so-called bulk data sets based on their hacking authority. That authority was expanded when the Intelligence and Security Services Act (Wiv), better known as the towing act, came into force in 2018.
The expansion allows the security services to collect and process large amounts of data, also known as bulk hacks. This should help the services to detect and investigate criminals and terrorists.
The bulk data sets consist largely of data from organizations and individuals who are not part of a survey. The law states that such data that are not relevant to the investigation must be destroyed as quickly as possible.
AIVD and MIVD did not comply with the Wiv in earlier investigations
Earlier this year, the CTIVD published a report stating that the AIVD and MIVD did not yet comply with the Wiv and that the services still had to do a lot of work. This included, among other things, the obligation to "collect and process data as specifically as possible".
The investigation into the extensive hacking authority is part of the evaluation of the Wiv. The regulator wants to publish a report in May 2020 with conclusions about the implementation of the Wiv.