Dutch Intelligence and Security Law


An attempt is ongoing to reduce oversight on the Dutch intelligence and security services, while simultaneously granting some new powers.

In this page I will try to explain how the law works and what these changes mean. I also provide some context from the European Court of Human Rights and the EU Court of Justice.

There is also a far longer page in Dutch.


The Dutch Law on Intelligence and Security Services defines a broad set of powers. It is also a somewhat odd law with a long history.

An English translation of a 2016 draft of the law can be found on the European Commission website. Note that this is a draft and it definitely differs from the law that is in force (Dutch).

A remarkable aspect of the law is that it is universally applicable - it extends as much powers to spy on Dutch people as those from other countries. There are no general protections for people from or in The Netherlands or in the EU. This stands in stark contrast to US legislation which provides some privacy protection to ‘US Persons’, but to no one else.

In addition, the powers can be used around the world - Dutch agencies are free to hack computers anywhere, or to intercept communications anywhere.


The services can investigate anything or anyone that gives rise to the suspicion that their activities or goals might be harmful for the survival of the system of democratic rule of law, for security or other important interests of the state. In addition, the services can investigate other countries.


The powers granted to the services are broad, but also largely ‘read-only’. The services do not operate drones (unlike the CIA), and they have limited powers to intervene or disturb things, with one exception.

  • Article 40: Observing and following people and objects
  • Article 41: Operate & instruct agents, who are allowed to break other laws under specific conditions
  • Article 42: Enter & investigate closed objects and premises
  • Article 43: Collect, store and match DNA data from people
  • Article 44: Intercept and investigate physical post and packages
  • Article 45: Hack ‘automated works’, computers in the very broadest sense of the word
  • Article 47: Intercept any form of (tele)communications from a specific person, organization of technical identifier
  • Article 48: Intercept & record whole cables
  • Article 49: Investigate data recorded under article 48 to find targets or technical identifiers
  • Article 50: Select part of the data recorded under article 48 for use in intelligence/security investigations
  • Article 54: Requisitioning data
  • Article 60: Perform automated analysis and “machine learning” on all data, including 48 data

Subjects of these powers

The law is somewhat unique that all these powers are only tied to the interests the services protect, and not to specific people. So unlike police forces, the services can spy not only on direct targets of investigation, they can also eavesdrop ’non-targets’ (who might know interesting things about targets) or even hack ’third parties’ that could function as a stepping stone to useful information.

Before the services can use their investigatory powers on non-targets or third parties, they do have to explain why this is the only way for an investigation to proceed.

Oversight, warrant process

For all of the powers, there must be internal sign-off. Depending on the nature, this sign-off can be mandated to lower ranking employees. The most infringing powers however need to be approved by the relevant minister. Then, the ex-ante regulator rules if this permission was obtained lawfully. The minister takes the political decision, the ex-ante regulator verifies this decision. The opinion of the ex-ante regulator is binding.

In addition, there is a non-binding ex-post regulator.

Administrative warrant extensions

The powers are available for use on people or organizations. If someone turns out to have an additional phone number, or starts using a different phone number, a warrant can administratively be updated with this new information. No new permission process is required. In addition, if a warrant was written to target an organization, if this organization was described well, newly discovered members of the organization can also be added to a warrant administratively.

Crucially, such administrative extensions can not be used to add non-targets or third parties - these can not have been a member of a well described organization.


The SIGINT or bulk interception powers are complicated. The intelligence and security law considers that the copying, collecting and storing of data is a lesser infringement than actually looking at the data. This is in line with recent European Court of Human Rights precedents. The infringement of privacy increases at every step of the intelligence process, from collection to storing to selecting relevant communications to exploiting such communications for intelligence/security purposes. Crucially however, merely intercepting and storing data is already an infringement that needs a justification.

Article 48 provides for the collection powers. Services need to describe why a specific cable is interesting, and what they expect to achieve with that data. They must also use a well-targeted cable, one that is expected to best provide the data the services are interested in. There are also some restrictions on traffic with origin and destination in The Netherlands.

Article 49 enables technical analysis of this data to see if it includes interesting targets or subjects. Article 50 meanwhile allows for the selection of communications for dissemination to intelligence teams.

Finally, with specific permission, article 60 allows for the algorithmic analysis of all data intercepted under article 48. It was not found possible to properly limit what “algorithmic analysis” might be, so this was left to the ex-ante regulator to determine. In an adversarial reading, “finding all email from a specific person” might be dressed up as an algorithmic analysis. This means article 60 could be an alternative to article 50, and thus it needs the same level of regulatory scrutiny.

Proposed changes

In the proposed additional ‘cyber law’, several things would change:

  • The non-binding ex-post regulator gets binding oversight powers on select capabilities. To actually stop an operation involves a heavyweight procedure which can also be stayed. In addition, the regulator needs a lot of new highly technical staff which has been hard to find.
  • Hacking operations no longer need to detail plans or technical risks to the regulator. These risks include the leaking of ‘zero days’, or damaging non-target or third party services. In addition, technical risk includes the possibility that the facilities installed by the services could be abused by yet other services or hackers.
  • Hacking operations no longer need to be tied to specific groups of people or organizations. It will become possible to hack into generic companies, for example to enable the retrieval of phone location data in the future. For such strategic hacks on infrastructure, no technical risks need to be described to the regulator.
  • Services gain the power to intercept and store any cable for a year, no matter where it leads to, and also store the data for a year. No justification needs to be given beyond that there is an interest in figuring out what traffic a cable carries. Data collected under this article may be investigated for a whole year, but not for any other purpose than finding targets.
  • In addition, the article 48 powers can now be applied based on ‘indications’ what the plans are with this data. The regulators are instructed to mostly study these indications, to the detriment of proportionality, subsidiarity and ‘as targeted as possible’. The indications are non-binding and the services have the liberty to do other things during the year if they need to. In effect, regulators do not have a lot left to regulate with this change.
  • The administrative permissionless extension of warrants is extended to NON-TARGETS. This means that if a hacker group is being targeted, warrants for eavesdropping, hacking, requisitioning are automatically extended to the victims of those hackers as well. This means that the additional test applied to non-targets is no longer required, and instead, non-targets now get less protection than targets.
  • Algorithmic analysis on bulk intercepted data no longer needs regulatory approval. Since it is not well described what this automated analysis entails, this is a large expansion of powers that are not regulated up front. The European Court of Human Rights argues explicitly that such automated analysis needs safeguards (see below)

Some context

  • CASE OF BIG BROTHER WATCH AND OTHERS v. THE UNITED KINGDOM - with particular attention to:
    • “330. The Court considers that Article 8 applies at each of the above stages. While the initial interception followed by the immediate discarding of parts of the communications does not constitute a particularly significant interference, the degree of interference with individuals’ Article 8 rights will increase as the bulk interception process progresses. In this regard, the Court has clearly stated that even the mere storing of data relating to the private life of an individual amounts to an interference within the meaning of Article 8 (see Leander v. Sweden, 26 March 1987, § 48, Series A no. 116), and that the need for safeguards will be all the greater where the protection of personal data undergoing automatic processing is concerned (see S. and Marper, cited above, § 103). The fact that the stored material is in coded form, intelligible only with the use of computer technology and capable of being interpreted only by a limited number of persons, can have no bearing on that finding (see Amann v. Switzerland [GC], no. 27798/95, § 69, ECHR 2000‑II and S. and Marper, cited above, §§ 67 and 75).”