Risk-based prioritization of oversight duties

The independent Danish Intelligence Oversight Board (TET) has devised a systematic approach  to  sequencing  and  scheduling  oversight  activities. What type of engagement or task is most pressing, and why is it required? If controlling data processing by intelligence services should take precedence, which database run by which service should be selected for which kind of inspection? To arrive at answers to these and similar questions, the TET uses a risk assessment to prioritize and schedule its work. Overseers calculate risk scores for specific intelligence systems within their oversight mandate; these scores help them to determine the types and timing of inspections and other oversight tasks. Once the TET has completed mapping all systems and devices of which it is aware and to which it has access, it applies a set of fixed categories to assess the risk associated with each system and its various sub-components. The risk scores serve as a basis for creating the annual oversight plan, which sets the priorities for the oversight body and provides an overview of all controls and oversight processes.


The CTIVD can review the weighting notes

The Dutch Review Committee on the Intelligence and Security Services (CTIVD) has the power to review the weighting notes on international cooperation partners and the subsequent international cooperation, as such. The CTIVD also has to be informed of any exchange of unevaluated data. The obligation to inform was broadened by policy rules. The law itself stipulates that the CTIVD has to be informed of unevaluated data from bulk SIGINT interception.

Parliamentary committee must be informed regularly about operational purposes

Section 142 of the Investigatory Powers Act details the procedure for specifying operational purposes for bulk interception. Any operational purposes must be approved by the Secretary of State (142 (6)) and must go beyond what is already prescribed in law (142 (7)). Every three months, “the Secretary of State must give a copy of the list of operational purposes to the Intelligence and Security Committee of Parliament” (142 (8)). “The Prime Minister must review the list of operational purposes at least once a year” (142 (10)).

Criminal liability for willful real-time surveillance conducted for an unlawful purpose

The criminal wiretapping statute contains a prohibition to engaging in real-time surveillance (18 U.S. Code 2511 (1)). The provision bans certain wiretapping activities and then creates exceptions to that general prohibition. Section 2511(4) exempts from this criminal statute lawful intelligence surveillance activity. But intelligence officials who conduct unlawful wiretapping are committing a crime. Criminal liabilities are rarely used in national legal frameworks on intelligence, but they could be an effective means to enforce compliance with regulations. Criminalizing certain forms of intelligence surveillance deters the misuse of surveillance powers. The penalty for intentional violations against the prohibition of real-time surveillance in the US wiretapping act can be up to five years of imprisonment (18 U.S. Code 2511(4)).

Prohibition of discrimination against protected classes through bulk collection

“In no event may signals intelligence (SIGINT) collected in bulk be used for the purpose of suppressing or burdening criticism or dissent; disadvantaging persons based on their ethnicity, race, gender, sexual orientation, or religion; affording a competitive advantage to U.S. companies and U.S. business sectors commercially; or achieving any purpose other than those identified in this section” (Section 2 of Presidential Policy Directive (PPD) 28).

Adequacy review of foreign cooperation partners

In order to assess which countries the services can share information with, weighting notes are drawn up on cooperation partners. These notes must be kept up to date and provide information on the basis of five criteria provided in law:

      1. a) the “democratic embedding” of the intelligence and security services in the country concerned;
  1. b) the respect for human rights in the country concerned;
  2. c) the professionalism and reliability of the service concerned;
  3. d) the legal powers and capabilities of the service in the country concerned;
  4. e) the level of data protection maintained by the service concerned.

Based on the five criteria listed above, Dutch intelligence services have to submit a weighting note for each foreign partner service they cooperate with. The weighting process requires several compulsory risk assessments on the basis of such notes. In addition, the pertinent policy rules from April 2018 state that unevaluated data from bulk cable interceptions may not be exchanged without the existence of a weighting note that covers this type of exchange. Put differently, in the absence of a weighting note for such a case, no sharing of unevaluated data can be authorized by the responsible minister. The Dutch review body, the CTIVD can review the notes and report to parliament whether it found them to be correct and adequate.

Annual review of any intelligence priorities by heads of departments

Section 3 of PPD 28 requires all competent department heads to “review any priorities or requirements identified by their departments or agencies and advise the Director of National Intelligence [DNI] whether each should be maintained.”

As-targeted-as-possible principle

The Dutch government proposed a policy rule that special powers have to be applied in as targeted a manner as possible. Arguably, the services are already bound by the general principle of proportionality, but introducing such a requirement in the intelligence law adds an accountability dimension and reinforces the need to deploy bulk collection methods only when less intrusive means are not able to achieve a given objective. The Dutch oversight body, TIB (Review Board for the Use of Powers), is requested to include the as-focused-as-possible principle in its regularity review, and the Dutch review body, the CTIVD (Dutch Review Committee on the Intelligence and Security Services), is tasked to report on this.

No discrimination between foreign and domestic data in intelligence collection

The Dutch intelligence law does not differentiate between national and foreign communications, thereby granting the same privacy protections to all. Given the unresolved technical challenge to accurately distinguish between national and non-national communications data, let alone the constitutional and human rights challenges to such an approach, this appears to be the most consistent and rights-based solution to the problem.

Avoiding discrimination based on citizenship in national intelligence laws does entail the risk, however, that a lower standard of privacy protections will be adopted for both citizens and non-citizens alike. This is simply because equalizing safeguards on a lower level appears to be easier and would allow for broader data collection than if the bar were raised for all. Ideally, national intelligence laws will aim for the highest possible protection for all communications data collection, regardless of the citizenship of the population under surveillance.


Strategic Planning

The first phase of the SIGINT process involves the identification and formulation of intelligence priorities. The process of strategic planning should draw on insights from previous assessments of collected intelligence and their value after analysis.