Dutch civil society groups sue government over NSA data sharing

They seek a court order to prevent Dutch intelligence services from using data obtained by other foreign agencies

A coalition of defense lawyers, privacy advocates and journalists has sued the Dutch government over its collaboration and exchange of data with the U.S. National Security Agency and other foreign intelligence services.

The coalition is seeking a court order to stop Dutch intelligence services AIVD and MIVD from using data received from foreign agencies like the NSA that was not obtained in accordance with European and Dutch law. It also wants the government to inform Dutch citizens whose data was obtained in this manner.

The legal proceedings were initiated in the Hague district court by the Dutch Association of Defense Counsels, the Dutch Association of Journalists, the Internet Society Netherlands Chapter, the Privacy First Foundation and five private citizens.

The coalition wants to close a loophole through which the Dutch intelligence services can obtain data on Dutch citizens from foreign intelligence partners that it wouldn't have been able to acquire through legal means in the country.

The action follows media reports based on documents leaked by former NSA contractor Edward Snowden that the U.S. and U.K. intelligence agencies have engaged in the mass collection of electronic communications and phone call records on a global scale.

Dutch Minister of the Interior Ronald Plasterk confirmed recently that the NSA collected information on 1.8 million Dutch phone calls during a single month last year.

The Netherlands is reportedly part of the second-highest level of intelligence sharing between the U.S. and other countries, called the "nine eyes." This tier includes the intelligence services of the U.S., Canada, the U.K., Australia and New Zealand -- the "five eyes" -- plus those of France, Netherlands, Norway and Denmark.

According to the complaint, Plasterk publicly condemned the NSA's mass surveillance and said that such broad collection of data is contrary to Dutch law.

In June, he told the Dutch parliament that AIVD and MIVD were not involved in Prism, an NSA program that reportedly collects data from major technology companies such as Google, Microsoft and Facebook. However, he acknowledged that information is being exchanged between Dutch intelligence services and those of other countries and that the source of such information or its method of collection is not usually specified.

According to the complaint, the Dutch Minister of Defense Jeanine Hennis-Plasschaert also said that the Dutch intelligence services didn't know about Prism, but that because of how data is shared between services, it cannot be ruled out that Prism data was received and used.

The coalition's lawyers argue that mass data collection programs like those of the NSA and the U.K. Government Communications Headquarters (GCHQ) violate human rights guaranteed by international and European treaties including the European Convention on Human Rights, the International Covenant on Civil and Political Rights and the Charter of Fundamental Rights of the European Union. As such, it was illegal in many countries, particularly in the European Union, to obtain data through those programs.

Civil society organizations and citizens in other European countries can and should launch similar legal actions, said Christiaan Alberdingk Thijm, a founding partner of Bureau Brandeis, the law firm that represents the Dutch coalition in this case.

Join the CSO newsletter!

Error: Please check your email address.

Tags Government use of ITBureau BrandeissecurityCivil lawsuitslegalgovernmentprivacy

More about European Convention on Human RightsFacebookGCHQGoogleMicrosoftNational Security AgencyNSAPrism

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Lucian Constantin

Latest Videos

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

  • 150x50

    IDG Live Webinar:The right collaboration strategy will help your business take flight

    Speakers - Mike Harris, Engineering Services Manager, Jetstar - Christopher Johnson, IT Director APAC, 20th Century Fox - Brent Maxwell, Director of Information Systems, THE ICONIC - IDG MC/Moderator Anthony Caruana

    Play Video

More videos

Blog Posts