Oversight on hacking operations

In 2007 the General Intelligence and Security Service (AIVD) reported for the first time on the digital breaches incurred by Dutch vital infrastructure orchestrated by China. The AIVD has since 2013 warned yearly about the dangers of digital espionage for the national security of the Netherlands. The Military Intelligence and Security Service (MIVD) has also continuously warned about digital espionage from countries such as China, Iran and Russia.

To gather intelligence about these threats to national security, the AIVD and MIVD can make use of hacking as an investigatory power. The Dutch Review Committee on the Intelligence and Security Services (CTIVD) reviews the lawfulness of the Act on intelligence and security services and published two reports about hacking as an investigatory power. In this presentation, we explain how oversight on this hacking power takes place and why oversight is important in a democratic society.

Next, we discuss how the Temporary Cyber Operations Act (TCOA) deals with the threat posed by state actors with an offensive cyber program and how it impacts hacking as an investigatory power. We also reflect on how the TCOA places a greater emphasis on ex durante supervision on hacking operations and how supervision takes place