From: Nizkor English Service <[EMAIL PROTECTED]> Nizkor Int. Human Rights Team Derechos Human Rights Serpaj Europe Information 18abr00 DUTCH INTELLIGENCE AGENCY SEEKS AUTHORIZATION TO INTERCEPT AND SCAN SATELLITE COMMUNICATIONS THROUGH ITS OWN PARALLEL HARD SYSTEM, WHICH ALLOWS THE UTILIZATION OF SOFTWARE FOR POLITICAL AND SOCIAL CONTROL PATTERNS. The Dutch Intelligence Agency BVD is getting new powers. Among other things, the powers to intercept communications will be extended. The agency is authorized, if the government gets its way, to intercept satellite communications at random and search the intercepted traffic by keywords. Also, the BVD gets a new intelligence task: the gathering of economical information. Holland goes Echelon, it seems. The new 'Act on the intelligence and security agencies' (WIV), which is currently debated by Dutch parliament, gives the powers of the BVD a new legal basis. Actually, it means mainly the extension of investigative powers. In each amendment on the original proposal, new powers are given. For instance, in the first draft of the new Act, the BVD got the power to intercept, record and listen into telecommunications. In the latest amendment, from the beginning of this year, the power to 'receive' telecommunications was added. This means the BVD is authorized to directly pluck telecommunications, for instance GSM-traffic, out of the air. In this way, the BVD is no longer dependent on the willingness of telcom operators to intercept traffic, but can create for instance their own parallel network of receivers to intercept all GSM-traffic. Also, this prevents providers from 'leaking' about the fine work the BVD is doing in this area. The biggest extension, however, is the newly added article 25a. In this article, the BVD is authorized to intercept at random all international telecommunication that is not cable bound and scan the intercepted communication on items of interest (persons, groups, keywords). According to the explanatory note by the draft Act, this kind of random interception is needed to investigate if by any chance interesting messages are part of the international communication. The government says nonchalantly that it can't be prevented that in this manner the BVD gets acquainted with the content of the intercepted communications, although that isn't - still according to the Dutch government - the main purpose of the random interception. "The searching is primarily an instrument for the reconnaisance of the communication, to try to establish the nature of the communication and the identity of the person or organisation that is communicating. That in this way the agency gets acquainted with a part of the content of the communication is inevitable, in order to establish who is communicating and if it's a person or a group that has the interest of the agency. The searching however is not directed to get acquainted with the full content of the communication. In a certain way, this activity is comparable with the listening in on telephone conversations, to check if the connection is allright." This seems like a very creative way of saying that interception isn't really interception, but a mere technical testing of connections. And for that, no legal or governemental warrant is needed... Keywords As important parts of the international telecommunications are transmitted by satellites and beam transmitters, it is clear this article 25a authorises the Dutch BVD to intercept all these communications. This means an uncontrolled authority to intercept and scan all communication that is not cable bound. This can have a great impact on the Internet traffic. As a message on the Internet chooses the least busy route, and the heart of Internet lays in the United States, there is a big chance that email send within the Netherlands chooses an international route by satellite. In future this can also be the case for telephone conversations. All these messages can be intercepted and randomly searched. Even now, the phone conservations between two big Dutch cities, Amsterdam and Rotterdam, are being transmitted by beam transmitters. In the first draft of the WIV, the Home secretary had to give permission to the keywords the intelligence agency is using to scan the intercepted traffic. In the latest amendment, the Home secretary only gets once a year notification of the list of keywords, whereas the BVD is authorized to add new keywords to its own discretion. Besides that, the BVD is authorized to store all intercepted communication. Where the first proposal of the Act stipulated that the BVD has to destroy immediately all intercepted communication that isn't of interest for them, the new amendment gives the BVD the right to store all intercepted communication for a year. In this way, the Dutch government is creating its own mini-Echelon. The BVD uses for its interception tasks the facilities of the Technical information processing centre (TIVC) of the Navy intelligence. This centre, located at the Navy complex Kattenburg in Amsterdam, decodes satellite traffic that is being intercepted by different ground stations. The TIVC is working the same way as its big brother NSA, as showed by the publication of internal documents in the Dutch daily De Haagse Courant in 1985. Satellite conversations were intercepted, recorded and selected by keywords for further analysis. The intelligence the TIVC gathered was sent to the Foreign Intelligence Service (IDB), till this unit was closed down in 1994 after a series of scandals. Since then, all signal intelligence is in the hands of Navy intelligence. According to a study of two Dutch Intelligence experts (Bob de Graaff and Cees Wiebes, Villa Maarheeze, 1998), the TIVC is part of a broader international network and works closely with other Western agencies. For instance in 1972, the TIVC reported to the Mossad that Egypt and Libya had developed a telephone- and telex-connection under sea. Israeli special forces destroyed this connection, so Egypt and Libya had to communicate again by satellites, which were an easy target for interception. According to the authors, the American CIA protested in 1992 firmly against the immanent dissolution of the IDB, because they were afraid Dutch signal intelligence capacity would diminish. Vital economic interests The new power to intercept satellite communications at random will undoubtfully be used for economic espionage. In the past, the signal intelligence capacity already served economic purposes. In the above mentioned study of the intelligence experts, examples of this are mentioned. The authors speak of an "incestious relation" between the intelligence services and Dutch industry. Leading persons of big dutch companies, with establishments abroad, worked for the IDB. In exchange, they got economic intelligence gathered by the TIVC. The Dutch multinational Philips has, according to the study, close relations with Dutch intelligence. The company installed interception devices in telephone centres it sold to foreign companies and governments, the report says. In the proposed new 'Act on the intelligence and security services', the BVD gets officially the task of economic intelligence gathering. The BVD has to "protect vital economic interests", which is seen as a part of the national security. "The Dutch economy is highly dependent of economic developments in the world; these developments are characterised by increasing internationalisation and globalisation. Decisions taken elsewhere, can have a sincere impact on the Dutch economy. It is possible to gather intelligence on these developments in different ways, for instance by cooperation with intelligence agencies of other countries. These agencies however, wil take in account their own interests. In order not to be dependent of information of third parties, the government thinks it is necessary to build up its own information position and enforce it." What excactly 'vital economic interests' are, is however wrapped in a cloud of mystery. "To end with, we remark that with the explicitation of 'vital economic interests of the Netherlands' in the terms of reference of the BVD, also the possibility is created - if it seems appropriate - to conduct investigations in this area, where national security as such isn't in danger or is difficult to argue for." Encryption The new powers of the BVD are also interesting because some articles are related to cryptography and information technology. The BVD is authorized to break into homes and offices to bug keyboards. Besides that, the BVD is authorized to break into computers and steal, alter or delete information that is stored in computers. In other words, the BVD is allowed to hack. In this way, the intelligence agency can steal data from computers, manipulate software, corrupt passwords or install a Trojan Horse, so access is secured and cryptography can be bypassed. Cryptography is a topic of special interest for the BVD. In the draft Act, the power to undo encryption is being extended. In the first proposal the BVD got the authority to decrypt encrypted communication and data "by technical means". In the latest amendment this is extended to decryption "by all possible means". According to the explanatory note, "practice has shown there are other ways than just technical means to decrypt encrypted communications." This cryptic description seems to be directed at infiltrators who diddle out passwords, or look over the shoulder when messages are encrypted, or intelligence teams breaking into homes and offices in search of the little piece of paper the password is written on. The articles on the interception of telecommunication also contain remarks on cryptography. Encrypted messages may be kept in storage as long as is necessary for the BVD to decrypt them. The explanatory note says: "Where telecommunication is concerned, of which the encryption is not undone, and where the mere fact that cryptography has been used makes this communication interesting for the agency, it is desirable to save this communication to the moment the capacity exists or is being developed to decrypt the communication." So the use of a perfectly normal technique to protect ones privacy, trade secrets or sensitive political information, is in the eyes of the Dutch government a highly suspected act. The draft Act also introduces the obligation for "every one" the authorities believes has acces to the keys, to cooperate with the intelligence agency in decrypting the encryption. Refusal is punishable with a sentence of two years. The Dutch parliament has asked the government if this means that suspects also are obliged to hand over the keys. The answer is not available yet. But if the governement confirms this obligation also applies to suspects, this will be a clear violation of the fundamental human rights, as stated for instance in the Treaty on the protection of the Human Rights and Fundamental Freedoms. It means an obligation to cooperate on your own condemniation and the reversal of the burden of proof. [Source: Jelle van Buuren. Verlag Heinz Heise, Hannover. 11abr00] ------------------------------------------------------------------ USEFUL LINKS: - International campaign against Echelon Global System: EchelonWatch http://www.aclu.org/echelonwatch/index.html - Global Internet Liberty Campaign - GILC (Main issues: free speech, privacy, cryptography, access) http://www.gilc.org/ - Report on International Status of Privacy: "Privacy and Human Rights 1999". Electronic Privacy Information Center Washington, DC, USA.Privacy International London, UK http://www.privacyinternational.org/survey/ - "Cryptography and Liberty 1999: An international Survey of Encryption Policy". Electronic Privacy Information Center Washington, DC http://www2.epic.org/reports/crypto1999.html#_Toc450793110 - "An Appraisal of Technologies of Political Control". Scientific and Technological Options Assessment - STOA. 06jan98. http://cryptome.org/stoa-atpc.htm - Echelon: Development of surveillance technology and risk of abuse of economic information - STOA reports - PDF Files - 10/1999 - European Parliament [ENG/ING] http://www.europarl.eu.int/dg4/stoa/en/publi/default.htm --- from list [EMAIL PROTECTED] ---
