Public-private partnerships: the road to success

(1)

Public-private partnerships: the road to success

An exploratory research into success factors for public-private partnerships in digital forensics in The Netherlands

Thesis by: Maaike Smekens, s1396285 Date: August 5, 2020

Supervisor: Dr. L. Block

Second reader: Dr. Niculescu-Dinca

(2)

2

Abstract

This thesis conducts research into how public-private partnerships (PPPs) can be successful in digital forensics in the Netherlands. In order to answer this question, this thesis looks into the extent to which challenges of PPPs are recognized by people working in digital forensics, and aims to find what the conditions for PPPs are to be successful in the Netherlands, based on the ‘best practices’ framework by Hagenaars and Bonnes (2014). As literature on PPPs shows, measuring the success of a PPP can be hard. This thesis therefore regards a PPP successful if the PPP brings value for all organisations involved, is well-organised along judicial lines, and has established trust between the different organisations involved.

Six open, semi-structured in-depth interviews have been conducted with people of both the private and public sector. From these interviews came forth that ideological and operational challenges are the main challenges faced. The ideological challenge mainly concerns the economic stake of the private sectors, versus the serving of the public good of the public sector. The operational challenges focuses mainly on legal hurdles that put a strain on information-sharing. Next to these two challenges, a new challenge is presented due to the complex nature of digital forensics: a language barrier between technical and managerial people.

Finally, the results show that clear, shared goals and visions, creating value for all organisations involved, organising resources, knowledge management and education and establishing trust and understanding between the people involved are deemed most important by the respondents in order for PPPs to succeed.

(3)

1. Introduction

1.1 Problem outline

Ever since computers have been invented, technological developments have been trying to make our lives easier. Communicating via social media, paying for groceries with your phone and remote controlling your home systems. Technology is everywhere; we could not imagine it not being in our lives anymore. However, as we have gotten used to it, so have criminals. Not only are computers used to commit traditional crimes such as threatening people online (also known as computer-assisted crimes), another form of cybercrime emerged in which the computer or software itself is targeted, such as in DDoS attacks (described as computer-focused crimes). Although the extent to which these two forms of cybercrime have increased is hard to define, it is undeniably present in our society (Van Erp, Stol & Van Wilsem, 2013, p. 330; CBS, 2018). In a letter to the Second Chamber, the Dutch Minister of Justice and Security stated that in the Netherlands, one in nine persons had become a victim of cybercrime in 2017 (Grapperhaus, 2018). Moreover, Deloitte (2016) concluded that, on a yearly basis, cybercrime costs Dutch organisations about 10 billion euros. The NotPetya hack for example, that affected the Port of Rotterdam, costed company Maersk about 177-255 million euros (Van Noort, 2017); the Dutch branch of Pathé cinema was scammed for 19 million euros (De Volkskrant, 2018). Additionally, the National Cyber Security Center, NCSC, (2019) noticed that several digital offenses such as phishing and digital fraud are still increasing. It is thus fair to state that cybercrime forms a real problem that leads to high costs for society and economy. The Dutch government therefore decided to dedicate more attention to tackling cybercrime (Kamerstukken II, 2019-2020, 35300, 1, p. 12).

In their dedication to devoting more attention to cybercrime, the Dutch government came up with several areas that needed extra attention (Rijksoverheid, n.d.). First, they introduced the obligation that ICT-breaches must be reported, and also introduced high punishments for those that commit cybercrime(s). Second, they created more authorities for the police and public prosecution services to make it easier for them to track down cybercriminals and investigate cybercrimes (Wet computercriminaliteit III). Lastly, the Dutch government decided that more budget was necessary for conducting research into cybercrime, hiring more personnel and focussing more on digital forensic investigations.

The focus on digital forensic investigations, which entail the discovery, preservation, collection, validation, identification, analysis, interpretation, documentation, and presentation of digital evidence for proof of criminal events and eventually prosecution of criminal activity,

(5)

was not included randomly (Taylor, Endicott-Popovskyb & Frinckec, 2007, p. 101; Årnes, 2017, p. 4). Research by Taylor, Endicott-Popovskyb and Frinckec (2007, p. 101) states that computer evidence has become a routine part of criminal cases with nearly 85% of the current caseloads involving digital evidence. This has already led to several problems in digital forensic investigations: there is a lack of qualified (technical) people able to investigate the digital evidence, it takes more time to collect the evidence as encryption on data carrying devices is constantly improving, and due to the international nature of cybercrime it is often seen that (part of) the evidence is located in another country (M’charek & Faber-Jonker, 2019).

The complexity of digital forensics additionally requires specific knowledge in order to be able to analyse the evidence. In the Netherlands, there are several actors involved in digital forensics – a general schematic overview can be seen in Figure 1. First is the Dutch police, which is by law responsible for providing security, including prosecution and criminal (cyber)investigations (art. 3, Politiewet 2012; art. 125i-125o, Wetboek van Strafvordering). They conduct digital forensic investigations themselves, and for the most advanced forms of cybercrime created the taskforce “Team High Tech Crime”. Additionally, they outsource a lot of digital forensic investigations to the Dutch Forensic Institute (NFI), which is one of the biggest forensic institutes worldwide. The NFI is state funded, which means that the research they do, ordered by the police, is being paid for by the Department of Justice. To not endlessly turn to the NFI for investigations, the police and the NFI have created Service Level Agreements that state a maximum amount of investigations per period of time for a certain topic. Due to this agreement, most outsourcing done by the police is directed at the NFI, as additional funding has to be found if the police wants to turn to a private company. During and after the investigation, the digital evidence is presented to the Public Prosecution Services (in Dutch: the Openbaar Ministerie, OM), as they are leading the investigation and are the ones that have to bring the case to trial if necessary.

(6)

6

Figure 1. General overview of (digital) forensic chain in The Netherlands by Morgan et al (2016), as quoted in M’Charek and Faber-Jonker (2019, p. 7.).

However, due to the increasing role of technology, not only the police, NFI and OM deal with cybercrime investigations and digital forensics; more often than in other criminal problems, victims (especially companies) turn to private/corporate investigation bureaus to see their problems solved (Meerts, 2018, p. 16). Their role in digital forensic investigations has therefore increased, and is rather seen as shown in Figure 2.

Figure 2. Forensic field partners. Source: Kamerstukken I, 2018-2019, 2399261, 1.

As these different actors become involved in different parts of a digital forensic investigation, several problems arise. Private investigation bureaus often have a lot of knowledge and expertise on digital forensics and can therefore help companies/victims find the problem and help restore their systems; they however do not have the authority to prosecute suspects (if found). These private investigators “largely work autonomously, engaging the criminal justice system only when this is considered desirable in the light of pragmatic or

(7)

normative considerations” (Meerts, 2018, p. 6). Many cases that are investigated by private investigators therefore never even reach the criminal justice system, which can lead to ‘private justice’, unless the victim decides otherwise (Williams, 2006). Contradictory, public organisations such as the police do have the authority to prosecute, but they often lack capacity (and knowledge) to be able to deal with all digital crime and evidence. Improving collaboration between the different actors can therefore contribute to prevention, detection and prosecution of future cybercrimes (AEF & INK, 2017). The report by AEF and INK (2017) also argues that greater involvement from private companies is desirable because of a) faster availability of investigation results, b) the expected rise of the need for forensic investigations, c) equality of arms in the court with contra-expertise and d) the lack of certain specialist expertise within the NFI.

Following the addressed need for better collaboration in (digital) forensics, 3,5 million euros was made available for a pilot in 2011, focussing on the inclusion of private organisations in forensic research. The pilot created the opportunity to outsource (often-conducted) forensic investigations to private companies if it would mean it would speed up the results, the NFI did not have the capacity for the investigation, it would serve as contra-expertise or if there was a lack of specialist knowledge at the NFI. Despite several good outcomes of this pilot, such as faster and higher quality results, the Minister decided to cancel the pilot (Struiksma & Winter, 2012) based on several arguments. First, he did not see many benefits in the outsourcing of often-conducted investigations (such as DNA-tests), as the need for certain investigations fluctuates over time and it would therefore not be clear when something should be outsourced based on time-effectiveness. Second, he stated that the police are always allowed to give their assignments to private companies, and is therefore not necessarily bound to the NFI. Struiksma and Winter (2012) however contest this, as the service-level agreement with the NFI leads to a preferred position because there are no extra costs involved, which in turn makes it less attractive to outsource assignments to other companies merely based on costs. Third, the Minister feared that competition can lead to loss of quality as companies will try to work cheaper.

In the years following the pilot, not much attention was devoted to improving the cooperation between the organisations in the digital forensics chain. A report from 2017 states that the cooperation between the NFI, police, OM, judges and private investigators is still insufficient in forensic investigations (AEF & INK, 2017); amongst the problems is information not being available, insufficient trust from the NFI to external organisations, no shared goal between the partners and the capacity and speed of the NFI still being too low. The report made

(8)

8

several recommendations, such as the NFI, ministries and important chain partners to collectively name their challenges and decide a strategy to tackle them, the ministry and NFI to make clear agreements on ownership, and the NFI, ministry and important chain partners to make agreements on broader guidance from the ministry. A review by the Visitationcommittee (Sorgdrager, Bik, Van der Steen, Vogelzang & Zuurbier, 2019) however states that the partners still do not work together well, and thus the recommendations have not been followed up upon. Employees of the NFI for example explain that on one hand, they want to collaborate more with private companies, but on the other hand also do not trust them and see them as a threat to their own existence. Another example is that the police has no understanding of what is actually possible or impossible for the NFI to do (Sorgdrager et al., 2019). The report also states that several pilots have shown successes on cooperation within the digital forensics chain, so improvements are necessary and possible. According to the report, not only the NFI, but the whole chain has to take responsibility for this.

Although the recommendations in the report are clear, it also states that the committee has not found a well-functioning governance structure for the whole chain yet. A way to improve cooperation between public and private actors can be achieved through implementing public-private partnerships (PPPs). Such partnerships can be defined as ‘working arrangements based on a mutual commitment (over and above that implied in any contract) between a public sector organization with any organization outside of the public sector’ (Bovaird, 2004, p. 200). They are aimed at cooperation, in which actors have to adopt characteristics and perceptions of the other parties, rather than compete with one another (Linders, 1999, p. 36). Although different types of PPPs exist, most of them try to tackle the same ‘wicked problems’ that arise when public and private partners have to cooperate, such as a lack of governance and operational issues. PPPs can thus combine the strengths of private actors, in for example innovation, technical knowledge and skills, managerial efficiency and entrepreneurial spirit, and the role of public actors, including social responsibility, social justice, public accountability and local knowledge (Roehrich, Lewis & George, 2014).

There are some sectors in the Netherlands, also dealing with cybercrime, that have already implemented PPPs. In 2011, the Electronic Crimes Task Force was created, in which banks, the police, OM and a few other partners joined forces in order to prevent and tackle (advanced) cybercrime against the financial system. The team aimed at strengthening information sharing, developing intervention methods and contributing to detection and prosecution. Several attempts have been made to start PPPs in the digital forensics sector, and multiple conferences have been organised for this purpose, but up until this point little has been

(9)

achieved. This leads to wonder what is necessary in the field of digital forensics for PPPs to work. Some research has been done on implementing PPPs in security projects with a digital component, but none have focused on how PPPs can be successful in digital forensics (Hagenaars & Bonnes, 2014). Researching this will thus contribute to exploring the opportunity for PPPs in the digital forensics field specifically, and more generally in situations with a heavy digital component and within strict information-sharing environments. This research therefore aims to explore how PPPs can be successful in digital forensics in The Netherlands, by looking at the following research question and sub-questions:

1.2 Reading guide

Having outlined the problem in this introduction, Chapter 2 will provide some theoretical background into Public-Private Partnerships and what challenges and solutions they present. Furthermore, the framework will be established through which the results of this thesis will be analysed. In Chapter 3, the methodology of this thesis will be discussed explaining the research design, data collection and operationalization of the methods. The limitations of the methods will also be discussed in this chapter. Then, Chapter 4 presents results of the research which the subsequently will be interpreted and linked to the theoretical framework in Chapter 5. The thesis will end with discussing the limitations of the research and provide recommendations for future research.

Main research question:

How can PPPs be successful in the digital forensics field in The Netherlands?

Subquestions:

1. To what extent are the challenges of PPPs recognized by people working in digital forensics in The Netherlands?

2. What are the conditions for PPPs to be successful in the digital forensics in The Netherlands?

(10)

10

2. Theoretical Framework

As stated in the introduction, PPPs have been a topic of research for over many years. Nevertheless, PPPs in digital forensics remain an undiscovered topic of research. To provide some insight into PPPs, this chapter will first explain the origins and purpose of PPPs. The chapter continues onto the most common challenges faced in PPPs, and ends with a more specific focus on best practices in security projects in the digital era.

2.1 Origins and purpose of PPPs

Cooperation between public and private organisations has existed for a long time, but it has gained momentum since the late 1980’s – some argue due to privatization (Linder, 1999, p. 35). During the late 1980’s, public management reforms took place which resulted in New Public Management. This new form of public management aimed at promoting downsizing of the traditional public sector, a shift towards a perspective of the state as a regulator instead of a provider, and growth of private sector provision of public services (Marsilio, Cappellaro & Cuccurullo, 2011, p. 768). It also claimed that competition is the only way to true enlightenment, as economists stated that resource allocation was most efficient when it was arranged through free-market principles, in which they compete by improving quality of their goods or services. Many restrictions however maintained the position of the government, which left limited room for true PPPs (Bovaird, 2004). Governments defined the projects (only in case of market failures), and private partners were only approached based on efficiency reasons (Hagenaars & Bonnes, 2014, p. 29). Furthermore, doubt arose on the true efficiency of this working model. It became clear that because of transaction costs, complex contracts were necessary. Creating these contracts led to such high costs for designing, letting, monitoring and enforcing that organisations would be better off keeping activities in-house (Bovaird, 2004, p. 206). The proposed solution was to set up relational contracts, which were based on trust and aim at long-term relationships. A new form of partnership was suggested, in which both parties would find it beneficial to help each other be more successful.

Following this, collaborative models gained momentum over competitive models. A new perspective arose, called the ‘public governance paradigm’ or ‘alliance model’, that looked at how stakeholders interact with each other in order to influence outcome of public policies (Bovaird, 2004, p. 208; Hagenaars & Bonnes, 2014, p. 29). This ‘public governance paradigm’ stated that instead of imposing strategic control on stakeholders, the aim should be to “create meta-strategy frameworks within which partners’ decisions mutually influence each other”

(11)

(Bovaird, 2004, p. 209); public and private actors thus collaborate on equal levels, and function as adaptive systems.

Despite being used worldwide and often seen as something to strive for, there is no global definition for PPPs yet (Marsilio, Cappellaro & Cuccurullo, 2011; Roehrich, Lewis & George, 2014; Hodge & Greve, 2017). One definition used by some research is that of the World Bank, which states that PPPs are ‘a long-term contract between a private party and a government entity, for providing a public asset or service, in which the private party bears significant risk and management responsibility, and remuneration is linked to performance’. Another is that of Bovaird (2004, p. 200), whom defines it as ‘working arrangements based on a mutual commitment (over and above that implied in any contract) between a public sector organization with any organization outside of the public sector’. He identifies four key elements in this new form of PPPs. First, accountability and decision-making have to become shared within partnerships and networks. This includes trust- and capacity-building, and democratic as well as managerial accountability. Second, goals and plans have to become coordinated and integrated. This way, partners will have to show mutual adjustment around these shared goals, including recognizing the long-term nature of the project. Third, the emphasis must be on partnership working by making extensive use of relationship contracting rather than in-house activities or transactional contracts with external providers. Lastly, joint management of the strategic change process must take place. This means that on the one hand project groups will have to overlook the overall process, and on the other hand also take care of changes in their own organisations. Similar key concept can be seen in the research of Hodge and Greve (2017), who analysed multiple definitions of PPPs and identified several key concepts that are often mentioned in most definitions of PPPs. First, they found that in almost all definitions, the explicit way of sharing risks is mentioned as one of the key elements of PPPs. The second key element they identify is innovation. The public and the private sector have to come up with new solutions and “work together or achieve a common purpose.”, which means that it is not just a ‘normal’ collaboration. Third is the aim or hope to create a long-term relationship, which lasts longer than ones involving ‘contracting-out’ services. They add that many partnerships enjoy a certain level of power sharing between the partners.

2.2 Challenges with PPPs

Although PPPs thus seem a like popular method used in cooperation between public and private actors, within PPPs problems or challenges can occur as well. The most commonly named challenges PPPs pose are that they do not actually lead to value for money for (some of the)

(12)

12

organisations or citizens, there is a lack of information or knowledge sharing due to operational issues (privacy regulations), there are governance issues within the PPPs, and the occurrence of ideological splits (Hodge & Greve, 2017, pp. 66-69). Although PPPs are aimed at resolving such issues, many researches show that these types of issues are often experienced in PPPs. Furthermore, and perhaps being the biggest critique concerning PPPs, is the inability – or at least extreme difficulty – to measure its success. Hodge & Greve (2017) state that it is undeniable PPPs must deliver some form of success, as it is popular and it is something to strive for. However, its benefits are hard to measure, which is something critics often mention. Achieving the objective of a project or PPP is often put forward as the project or PPP being “successful” (Shenhar, Levy & Dvir, 1984; De Wit, 1998; Liu & Walker, 1998); Value For Money (VfM), the balance between the costs and quality of the outcome, is also addressed as an achievement of success by a PPP (Zayyanu & Johar, 2017). However, this is a much too simple description for successes of PPPs, as a PPP can also be regarded as “successful” without achieving its objective or merely reaching VfM. Liu and Walker (1998) describe that not only the outcomes are important, but also the participation satisfaction; Zayyanu and Johar (2017) created a framework in which they state that PPPs are successful when they lead to effective procurement processes, a favourable investment environment, judicious government control and appropriate risk allocation. Although no consensus exists on the specifics of measuring success, several researches have attempted to describe success factors or best practices of PPPs.

2.3 Best practices in security projects in the digital era

The lack of a universal definition and the difficulty of measuring its success may lead to question what PPPs can contribute in the field of digital forensics (Hagenaars & Bonnes, 2014, p. 30). In current (cyber)criminal investigations, Meerts (2018) found that overall, private investigators prefer to stay within their private sector, and PPPs often only occur when private investigators or their clients feel the need to involve the criminal justice system. She found that cooperation is fairly rare, and that PPPs are better conceptualised as coexistence. This however does not exclude the possibility of PPPs in cybercrime investigations. Hagenaars and Bonnes (2014) conducted research into PPPs in security projects with a digital element. They state that PPPs do arise in cybercrime investigations, but they are subject to a lot of factors that can complicate it, such as the sensitivity of the data dealt with. They therefore identified several best practices that can be used as a guideline PPPs to be successful. These best practices are ultimately based on three key elements: 1) value, 2) organisation and 3) trust. This means that a project has to be valuable to all organisations involved, organising it has to occur along the

(13)

lines of judicial aspects, and trust has to be established between the different organisations. As there is no consensus on what exactly entails success in PPPs, in this thesis a PPP will be regarded as successful when it has reached the three most important elements of PPPs put forward by Hagenaars and Bonnes (2014): When a PPP has led to value for all organisations involved (participation satisfaction), the organisation of the PPP has occurred along judicial lines, and as trust has been established between the organisations. This does not mean a PPP is not regarded as successful if only one or two of the three elements have been reached, it merely means that for this thesis, they are regarded as less successful.

In their research, Hagenaars and Bonnes (2014) identified multiple factors that contribute to these three elements that constitute the success of a PPP. From these factors, a coding scheme is created that will be used in assigning information to a certain element. As can be seen in Table 1, for the first element ‘value’ it is important that organisations in PPPs have clear and shared goals and visions, the focus of their PPPs lies on the first phase and coordination of their cooperation, and the results of the PPPs are important. The second element, organisation, is defined by leadership, project-based working, invested manpower and financial goods, knowledge (management) and information sharing, the type of agreements, and completing actions. The third and last element, trust, is shown through collaboration, commitment, involvement, communication and respect.

(14)

Table 1. Main elements, elements and indicators of best practices by Hagenaars and Bonnes (2014). Best practices security projects in digital age

Key element Sub-element Indicators

Value Clear, shared goals and visions Acknowledge necessity collaboration; including right partners; successes; incentives (e.g. cost reduction, useful information of good quality); clear focus/goals (incl. concessions, relevance, execute ability); shared vision

First phase and chain Focus on first phase collaboration, conditions and prevention; chain steering; revise and clarify processes and check authority; long term focus

Results Create business case to clarify results; clear goals to easily determine successes; explicitly discuss communication; (unexpected spin-offs)

Organisation

Leadership Dynamic in steering questions; collective leading/independent leader

Project-based approach Different types of collaboration (pilots, projects); role project leader is crucial; creating a barrier model Manpower and resources Arrangement of (financial) resources; continuity of manpower and resources, dedication

Knowledge, knowledge management and education Methods for sharing information

Information infrastructure Supporting information systems Security aspects

Agreements Should include final goals, what data is used, who checks law, via which media; timing involving jurists Make circle round Keeping track of status project; learning from evaluation; audits; certification

Trust Collaboration

Levels of collaborations; give and take mentality, equality; bonding Commitment

Ownership Process management Broad involvement sectors Short, informal lines Expectation management Goals vs. meaning of collaboration Bridge differences

Trust, understanding and respect

Impact trust; five sources trust: yourself, relationships organisations, market, society + four elements reliability: integrity, intentions, capacities, results. (incl. being straightforward, showing respect, create transparency, repair mistakes, show loyalty, book results, improve yourself, face reality, clarify expectations, face responsibility, listen first, meet promises, show trust); build trust

Build bridge while you're on it

Dynamic collaboration; adapt Realism and a bit of luck

(15)

operational issues, Hagenaars and Bonnes (2014) found several best practices that contribute to making a PPP successful, meaning that they create value for the organisations involved, are organised according to judicial aspects and trust is established between the organisations. Chapter 3 will, based on the theoretical framework provided above, explain the methodology of this thesis.

(16)

16

3. Methodology

Having explained the theoretical background of PPPs, the following chapter will shed light on the research design used in this thesis. Furthermore, the method of data collection will be made explicit, and the concepts measured in this thesis will be operationalised. The chapter concludes with a reflection on some limitations that come with the chosen research methods.

3.1 Research design

As made clear in the introduction, cooperation in digital forensics is a rather undiscovered field. This thesis therefore conducts exploratory, qualitative research into cooperation within digital forensics. Stebbins (2001, p. 5) states that exploratory research is relevant when researchers “have little or no scientific knowledge about the group, process, activity, or situation they want to examine but nevertheless have reason to believe it contains elements worth discovering”. Exploratory research such as this thesis can therefore contribute to understanding how PPPs can be successful in digital forensics and can serve as a starting point for future research (Bijleveld, 2013, p. 72). Additionally, qualitative research allows for a deeper understanding of the underlying mechanisms.

The data used to answer the research question will be gathered through semi-structured, in-depth interviews with experts working in digital forensics in different organisations. Semi-structured interviews are open-ended and aimed at generating discussion – they leave freedom for diversion from the script (McIntosh & Morse, 2015, p. 4).This research method therefore fits within the exploratory design of this study, as leaving room for diversion from the script means that relevant information that may come up during an interview can still be discussed. The results of such interviews remain reliable, as the same topics are addressed during all interviews (Bijleveld, 2013, p. 206) and therefore create a general line in all interviews.

3.2 Data collection

As different organisations are involved in the digital forensics chain, several organisations have to be identified from which people will be interviewed. In (digital) forensics in the Netherlands, four main actors can be identified: the NFI, the police (and police labs), the OM, and (semi)private organisations (Dobbelaar, Visser & Muller, 2009, p. 21; M’charek, 2019, p. 2). To get a clear picture of what types of cooperation occur within the digital forensics domain, this thesis will conduct interviews with people from each of the four above identified main actors.

(17)

In getting into contact with people for conducting the interviews, first gatekeepers will be approached. Gatekeepers are contacts who, due to their position, are able to make introductions and provide access (Noaks & Wincup, 2004). As the topic of this thesis aims to interview people that are often in higher positions in organisations, getting access to them can prove to be hard. The use of gatekeepers is therefore necessary. First, gatekeepers from The Hague Security Delta will be approached, as the author of this thesis is currently working there as an intern. That way, the first group of respondents will be approached from the police, the

OM, the NFI and a private organisation. In approaching a second group of respondents, the

snowball method will be used. This is an often-used method in for example criminological research, in which the first respondents that have been interviewed are asked to provide a new respondent. This method is often used in cases where trust is an important factor, and the reference of the previous respondent therefore matters (Bijleveld, 2013, p. 167). To prevent that second respondents are very similar to or have the same perspective as the first respondents, specifically will be asked for someone with another function or opinion. This way, the first group of respondents will therefore also function as gatekeepers.

Eventually, six respondents will be interviewed: three are working in the public sector, two in the private sector and one is working in both the private sector and a knowledge institution. Of the respondents working in the public sector, one is working as a Strategic Specialist Digital Prosecution and Expertise at the police, one is a public prosecutor at the OM and one a Forensic Researcher Cybercrime at the NFI. Of the three respondents active in the private sector, two are working at Deloitte: one as a Senior Manager Cyber Risk Services, one as a Discovery Senior Specialist. The last respondent is a professor in the Forensic ICT Track at the University of Applied Sciences in Leiden, and works as a director Digital Evidence Review at Magnet Forensics.

3.3 Operationalization

In order to research how PPPs can be successful in digital forensics in the Netherlands, the interviews will be analysed based on the principles described by Hagenaars & Bonnes (2014). Combining the three main elements with the four elements named by Bovaird (2004), the following topic list is developed that will be used during the interviews:

- Who/what organisations does the organization cooperate with - What does this cooperation look like (organisation)

- Experienced value of cooperating with other organisations - Trust between organisations

(18)

18

After having conducted all the interviews, they will be transcribed literally, to ensure to not leave any possibly relevant details out and to minimize the chances of subjectivity by the researcher. Literally transcribing will also provide first insight into the results of the interviews, as the transcribing already calls for attention.

After transcribing, the interviews will be coded in Atlas.ti, to answer both sub questions. For the first question, to what extent challenges of PPPs are experienced in the digital forensics field, the most common challenges identified in Chapter 2.2 will be assigned as respondents explain problems they experienced. These codes and the results will be represented in Annex I. An open mind will be kept to other challenges that might be addressed, and if a new challenge comes across more often, it will be given its own code.

To answer the second sub question, what the conditions are for PPPs to be successful in digital forensics, the theory by Hagenaars and Bonnes (2014) will be used. As discussed in Chapter 2, success in PPPs can be hard to determine. Hagenaars and Bonnes (2014) have developed best practices for PPPs with a digital component based on the three elements they found are most important for a successful PPP: value, organisation and trust. To give a better understanding into these best practices, they described several indicators that can define such a best practice. For example: indicators such as including the right partners and incentives for all organisations involved, contribute to creating clear, shared goals and visions (best practice). This best practice in turn points to one of the elements this thesis deems a successful PPP: value for all organisations involved. Initially, codes will be assigned to sentences that include one (or more) of the indicators; the results hereof will be represented in Annex II. However, it can also occur that a respondent continues on a topic for a longer time. In that case, the whole part of the interview will be coded as such, to not create the impression that a topic has come across more than it has. Contrarily, it can also occur that a topic is briefly mentioned, but given extra importance by the respondent. In such case, the code will only be assigned once, but given a side note that the respondent gave extra weight to that statement. It should be noted that it can occur that new problems or best practices rise to the occasion that cannot be matched with a best practice; in that case, they will be labelled as ‘other’.

3.4 Limitations

Although attempts are made to mitigate the amount of limitations in this research, some elements should be kept in mind throughout reading this thesis. First, due to requirements from the Leiden University, this thesis has limited time during which the research can be conducted. As it takes time to come into contact with the respondents, conducting the interview and

(19)

eventually performing the analysis, the number of interviews is limited to six. Having a restricted number of respondents can limit the external validity of this thesis; as the researched group is smaller, the ability to generalize the results to outside the researched group decreases (Bijleveld, 2013, p. 47). Additionally, the snowball method through which the respondents are found, can also limit the external validity, as part of the outcome is dependent on the network of the researcher (Bijleveld, 2013, p. 47). To minimize the infringement on the external validity due to the limited number of respondents and the network of the researcher, an attempt is made to include relevant respondents and create diversity within the group. This thus means including people from both sectors, in higher and lower functions and from different backgrounds.

Another element is that of the subjectivity of both the respondent and researcher. As this thesis involves people and their perceptions, it is not completely objective. It is subject to perceptions of both the respondent and the researcher, and interpretation of answers (Bijleveld, 2013, p. 206). Using a framework for coding attempts to mitigate this risk.

(20)

20

4. Analysis

4.1. General remarks on PPPs in digital forensics in The Netherlands

Having conducted the interviews, an overall image emerges from the views of the respondents on the current status of cooperation on digital forensics in The Netherlands. The respondents of the police, NFI and OM mention that most of their cooperation is public-public, due to the nature of the information handled and the agreements they have. The respondent of the OM for example states that most of the specialised digital forensic investigations are conducted by the police, or are outsourced to the NFI: “I know that by far most investigations, forensic technical investigations included, are conducted by the police. When it concerns specialised research in which we need specific expertise, (…) we will first send a request to the NFI, because we have a service level agreement with the NFI.”1_{. A similar situation is described by the respondent of}

the NFI, whom states the police are the number one organisation they cooperate with. Although that is the general picture, the respondent of the police does acknowledge that there is an increase in public-private cooperation, as he says it is “enormously developing now”.

Looking at the interviews from the respondents of private organisation Deloitte, the answers differ. The discovery senior specialist describes that he experiences that most cooperation occurs between member firms of Deloitte and with law firms. Furthermore, they sometimes cooperate with the Fiscal Information and Investigation Service (FIOD), as they do investigations on similar areas. He describes that relationship as being “more like a data transfer than that we really discuss something”. The senior manager Cyber Risk Services describes a somewhat different situation, in which he distinguishes between the purely commercial work they do, and what he describes as “how can we collaboratively make the Netherlands safer”, regarding cybersecurity. In their commercial work, they get hired by an organisation (public or private), and in return they offer their services. In the other scenario, he experiences that their area of expertise increasingly overlaps with other areas, which results in more cooperation with public organisations such as the intelligence agencies, the NCSC and the Ministry of Justice and Security. He states that Deloitte has been in contact with these organisations for years, and occasionally comes across something they can collaborate on.

An observation made by the professor of the University of Applied Sciences, is the increase of digital forensic investigations, and the private sector that increasingly becomes involved in creating and providing technical solutions and expertise for such cases. The

(21)

cooperation remains mostly client-supplier based, as he describes from his position at the private organisation Magnet Forensics, although he states that private organisations try to help for example the police by “thought leadership”: thinking ahead and coming up with solutions for possible problems.

The respondents thus describe situations in which most cooperation is still based on a client-supplier basis, although due to an increasing overlap of fields, public private cooperation is also increasing. As the respondent of the OM states, attempts are made to improve public-private cooperation by organising conferences, in order to tackle the challenges they sometimes face.

4.2 Challenges PPPs in digital forensics

Diving deeper into the data, an analysis can be made of the challenges experienced in the PPPs. Of the general problems identified in Chapter 2, ‘Ideological splits’ and ‘Operational issues’ are mentioned by all respondents, with both a total of 17 times (see Annex I). Additionally, a new problem arises that is mentioned by three of the respondents: a “language” barrier between the technical and managerial people. A closer look will be provided below.

4.2.1 Ideological splits

First, as can be seen in Annex I, ideological splits are experienced by all respondents in their PPPs. The Senior Manager Cyber Risk Services of Deloitte for example states: “We can’t endlessly work for free. So, when we can contribute something to the public safety with little effort, every organisation will of course do that. When it costs more time, yeah, then we all have our owners, shareholders, I don’t know, whom in the end look at ‘what is coming in’, and there is a limit to how much you can spend on it.”. This is not only described by the private sector, the respondent of the NFI also states that there is a certain fear on both sides to cooperate, as “…the private sector does not want the government to conduct investigations, because they will have reputational damage, or have to give up too much information to do an investigation…” and “…the government won’t have control anymore, there will be a commercial business model behind it”. Additionally, the respondent of the OM states that cooperating with private organisations on such matters can jeopardize systems of checks and balances and fair trials etc. In general, the respondents of the private sector describe the commercial goal of having to produce profits and the fear of reputational damage, whereas the public sector respondents describe the fear of losing control over law and order.

(22)

22

4.2.2. Operational issues

Related to fear of losing control over law and order, operational issues are also mentioned by every respondent, with a total of 17 mentions. That is because most operational issues that are mentioned, are regarding rules or laws on information sharing. The respondent of the police for example states that the police and OM have to deal with the relevant (privacy) regulations, which prevents certain information from being shared with citizens and therefore cannot be shared with private organisations. The respondent of the OM confirms the legal challenges, as he says that “according to the law, we are only allowed to share information on a need-to-know basis”. He states it is not necessarily the privacy regulations that prevents them from sharing information, but the ‘exceptional laws’. The respondent of the NFI also states that making information public is a “no-go”. The legal challenges are also experienced by the Senior Manager Cyber Risk Services of Deloitte, although he thinks that “sometimes people see hurdles, athough they might not always be there”. On the other hand, about the private sector sharing information he states “We can’t always share freely, because sometimes we of course do work on which an Non-Discloure Agreement (NDA) from a client applies”.

4.2.3 “Language” barrier

Apart from the operational and ideological issues, another problem is mentioned by three of the respondents: the “language gap” between technical and managerial people. The Discovery Senior Specialist of Deloitte for example states that “Lawyers often don’t know what the technical possibilities are, and if they don’t ask for it, it often isn’t offered”. A similar situation is described by the respondent of the NFI, whom describes a case in which he and a few other technical people in a certain cooperation wanted to work together, and knew what to do, but as he states “the suits also have to agree”; which lead to several misunderstanding due to the “language gap”.

4.3 Best practices in digital forensics

It can thus be seen that several challenges that are generally identified in PPPs, also apply to PPPs in digital forensics. That leaves the question on what conditions would make PPPs successful in digital forensics in the Netherlands. The results are discussed following the three topics that Hagenaars and Bonnes (2014) describe: value, organisation and trust.

(23)

4.3.1. Value

Annex II shows that the most often mentioned topic within value is the importance of clear, shared goals and visions. Elements of clear, shared goals and visions have been mentioned by all of the respondents. First, incentives are described by the Senior Manager Cyber Risk Services of Deloitte, as perhaps “the most important aspect”. This is also described by the other respondent of Deloitte, whom states that when organisations develop something that can make their work easier, they are willing to help. The Senior Manager however remains critical, stating that an incentive needs to be more than “you are doing this for the greater good of your country”, and makes clear that “That does not mean they necessarily have to pay us for things, but also sharing information will help us to make the country safer”. Not only respondents from the private sector describe the importance of incentives; the respondent of the NFI describes a rough cooperation in which success was only reached “until all three of us got what we wanted”. He additionally states that concessions are necessary to make a PPPs work. Relating to that, the respondent of the police describes a cultural change within the police, in which the police takes on another role and has to accept that it might need to do some concessions, stating that “We also got to give way. It is not all just receiving, right”. Furthermore, the Senior Manager of Deloitte acknowledges that although money (will be discussed later on) plays a role in cooperation, “we often understand that there is a bigger stake at play”. The other respondent of Deloitte also describes – when asked what a cooperation should look like – “I think, if it is essential, that it will happen”. The NFI respondent also states that it is important that “Everyone does it for the same reason, and that that reason is urgent”, emphasizing that acknowledging the necessity of the cooperation is closely related to a shared vision. Lastly, the Senior Manager of Deloitte mentions that “The solution [to a problem] will not be found directly, but having a shared vision will be the start of it”. Additionally, the respondent of the NFI notices that with most successes “They go well if it is relatively clear what needs to happen, and if everyone has a sense of purpose”, showing the importance of clear goals.

Another element often mentioned is the focus on the first phase of cooperation, especially with regards to keeping a long-term focus and clarifying processes beforehand. The respondent of the polices states that when having found a topic of cooperation, some practical problems arise: “How are you going to organise that?”. This is also identified by the Discovery Senior Specialist of Deloitte whom states that at the start of a cooperation “…you should first identify what the problems are. So, what can we do, what can’t we.” and the respondent of the OM, whom states that identifying the possible hurdles “should be done at the start of a

(24)

24

cooperation trajectory”. Furthermore, several respondents describe that they usually aim for a long-term focus. The Senior Manager of Deloitte states: “We try to do things incidentally, but we are now looking at ‘how are we work together structurally’” and states regarding sustainable cooperation “I think that they are always the intention at the start”. Although he thus thinks the long-term focus is always the intention, he emphasizes that this long-term focus in the end often faces in several other challenges, such as lack of a budget and (closely related) lack of ownership, due to which most PPPs eventually collapse.

4.3.2 Organisation

Regarding organisation, Annex II shows that leadership, manpower and resources and knowledge, knowledge management and education come up multiple times during the interviews. Out of the 15 times leadership was mentioned, 12 were regarding the importance of an independent leader. When asked what PPPs should look like, the respondent of the University of Applied Sciences Leiden describes a situation in the United States in which an investigation was conducted by an independent party which “orchestrated everything, it was the director of the whole process”, and advocates for situations like these being discussed in The Netherlands. The Senior Manager Cyber Risk Services of Deloitte also mentions independent leadership several times, as he for example states that cybersecurity works the same as the Delta Works (Dutch system for protection against a rising sea level), and “you really need someone at government level to watch over all the parties and says: we are going to make one agenda, these are going to be the important topics the next five years, this will be our focus. (…) You need someone who manages that, and I think we can do better on that”.

Furthermore, resources, mostly of financial nature, are often mentioned when asked what really is necessary in a cooperation. The Senior Manager Cyber Risk Services of Deloitte for example states the following: “So eventually, anything you want to do structural and durable, it just needs money, whomever does it; the government or a commercial party or a university like the TU Delft now does the monitoring in the child pornography field.”. Although money is often brought forward as essential, the respondent of the University of Applied Sciences Leiden explains that costs should not be a barrier in forming a PPP: “There are also people saying ‘yeah but it’s really expensive’, but I think you should not underestimate how much money is being invested now in different cases.”, as he explains that available money can be invested more wisely. Not only money is named as a resource for PPPs, the respondent of the police describes a new building for the police, in which an area is completely designed for

(25)

having public-private sector meetings, which they hope will contribute to having more successful PPPs.

Lastly, knowledge, knowledge management and education were mentioned as an area that can see some growth and contribute to successful PPPs. Several of the respondents talked about education for a longer time, both stressing the importance of it and coming up with possible solutions to improve knowledge management and education. The respondent of the police for example explains that mixing the private and public sector can improve cooperation:

“…you see the phenomenon happening that people from the private sector go to the police or vice versa, or from the intelligence services to the police or vice versa. And I always find it sad when someone leaves, but I also find it nice when someone from the private sector comes here, because that person takes part of their knowledge and network with them. That is what we like, because it makes the cooperation easier. That is a side effect of hiring people from the private sector. It also has to do with us hiring from the University of Applied Sciences, because there is a lot of interaction in that group. So that definitely helps…”

He also states the police is focussing more on people with higher educational backgrounds (HBO and WO), because “they slowly give that boost to look differently at the work, to find different solutions”. Mixing the private and public sector is also described by the Senior Manager Cyber Risk Services of Deloitte, whom describes the benefits of people having experience in both sectors, and advocates a – sort of – exchange program for trainees:

“There are almost twenty cyber-trainees at the government, and a lot of them were at the conference [PPPs conference September 2019], and when I heard that I walked up to their manager, introduced myself and said ‘why don’t you let them go around the private sector for half a year too?’. Because it is super nice for them to sit in the ‘governmental bubble’, and also very good to see all the departments, but I think it is also important that they see the cybersecurity industry from the inside for half a year, if you really want PPPs. (…) We, and I think also other private organisations, would love to join such a traineeship, and also have our people go to the government for half a year. So if we can put someone with the government for half a year, and in return we get someone that joins us for half a year, that would be a relatively simple construction that would lead to more understanding on both sides, and greater networks.”

It does not however stop there, according to the respondent of the University of Applied Sciences Leiden. It is important to keep learning during your life, as he states the following:

(26)

26

“So, we educate people, but what you also see is: developments go insanely fast, so professionals that are now working, for example at the police or EY, they also need extra trainings. So that is what we as a University of Applied Sciences do: how can we bring to practice the ‘learning your whole life’ for digital forensics expert. Because in that area developments are going superfast. Once you have graduated, a year later the world has completely changed.”

4.3.3 Trust

The third and last element of success factors in PPPs is trust. Annex II shows that short, informal lines, trust, understanding and respect, and dynamic and adaptive cooperation is most desired by the respondents.

Relating education to short, informal lines, the respondent of the police states that people from higher education “are not held back anymore, they are more like ‘I am going to the university because I think there’s a team there that can help me’”, which according to him improves communication and finding the right people. When asked what would be the ideal scenario in PPPs, the Discovery Senior Specialist of Deloitte also states “… that you are in direct contact with people that have the knowledge over there”. The respondent of the NFI even states that personal contacts was what in the end solved several issues he was experiencing during a cooperation.

Next to short, informal lines, trust, understanding and respect is brought by three respondents as very important to successful PPPs. The respondent of the OM for example estimates the following:

“I think that the more insight and understanding there is of what happens on the other side, if you know more about each other in terms of ‘what is the organisation like, what are their stakes”, from us to private companies and from private companies to us, as you get more insight and have no judgement on it, but just respect it for what it is, cooperating in general works just fine.”

This is also described by the respondent of the police, whom states “Yeah, you know, it also has to do with trust. And the role of the account manager is creating trust. (…) It is a cultural change, it is trust, from two sides. The private sector needs to trust us, and we need to trust the private sector that they work with the same interests”. From the private sector, the Senior Manager Cyber Risk Services also describes that people need to trust each other, know each other, before for example information sharing would run smoothly.

(27)

Lastly, being dynamic in the collaboration is put forward by almost all respondents. The respondent of the police explains that especially in digital forensics, it is important to keep an open mind:

“Yeah look, because this area is fully developing, and that will stay the same for the coming years, if you write a vision or plan, when your ink has dried the world around has already changed, so that means adapting your plan again. So the context of the story is ‘we are going to work, and whilst working we learn, and we’ll see what we run into’. That freedom has been given to the teams, to become a self-learning organisation in their own phenomenon that they discussed with each other.”

This is also described in an example given by the respondent of the NFI, in which “people in the hall in the end were like ‘okay, you know what, we’ll all defend within our organisations that we’re going to do this, and meanwhile, while we’re working on it, we’ll find out the specifics’”. This approach is also preferred by the Discovery Senior Specialist of Deloitte, whom prefers less specific assignments “because you can always come back to it”.

(28)

28

5. Discussion

5.1 Answer Research Questions

By analysing existing literature on PPPs and conducting interviews with experts in the digital forensics field, this research aimed to answer the following research question: ‘How can PPPs be successful in the digital forensics field in The Netherlands?’. In order to answer this

question, two sub questions were formed that collaboratively answer the main research question: ‘To what extent are the challenges of PPPs recognized in digital forensics in The Netherlands?’ and ‘What are the conditions for PPPs to be successful in digital forensics in The Netherlands?’. Both questions will be answered here, and will be discussed in light of the literature on PPPs. Furthermore, the limitations of this research will be addressed, and

recommendations for future research will be done.

5.1.1 Challenges of PPPs

The first sub-question addressed is the question ‘To what extent are the challenges of PPPs recognized by people working in digital forensics in the Netherlands?’. The results of this research show that most of the most common challenges in PPPs are also experienced by the respondents. Especially ideological splits and operational issues are put forward as challenges that are often the cause of cooperation failing. Respondents explain that the main challenge in ideological splits is the economic stake of the private sector, versus serving “the public good” of the public sector. From both sectors they acknowledge that although everyone would like to help make the world a better place, in the end the private sector does expect something in return for the efforts they put in. These ideological splits thus match the general ideological splits experienced in PPPs. The inability to overcome the differences between the ideology of the public sector serving the public good, and the economic goals of the private sector create hurdles that can lead to a cooperation falling apart.

Regarding operational issues, the respondents state that the challenge often entails balancing sharing information versus obeying laws and regulations. Several respondents mentioned that they are not allowed to or do not want to share information with private organisations, as they are afraid these will infringe on certain privacy regulations. This coincides with the literature on challenges in PPPs, as Hodge and Greve (2017) found that privacy regulations can form a barrier in cooperation.

Additionally, a third and new challenge was mentioned by some of the respondents, that deserves some attention. Several of the respondents described a situation within digital

(29)

forensics in which a “language barrier” arose. Some of them, mostly the ones with a more technical background, experienced situations in which they felt misunderstood by people on a more managerial position (the “suits”). The people with a technical background “speak” a technical language, whereas managerial people “speak” a more procedural language. Several examples were given in which the needs and means were not addressed or understood properly, as they did not understand each other. This can cause problems in cooperation, as it is important that leadership and commitment occurs both vertical ánd horizontal.

Although a solution would be to put people with a technical background in more managerial places, due to the lack of expert personnel and the rapid development of this field described earlier in this research, that is not always feasible. A possibly interesting solution to this problem could therefore perhaps be seen in one of the examples brought forward by the respondent of the NFI. He provided an example of another team within the NFI (team Forensic Big Data Analysis) in which there are two project managers whom both dedicate half of their time to being project managers, and half of their time to still perform technical work. This way, they form the bridge between technical and procedural processes, as well as keeping their own technical expertise up to date. In future research into PPPs in digital forensics – or even PPPs with a technical component in general – this strategy can be further looked at, and perhaps contribute to how PPPs can be successful in PPPs in digital forensics.

5.1.2 Conditions for PPPs to be successful

Having identified the challenges that are recognized in digital forensics in the Netherlands, the second sub-question can be answered: ‘What are the conditions for PPPs to be successful in digital forensics in the Netherlands?’. The results show that several conditions were mentioned that most or all of the respondents deemed important or necessary for PPPs to be successful in digital forensics. The first and most often described condition is the importance of having clear, shared goals and visions. Within this, almost all indicators were equally important. However, most respondents describe situations in which the necessity of the project was acknowledged by all parties, but the cooperation ended due operational issues such as regulatory boundaries, or ideological issues such as not enough economic benefit. This does not mean acknowledging the necessity of a project is not important, moreover it is a first step to establishing a PPP. It does however emphasize that once this has been established, other factors such as incentives and concessions get a bigger role, as those are factors that more often lead to failure of a PPP, less so a conflict in necessity of a project.

(30)

30

Also relating to the value of a PPP, keeping a long-term focus was often mentioned by the respondents, although their opinions on it somewhat differ. Some acknowledge the necessity of keeping a long-term focus to ensure the continuation of the PPP, but some degree of scepticism arose during the interviews, that leads to question whether a project should have a long-term focus from the start. The respondents state that a long-term PPP often is the aim, but it also presents budgetary problems and can lead to failure of commitment, as sometimes no short-term results are booked. Furthermore, one of the respondents wonders whether the long-term focus should be there from the start, or if it should slowly grow as the PPP progresses. Nevertheless, almost all scientific literature points to the importance of keeping a long-term focus in PPPs. It one of the characteristics of PPPs that distinguishes them from partnerships that involve ‘contracting-out’ services (Hodge & Greve, 2017). Some discussion can thus be seen between what the scientific literature deems important or essential for PPPs, and what the respondents prefer in the cooperation. Further research should provide more clarity on this topic.

The second element that presented several conditions for PPPs to be successful, is the organisation of the PPP. Several respondents stated that independent leadership, sufficient resources and knowledge management would be necessary for them to make a PPP successful. The need for an independent party/leader to oversee the process was often mentioned as key in keeping the cooperation well-organised. Although some literature such as that of Hagenaars and Bonnes (2014) mention the importance of independent leadership, research like that of Bovaird (2004) describe that joint management should occur in a PPP. This however does not necessarily infringe on each other, as an independent leader can be assigned to oversee the process, but in the end the managing decisions will remain shared.

Additionally, sufficient resources (mostly financial) must be allocated to the PPPs in order to make it succeed. The respondent of Deloitte mentions that with goodwill, a PPP can come far, but it the end budget is important to keep the PPP going. Finding funding for such a project proves to be hard, as providing for a budget can soon lead to a contracting-out situation rather than a PPP. As Bovaird (2004) states that all organisations involved should share risks, this would mean that organisations should be willing to take financial risks as well, as it cannot be put on one organisation. This is also closely related to the element of leadership, as shared leadership often results in shared risks and vice versa. It would therefore be interesting to look at these two elements in close relation when arranging a PPP.

Lastly, an aspect that was deemed crucial in the organisation of PPPs by some respondents was knowledge management and education, and the relation between the two. Not

(31)

only was this described as crucial for PPPs to be successful, several of the respondents described a similar situation that they preferred and think would contribute immensely to creating successful PPPs: exchanging personnel between the public and private sector. Not only do they bring their expertise and network with them to the other sector, experiencing what it is like ‘on the other side’ can contribute to a better understanding both sectors and therefore bridge some of the ideological splits that sometimes occur as a challenge for PPPs. As exchanging personnel on a regular basis might seem hard, the proposal mentioned by the Senior Manager Cyber Risk Services of Deloitte – offering traineeships together or exchanging trainees – might be interesting to discover as it would serve as a low-level start. Although there is no scientific basis yet that this will work, future research would benefit from looking at this solution as possibility for making PPPs more successful.

Lastly, the element of trust and understanding one another seems to be of big importance. This includes creating short, informal lines. These mostly seem to focus on overcoming the ideological challenges. One respondent for examples states that they need to trust each other to work with the same interests. Contrarily, another respondent states that they have to learn to understand and accept each other’s differences, and that way come together. Understanding each other would also overcome the ideological splits that most respondents experienced.

Combining the answers on both sub-questions, it can be stated that a PPP can be successful when attention is devoted to stating clear, shared goals and visions, (independent) leadership and devotion of sufficient resources, improving knowledge management and education and focussing on establishing trust and understanding between the organisations to overcome challenges such as ideological splits and operational issues. This way, a first step can be made towards creating value for all organisations involved, a well-organised PPP that follows the lines of judicial aspects, and the establishment of trust between the organisations.

5.2 Limitations and Future Research

Although an attempt was made to made this research as reliable and valid as possible, several limitations arise that could have been of influence on the outcome. First, due to the time frame in which this research had to be conducted, the number of interviews conducted is quite limited. By interviewing at least one person from the main actors (as described in Chapter 3), the attempt was made to provide an as complete as possible picture of the sector. The results however show that on several topics such as the challenges PPPs pose, limited information was provided by

Public-private partnerships: the road to success