Working towards an effective oversight of intelligence sharing: Forming an efficacy assessment of intelligence sharing within the Dutch context.

(1)

9-6-2019

Working towards

an effective

oversight of

intelligence

sharing

Forming an efficacy assessment

of intelligence sharing within the

Dutch context.

By Max Houtzagers (student number:

s1569473).

Master thesis Crisis and Security

Management

Leiden University- Faculty of Governance

and Global Affairs

Instructor: Giliam de Valk

Admission date: 9 June 2019

(2)

1

List of used abbreviations

AIVD: Algemene Inlichtingen- en Veiligheidsdienst

CTG: Counter Terrorism Group

CTIVD: Commissie van Toezicht op de Inlichtingen- en Veiligheidsdiensten

DPD: Data Protection Directive

ECHR: European convention on Human rights

EU: European Union

GCTF: Global Counter Terrorism Forum

GDPR: General Data Protection Regulation

ISS Act: Intelligence and Security Services Act

MIVD: Militaire Inlichtingen- en Veiligheidsdienst

SIGINT: Signals intelligence

(5)

4

Acknowledgements

I would like to use this opportunity to offer some words of gratitude to people that have supported me throughout the process of this master thesis. First of all, I would like to thank the AIVD for their cooperation in this research. Especially because of the sensitive nature of this subject. I thank the well-informed AIVD respondents, that have taken extensive time to answer my long list of questions. It was a very informative and educational experience to visit the AIVD for the first time and interview two respondents with such an extensive knowledge of intelligence. The offered insights have helped me extensively in answering my research question and forming conclusions.

Secondly, I would like to thank Matthijs Koot, who helped me to form one of the lenses that was used in the analysis, by sending an extensive list of resources and offering further help. I would also like to thank my thesis supervisor dr. Giliam de Valk, for all the inspirational conversations, helpful suggestions and offered enthusiasm and support. Because of our many meetings, the research became enjoyable for me and my interest for the topic grew by the day. Finally, I owe a great deal of gratitude towards my parents, that have offered their help and support throughout this inspiring journey. This has kept me motivated and has raised my confidence in finishing this thesis.

(6)

5

1. Introduction

Since the end of the Cold War, global developments have resulted in a world of intelligence that has become more important and complex. The collapse of the Warsaw pact and the demise of the threat posed by the Soviet Union have led to greater competiveness amongst former Western allies and their intelligence agencies. At the same time, a new strategic threat has emerged in the form of terrorism. This is a threat that “operates virtually irrespective of nationality and national borders” (Lander, 2010: 482). It poses major challenges to intelligence services and is one of the multiple global developments that have made international intelligence collaboration of key importance.

Intelligence cooperation on a bilateral and multilateral basis has quickly developed since this time. The terrorist attacks that took place on 11 September 2001 caused a new shift in the world of intelligence. After 9/11, the role of the American intelligence agencies was heavily criticized and reforms were demanded by the public. Post-9/11 analysis, including the 9/11 Report, concluded that a failure of intelligence sharing amongst local agencies had taken place. It is short-sighted to look at 9/11 as being a local intelligence failure, it was a failure in intelligence cooperation on a global level. Security threats have rapidly evolved and are increasingly becoming transnational in nature. In order to counter these transnational threats, an effective response must be of an equally transnational nature. According to Tuzuner, countering efforts that only take place on the national level, as was the case in the 9/11 attacks, are insufficient and ineffective (Tuzuner, 2010: 5).

The transnational nature of terrorist organizations implies that the detection, disruption and elimination can only be done successfully with a global approach. After 9/11, more enhanced liaison relationships with none Western, particularly Middle Eastern and Central Asian, were initiated. Already existing liaison relationships took a more operational turn. For these intelligence ‘networks’ to be successful, trust and confidence are vital components (Lefebvre, 2003: 527-528).

In order to counter threats that are of a transnational nature, international cooperation is key. Not only terrorism forms a transnational threat, other examples are drugs and people smuggling, organised international crime and the possible acquisition of weapons of mass destruction. Another development that has resulted in increased cooperation is the evolution in technology and information systems. It has made mass surveillance possible and has intensified the exchanges of data between intelligence agencies (O’Connell, 2004).

(7)

6

Freedoms and rights of individuals can be breached in the name of national security. In a democracy, it is of major importance to uphold the rule of law and protect civil rights. In order to prevent power abuse and breakings of the law, clear accountability and coordination mechanisms need to be present (Leigh & Johnson, 2005).

Due to increased cooperation and technological advancement, the data exchange between security and intelligence services is quickly intensifying. Because of the high number of data exchanges that take place, this makes it hard to assess the quality and legitimacy of each of these exchanges. In addition, assessing the system and framework for data exchange and the presence and functioning of safeguards regarding the protection of fundamental rights is of major importance (Koot, 2018).

Developing new assessment methods that facilitate an effective oversight, has become increasingly important. This helps in improving oversight of data exchange and limiting the risk of an oversight gap (Koot, 2018). A major problem that can arise when an oversight gap is present, is the eruption of ethical challenges. Complex and varied ethical issues can arise in the sharing of intelligence on a national and international level. According to Manjikian, a way of dealing with these challenges is by creating clear legal limits (Manjikian, 2015: 692-695). Legal oversight is needed in order to assess whether the legal limits are met by the intelligence agencies in exchanging data. Effective oversight contains more than testing the legal limits, because this often fails to consider the reality that intelligence professionals are dealing with. This results in an oversight gap. The question is whether a new approach can help to realise a more effective oversight.

1.1 Dutch context

Within the Dutch context, the Intelligence and Security Services Act describes the tasks and responsibilities of the intelligence services and its legal limits. This Intelligence and Security Services Act has been renewed in 2017. Since then, three reports have been published by the CTIVD on data exchange by the AIVD. These are the following:

(8)

7

Title Author Date

Toezichtsrapport nr. 56: De multilaterale gegevensuiwisseling door de AIVD over vermeende jihadisten

CTIVD 7 February 2018

Toezichtsrapport nr. 57: De

gegevensverstrekking door de AIVD binnen Nederland over (vermeende) jihadisten

CTIVD 13 March 2018

Toezichtsrapport nr. 60: De wegingsnotities van de AIVD en de MIVD voor de internationale samenwerking met de Counter Terrorism Group- en sigint- partners

CTIVD 21 December 2018

Introducing a new Intelligence Act was needed in order to deal with increased and new forms of danger such as espionage and cyber. The intelligence and Security Services Act provides the AIVD with tools in the protection of national security and democratic order (AIVD, 2018).

The independent Review Committee on the Intelligence and Security Services (CTIVD), is responsible for keeping oversight on the work done by the Dutch intelligence agencies and it assesses the legality of their actions. The committee has access to all information and publishes their investigations in the form of reports. Also, the minister of the Interior and Kingdom Relations has been made accountable to parliament. Citizens can file a complaint at the independent DTIVD or demand judgement by a judge (AIVD, 2019).

Three rapports were recently published by the CTIVD, in which the lawfulness of the exchange of intelligence by the Dutch intelligence agencies AIVD and MIVD was heavily criticized. Risks before deciding to cooperate with foreign agencies are not always assessed properly and the reliability of information is not well estimated (CTIVD, 2019).

In finding intelligence cooperation and the sharing of intelligence, the Dutch AIVD has not acted in a lawful manner on multiple occasions, according to the latest reports written by the CTIVD. The Intelligence and Security Services Act describes multiple legal requirements when it comes to intelligence cooperation and data exchange by the Dutch intelligence agencies that the intelligence agencies need to adhere by. Meeting the legal limits has been problematic for the AIVD in national and international data exchange and forming intelligence cooperation.

(9)

8

The CTIVD analysed the process of multilateral intelligence cooperation and data exchange and the extent to which this was in accordance with the legal limits. The CTIVD has found multiple occasions in which the AIVD acted in an unlawful manner. This brings negative implications for the quality and legitimacy of the work done by the AIVD and their exchange of intelligence.

1.2 Main research question and sub questions

The practice of exchanging intelligence by the Dutch AIVD will be investigated further in this thesis process. The three latest reports on this subject form the basic framework for this research. The CTIVD aims only to measure the lawfulness of this data exchange which resulted in critical conclusions. In this research, a different angle is taken in order to examine if a different approach would lead to other outcomes.

Instead of only testing the lawfulness of the data exchange, we try to measure the efficacy of data exchange by the AIVD. In order to do this, three lenses are employed that will be further explained in the conceptualization part of this thesis. The first lens is the protection of personal data. The system of data exchange needs to provide adequate safeguards for the protection of the individual, considering the level of protection provided by the Dutch Constitution, the European Convention on Human rights and the ISS act. Is the personal data of individuals well enough protected when cooperation is formed and how can this be improved? The second lens is formed by the intelligence cooperation optimum. This is a model of intelligence cooperation that aims to provide an instrument in order to analyse the drivers of intelligence cooperation. What are the potential costs and benefits of cooperation and how are these evaluated in practice by the states involved? The third lens is formed by the correspondence between the rules established within the law and the daily practice. To what extent do the legal requirements stated within the Intelligence and Security Services Act align with the daily reality and tensions that intelligence professionals must deal with? The purpose of asking this question is to find out whether the rules established within the ISS act fit the work practices. The question can be asked whether it is realistic to always work in a lawful manner, focussing on the main goal of maintaining national security.

These three lenses stem from earlier research into intelligence cooperation, the legality of intelligence cooperation and its effectiveness. Together, these three lenses can help to explain and analyse the stated tensions by the CTIVD. A method of content analysis will be applied to

(10)

9

the CTIVD reports and an interview is held with respondents at the AIVD that know more about the daily practice.

This leads to the following research question: To what extent can the ascertained tensions with lawfulness by the CTIVD, in the sharing of intelligence by the AIVD, be interpreted through the lens of protection of personal data, the intelligence cooperation optimum and ability to apply the law in practice?

This question will be answered by answering the following sub questions:

1. What is intelligence and what does the concept exactly entail?

2. How can the lenses of protection of personal data, intelligence-cooperation optimum and the correspondence between the rules established within the law and the daily practice, be operationalised?

3. How can the lenses of protection of personal data, intelligence cooperation optimum and the correspondence between the rules established within the law and the daily practice be applied, within the Dutch context when looking at the CTIVD reports? 4. What tensions with lawfulness in the sharing of intelligence by the AIVD were

ascertained by the CTIVD?

5. What efficacy assessment, of the sharing of intelligence by the AIVD, can be made by applying the lenses of protection of personal data, intelligence cooperation optimum and the correspondence between the rules established within the law and the daily practice? 6. How can the lawfulness assessment by the CTIVD and the efficacy assessment of this

research, of intelligence sharing by the AIVD, be compared and does it lead to new insights regarding intelligence oversight?

The sub questions will be answered in the following order, that has been chosen by the researcher. Sub question 1 and 2 will be addressed in the theoretical framework in chapter 1 and 2. The answer to question 3 will follow in the research design in chapter 3. In order to answer question 4, 5 and 6, a content analysis is applied and interview results are used. This follows in chapter 4. All sub questions and the main research question will again be answered in the conclusion of this thesis in chapter 5.

1.3 Societal and academic relevance

The system of multilateral data exchange and intelligence cooperation needs guarantees to protect personal data considering the level of protection that is provided by the Dutch

(11)

10

constitution, the European Convention on Human Rights and the ISS Act of 2002 and 2017. Based on the reported results the protection is currently insufficient. For example, when we look at the first analysed document: review report number 56. The CTIVD concluded in this report that privacy of Dutch citizens is insufficiently protected by the AIVD. It came to this conclusion following two ascertained forms of unlawfulness, no assessment of risk is made before cooperation and the reliability of exchanged intelligence is not clarified (CTIVD, 2018: 37).

What factors result in this insufficient execution, is of major importance to society. By analysing the finding through other lenses, different results could be measured. This could lead to other conclusions regarding the intelligence sharing by the AIVD. Especially when it comes to the protection of personal data. Currently an oversight gap exists within the Dutch context because only the achievement of legal limits by the intelligence agencies gets reviewed, instead of considering the reality that intelligence professionals are dealing with as well. By turning the lawfulness assessment into one of efficacy, different results could help to take away the negative view on intelligence sharing by the AIVD that currently exists following the reports by the CTIVD. It could also validate and alter these conclusions.

This research is also relevant to the academic community. It is well known within the academic community that intelligence cooperation and sharing of intelligence is needed in order to counter new emerging transnational threats. Also, it is known within the academic community that this can create legal tensions and ethical and complicity issues. However, by changing the perspective and analysing the results through other lenses, this could lead to different conclusions. Currently, the idea exists within the academic community that establishing clear legal limits and abiding by these limits is the way to conduct intelligence oversight. This research could show that this form of oversight is ineffective and other approaches need to be developed that also take other factors into account.

(12)

11

2. Theoretical framework

In this chapter, the efficacy measurement of data exchange will be introduced. In order to do this, a general introduction to academic field of intelligence will first be given after which the body of knowledge on intelligence cooperation and intelligence sharing will be described. After the three lenses of the efficacy measurement have been explicated, an operationalization of the elements of the measurement will take place. Sub question 1: what is intelligence and what does the concept exactly entail and sub question 2: how can the lenses of protection of personal data, intelligence-cooperation optimum and the correspondence between the rules established within the law and the daily practice, be operationalised, are answered in the process of this chapter.

2.1 General introduction to the field of intelligence

The world of intelligence has shifted significantly over the last decades, since the end of the Cold War. It has entered a new era in which globalization and technological advancement has created new strategic threats and opportunities. Besides national security threats, transnational security threats have emerged. An example of a threat that is border- crossing, is terrorism, but also environmental degradation and cybersecurity. To counter transnational threats, more actors are involved in the intelligence process and other methods are employed (O’Connell, 2004).

It is important to clarify what the concept of intelligence means and what it exactly entails. An overabundance of contested definitions of intelligence exists at the broadest level. Most definitions explain the secretive forms of intelligence, the methods used in intelligence collection, the purposes of intelligence collection, the consumers of intelligence and the intelligence cycle. A distinction between domestic and foreign intelligence is blurred in today’s world of intelligence, due to the transnational nature of many security threats (Randol, 2009:1). Walsh defines intelligence as ‘the collection, protection and analysis of both publicly available and secret information” (Walsh, 2009: 5). Another, more broad definition is used by Randol, “intelligence is knowledge, organization and activity” with the purpose of “establishing where the danger lies” (Randol, 2009: 3).

Intelligence can be done clandestinely; in this case the intelligence community collects information in a secretive manner which can include a wide variety of technical means and human resources. It can also be done overtly, open-source intelligence is then collected through sources that are available and open to the general public. Examples of openly available

(13)

12

information include television, internet and the press for example. Intelligence gathering can take proactive and reactive forms, it is used to maintain national security and prevent terrorist attacks, but it can also be used as evidence in order to support prosecution (Randol, 2009: 2).

The main subject of research is the AIVD, which forms a security agency. Security agencies are defensive and their main task is to recognize threats for national security in a timely manner. Therefore, the definition used in the process of this paper is the definition used by security services, based on domestic intelligence and protection of the legal order. “Intelligence is the result of reflexive knowledge building for policymaking regarding intentions of competing actors (Bakker, 2012: 18). It consists of domestic intelligence, aimed at protection of the legal order and foreign intelligence, focused on other countries”. This definition is used in this thesis, because it provides a complete image of the concept of intelligence, as used by a security agency. It recognizes intelligence as being the result of a process of knowledge building instead of an activity or physical object. Intelligence is employed in order to form policy and support decision-making. Intelligence has the aim of building knowledge regarding the intentions of competing actors. This explains why intelligence cannot be made publicly available. Lastly, it is important to realize that security agencies take part in two forms of intelligence. Security services take part in national as well as domestic intelligence, in order to protect the legal order and to build knowledge regarding the intentions of foreign actors. This is all aimed at executing their main task of recognizing threats for national security in a timely manner.

2.2 Literature review

In order to counter transnational security threats, a minimal form of intelligence cooperation is required. Cooperation between intelligence services at the national and international level is a relatively neglected aspect within the study of intelligence. It is a field that “has not received

systematic study by either political scientists or historians”(Scott and Jackson, 2004: 161-162).

Useful contributions have been made by various authors on the reasons for intelligence cooperation, its potential advantages and its difficulties. Lefebvre gives an indication of the reasons for cooperation between intelligence agencies. Intelligence agencies do this in their own interest, because “no one agency can do and know everything” (Lefebvre, 2003: 534). It can fulfil identified gaps, reduce operational costs and replace diplomatic relations that are non-existent.

Despite the many advantages of cooperation within the sphere of intelligence, it has proven to be a delicate issue coming to effective partnerships. The main problem is a lack of trust that

(14)

13

often exists between intelligence agencies. Agencies tend to share information only when it is beneficial to themselves. In finding successful bilateral cooperation, finding a balance between what actors give and receive is of major importance. Other circumstances that make intelligence services more eager to share are the existence of personal relationships with other agencies and when there are clear conditions that are met and objectives that validate the exchange (Tuzuner, 2010: 24-25).

Numerous restraints on intelligence cooperation can also be named. Differences in perceptions of a threat can be problematic for example in finding a coordinated and effective approach. Another potential problem is differences in power distribution which can lead to unequal relationships that can negatively affect the nature and extent of intelligence cooperation (Lefebvre, 2003: 534-536). According to Walsh, the existence of hierarchy in the forming of international agreements is not problematic. Hierarchy helps states to build mutually beneficial partnerships and overcome their differences in finding cooperation (Walsh, 2009: 15-24).

The form of intelligence cooperation that is central to this research, is intelligence sharing. Intelligence sharing is the ability to share and exchange knowledge, data and information amongst international and national entities. Borderless intelligence sharing is needed in order to deal with borderless terrorism and other transnational threats (Bureš, 2018, 57). Information and data are collected and exchanged amongst national and international agencies. It delivers the benefits to the participating states in obtaining better or more intelligence. Intelligence sharing brings benefits that states seek, but also leads to risks and barriers that need to be dealt with (Walsh, 2009: 1-15).

There are multiple main drivers behind successful intelligence sharing. One is named by Walsh, which is the development of institutions and practices that provide more information regarding compliance with the rules. Fagersten names three additional drivers for cooperation: Internal demand, external pressure and cooperative momentum (Walsh, 2009: 1-15).

Intelligence agencies such as the AIVD take part in intelligence sharing for multiple reasons. When information is shared it naturally grows into an organic, evolving body of knowledge that will in turn lead to further knowledge. Sharing also allows countries to make use of each other varied skills when it comes to gathering and analysing information. Some countries might be better in gathering technology-based technology for example, while others have a superiority in human intelligence. By cooperating in this manner, not only more information is gathered, but more knowledge and know-how in the management of information is shared (Tuzuner, 2010: 1-3).

(15)

14

Intelligence sharing also bring risks to intelligence agencies. When deciding to share information with other agencies in order to maintain national security, advantages need to be assessed against risks. There are multiple different risks and potential costs when it comes to intelligence sharing. These risks involve compromising intelligence methods and sources, losing the independence when it comes to foreign policy and losing international reputation (Richelson, 1990: 307). Nations might provide intelligence in order to gain political sanctions from the partner or avoid sanctions. Participating in intelligence cooperation can drag a country into unnecessary intelligence operations of which they gain no benefits. Furthermore, when the details behind the sharing of intelligence become available to the public, there is the risk of embarrassment and a loss of legitimacy amongst citizens (Lefebvre, 2003: 542).

Legal issues and a poor human rights record of an intelligence partner can also negatively impact the relationship. The available legal limits can impose major conditions on the arrangements. One major factor that makes countries unwilling to take part in intelligence sharing is the fear that the exchanged intelligence will be compromised and sent to other parties or that it is used for a different, unintended purpose (Lefebvre, 2003: 534-536). The Intelligence and Security Services Act imposes conditions on intelligence cooperation and data exchange. Human rights of a prospective partner must be assessed before making arrangements and the applicable laws have to be respected in the process of the cooperation.

2.3 Conceptualization & operationalisation

2.3.1 Conceptualisation lens 1

The intelligence sharing of the AIVD is analysed by introducing three lenses that can lead towards an assessment of efficacy. Firstly, there is the lens of protection of personal data. The EU considers data privacy as a fundamental right for EU citizens. Regarding this fundamental right on data privacy, four main legal principles are provided to EU citizens by Article 8 of The EU’s Charter of Fundamental Rights. Citizens have the right to protection of personal data, fair data processing, access and rectification of collected data and compliance of data protection laws. The General Data Protection Regulation (GDPR) has been fully implemented in 2018, granting extensive protection rights and data privacy to EU citizens. It replaced and built upon the Data Protection Directive (DPD) which was established in 19995. It was established in order to protect individuals regarding the processing of personal data and the free movement of this

(16)

15

data. Each member state could determine in a more precise manner the conditions of lawful processing of personal data. The authority of the directive was limited to setting minimum standards. The GDPR prescribes a uniform standard of regulation. The intent of GDPR has been to make data processing easier by establishing uniform data protection and privacy standards (Humerick, 2018: 401-405).

The right to personal data protection is provided by article 8 of the Charter of Fundamental Rights of the EU. Every EU citizen has the right to the protection of data that is concerning them, this data must be processed in a fair manner and have a specified purpose, based on the law. Every citizen has the right to access collected data concerning them and has the right to rectify it. An independent authority controls compliance with these rules (FRA, 2019).

EU member states have a responsibility of protecting fundamental human rights of EU citizens. The right to privacy regarding the processing of personal data has been transposed into national legislation, however there is a certain amount of leeway in the execution (Bocaniala, 2012: 23-24). Breaches of the right to privacy can take place by activities of intelligence agencies, also within the Dutch context (Dielemans, 2018: 71). In case of serious infringements on the right of privacy, the European court of Human Rights has developed several legal guarantees that have to be implemented in national legislation in order to prevent power abuse. These are the following: a description of the situations in which the competences may be employed, a description of the category of persons on which the competences may be applied, a limitation of the term in which the competence may be exercised, a procedure for research, use and storage of collected data and warrants that need to be taken in mind when sharing data to third persons and the circumstances under which data gets deleted or destroyed. These warrants have been implemented within the new Intelligence and Security Services Act. The AIVD aims to achieve its main goal of maintaining national security while respecting the fundamental right on privacy of Dutch citizens (Dielemans, 2018: 75-76).

2.3.2 Operationalisation lens 1

There are four legal safeguards when it comes to the protection of fundamental rights within the Dutch context. The level of protection is provided by the Dutch constitution, the European convention on Human rights (ECHR) and the ISS Act of 2002 and 2017. The legal safeguards are the following: necessity, propriety, due care and reliability. Necessity means that the data exchange is necessary in order to reach the stated objectives. Three indicators can be named when it comes to the necessity of intelligence sharing. First, clear stated objectives have to be

(17)

16

included, a reasonable expectation as to which these are met and the degree to which this is substantiated. Secondly, A clear-cut definition is necessary showing what or who it is concerning. The third and final indicator is that the data should relate to the identified counter-terrorism targets.

The definition of propriety is the following: the importance of the interests of the data exchange is proportionate with the weight of interference with an individual’s fundamental rights. Two indicators can be distinguished. It includes the existence of safeguards that restrict the use of the provided data and the further distribution of data amongst third parties. Secondly, each target on which data is acquired and exchanged, needs to be of assigned a high level of priority.

Due care is regarding the accuracy and correct reproduction of the data. The following indicator can be named: in the procedure of processing and exchanging data, measures should be incorporated that stimulate the complete and accurate reproduction of the data. Reliability concerns the correctness and verification of the data and to what extent this is identified. The first indicator is that the degree of reliability needs to be indicated when information is derived from another organisation. The second and final indicator is that the acquired data needs to be protected against unauthorised data processing, data corruption and data loss.

2.3.3 Conceptualisation lens 2

The second lens is formed by the intelligence cooperation optimum. This optimum is based on the Fagersten model, which provides a framework for analysing multilateral intelligence cooperation, including the main interests and drivers for cooperation. According to Fagersten, states establish and develop multilateral intelligence cooperation based on four core interests, intelligence gains, policy gains, safeguarding sovereignty and minimizing risk. States can take part in intelligence cooperation with the goal of enhancing their intelligence capacity. Cooperation with other states is a way of securing their ‘home’ territory and projecting power abroad in order to enhance their intelligence capacity (Fagersten, 2012: 10-11). States can also be motivated by achieving policy gains. In this case, states are motivated by what the specific cooperation means to the institution and what can be achieved (Fagersten, 2012: 11). Intelligence cooperation can come at the cost of losing part of the authority over a state’s territory (Fagersten, 2012: 12). Avoiding risks is also a major interest of states taking part in intelligence cooperation. “Risk can be defined as a product of the probability and consequences of a disclosure of a country’s methods, sources or other secrets that are vital for national security” (Fagersten, 2012: 12). Risk can be mitigated when trust exists amongst actors.

(18)

17

The model also names three sets of drivers behind intelligence cooperation between the states involved: Internal demand, external pressure and cooperative momentum. Internal demand means that reasons for cooperation can be found within a cooperating state. Several internal demands can be distinguished. First, there is the perceived national functions needs. States are unwilling or unable to address a domestic issue on a unilateral basis and therefore try to increase the intelligence and policy gains that are available. Perceived common functional needs can also be a driver behind intelligence cooperation. “The argument here is that intelligence cooperation has been developed to cater for common needs that have become evident due to more general developments within the EU” (Fagersten, 2012: 17). A third internal driver is formed by specialization, more cost-efficient solutions can be achieved when states work together (Fagersten, 2012: 16-18). Reasons for cooperation can also be found outside of the state boundaries. States can take part in cooperation in order to balance its allies when a change in intelligence power changes on a global scale. Increasing intelligence capabilities can also be done to balance against a threat (Fagersten, 2012: 18-19). Cooperative momentum forms the

third and final driver. “Cooperative dynamics builds on the idea that cooperation originates from

the cooperative process itself” (Fagersten, 2012: 19). Intelligence cooperation can be found to build trust amongst actors. The second external driver is formed by institutional dynamic. A cooperative structure can drive states to cooperate. (Fagersten, 2012: 19-23). When core interests and drivers align, a cooperation optimum can be reached (Fagersten, 2012: 15-23).

2.3.4 Operationalization lens 2

In order to analyse the intelligence cooperation optimum, the interests and drivers behind intelligence cooperation are operationalised. The operationalisation is based on a master thesis written by Dieder de Vries. In this thesis, the Fagersten model was employed and operationalised in order to create a theoretical optimum for the analysis of intelligence cooperation and organizational intelligence (De Vries, 2019).

An indicator of the interest of intelligence gains is that agencies turn to each other to find cooperation, which can include a wide variety of actions. Another indicator could be that cooperation is found because of a need to secure the home territory. An indicator of the interest of policy gains is when agencies decide to cooperate with other agencies with the goal of strengthening their relationship. Two indicators can be named when it comes to safeguarding sovereignty. The first indicator is the extent to which an agency accepts its place in a cooperation structure, in which it cannot act independently. The second indicator is formed by

(19)

18

the degree to which agencies ask for or accept information from other agencies, when it comes to their own cases. An indicator of minimizing risk is the extent to which agencies agree to disseminate sensitive information that could lead to the compromising of their sources and methods.

Then there are three sets of drivers behind intelligence cooperation that need to align with the core interests in order to reach a cooperative optimum. The first set is formed by internal demand. A first indicator of internal demand is public attention. The public or politicians raised attention for a specific problem or threat through the media for example. Other indicators can also be named for internal demand. States are unable or unwilling to solve a problem on their own, it is part of another form of cooperation that already existed between agencies or finding cooperation is a way of achieving more cost-efficient solutions.

Then there is the second set of drivers, external pressure. The following indicators for this set of drivers could be named: changes in the international system, shifts in intelligence power on a global scale, between states or on a national scale. The existence of an external threat that needs a common approach is a last indicator of external pressure.

The third and final set of drivers is formed by the cooperative momentum. An indicator of this driver is that there is already a cooperative structure present that aids in finding further cooperation. An important driver that is part of the cooperative momentum is formed by trust building. An indicator of trust building can be that actors are taking risks by disclosing sources or methods for example. Other indicators can be the way in which actors prevent other actors from merely profiting without contributing or how actors deal with manipulation by other actors. Further indicators are centralisation of the cooperative institution, the amount of authority over the cooperative setting and the extent to which actions of individuals can change the cooperation.

2.3.5 Conceptualization lens 3

Then there is the ability to apply the law in practice. A renewed Dutch Intelligence and Security Services Act has been adopted in 2017. New developments such as the rise of the internet have come with new possibilities as well as dilemmas for the field of intelligence (Aerdts & de Valk, 2018: 283). One of the reasons behind the modernisation of the Intelligence and Security Services Act has been the aim of keeping up with technological developments, changing threats and changes in digital communication methods. The legal principles have been

(20)

19

renewed in order to conform to the daily practice of intelligence professionals (Hagens, 2018: 85).

New specific competencies have been attributed to the intelligence agencies with the introduction of the renewed Dutch Intelligence and Security Services Act. One of the most important new features of the intelligence law is regarding the interception according to research assignment. This has to do with the gathering of bulk information using cable interception. The regulations for bulk collection are made technology independent by applying them to both wireless communications as well as wired forms of communication. A framework of three stages has been introduced by the new law: Acquisition, preparation and processing. For each of the stages, the AIVD and MIVD need a prior authorisation from their minister. This authorization is valid for 12 months and has to be approved by the newly formed TIB commission (Toetsingscommissie Inzet Bevoegdheden).

The proposed oversight mechanisms can be criticized from a practical standpoint. First of all, making such clear distinctions in the intelligence process with separate authorizations is not realistic. Authorizations will often be combined and these stages are part of a continuous process. The three stages with prior authorisation have been presented as safeguards against power abuse, however they can make maintaining oversight a complicated process, which can lead to counterproductive results (Koop, 2019: 142). The layering and complexity of the new system with regards to reviewing, oversight and handling of complaints can form an obstacle in forming effective oversight (Hagens, 2018: 90). Other complaints are a lack of depth in reviewing, a deficiency in authorizations, a lack of contradiction within the procedure regarding the interests of citizens and a lack of transparency. Ineffective oversight can erupt because of inadequate warrants of the expanded authorities of the AIVD and MIVD (Hagens, 2018: 96-97).

2.3.6 Operationalization lens 3

The Dutch Intelligence and Security Services Act forms the main legal framework for the AIVD when it comes to finding cooperation with foreign agencies. The ISS Act contains a general duty of care regarding qualifying foreign agencies. Whether a foreign service qualifies for cooperation and exchange of data depends on cooperation criteria which are named within the new ISS Act.

These are the following: democratic embedding, respect for human rights, professionalism and reliability, legal authority and possibilities and the offered level of personal data protection. A

(21)

20

risk consideration must be made in order to decide whether an agency qualifies for cooperation. The new ISS act has created a legal obligation for the AIVD to make an estimation of the risks that come with the cooperation and under which circumstances their risks are acceptable. This assessment needs to be registered within a so called ‘wegingsnotitie’. This is an assessment that practically forms a written justification for the decision to find cooperation with a foreign service and of the way that this is put into practice. The assessment must be approved by the Minister of the Interior and Kingdom Relations, although the ISS Act provides possibilities to mandate this approval to the head of the service. It forms the legal foundation behind the cooperation. All cooperation partnerships of the AIVD need to have this legal foundation (Dielemans, 2018: 81-83).

When the AIVD subsequently provides data to a foreign agency in a concrete situation, two additional considerations must be made. The data exchange with the foreign agency has to take place within the limits that have been provided within the assessment. When this is not the case, this must be counterbalanced. The AIVD needs to lay down in writing the compelling operational interests which justify the data exchange. In addition to this, the Minister’s authorization is required in order to approve this exchange. Then there are the legal safeguards for the protection of fundamental rights: necessity, propriety, due care and reliability. These legal requirements are stated within the ISS act in order to protect the rights of individual citizens. The requirements apply both to the content and the form of the exchanged data. The data exchange needs to be necessary for a purpose that was previously established, it has to be substantiated by underlying information, it cannot result in a disproportional disadvantage and it needs to contain a reliability assessment or a reference to a source. Other cooperation criteria are also included regarding the cooperation itself. This includes the extent to which the cooperation serves tasks, performance or its desirability regarding international obligations. An assessment also needs to be made regarding the desirability of the cooperation in the context of Dutch foreign policy and the obligations that arise from the membership to international organisations. The AIVD is legally competent to exchange data with foreign agencies in the context of its own task performance or to promote the interests of the foreign agency. This includes evaluated and unevaluated data. The receiving party is legally not allowed to provide the information to third parties and all personal data must, in principle, be provided in writing (CTIVD, 2018: 11-15).

Also, on the national level, strict legal limits exist when it comes to data exchange. Personal data exchange needs to be done in a careful manner taking the legal safeguards for the protection

(22)

21

of fundamental rights into consideration. The AIVD can provide information when it meets the legal criteria of necessity and proportionality. There are four different ways in which the AIVD provides information to other governmental institutions regarding (alleged) jihadists: official messages, intelligence messages, open publications and oral consultation. When it comes to official messages, a so called ‘vergewischeck’ (information check) is carried out by the national public prosecutor. The national public prosecutor checks whether the text of the official message corresponds with the underlying information. The right to conduct this check is legally binding, governmental institutions that receive official messages from the AIVD have the legal possibility to request it when the AIVD agrees with it. From every official message, the reason why this information was exchanged needs to become clear and why it was of importance to national safety. Also, the legal criteria of proportionality need to be met and every official message needs to have an indication of the reliability of the information. Intelligence messages are aimed at informing recipients. It is legally not allowed that intelligence messages, that contain personal data, can lead to measures that influence the legal position of the concerning individual(s). When it comes to open publications, only the general legal requirements for data processing by the AIVD apply, necessity, propriety, due care and a source reference or an indication of reliability. The sharing of personal data in oral consultation can only take place in case of an emergency or when the nature of the data cannot lead to measures against the concerning person (CTIVD, 2018: 15-43).

These are the legal requirements that apply to the AIVD when sharing data with national and international institutions. Based on analysis of the CTIVD reports and the interview, a measurement will be made as to what extent these legal requirements are viable in practice and what factors are of influence to the result.

The three lenses are analysed through a content analysis of the CTIVD reports and an interview with experts at the AIVD. The analysis of the first lens, the protection of personal data, follows directly from the legal assessment that has already been done by the CTIVD. For applying the second lens, a method of close reading is employed in order to find out which interests and drivers behind intelligence cooperation are of importance to the AIVD. For applying the third lens, again a close reading of the CTIVD reports will be employed, but also the practical insights of the interviewed AIVD experts are of major importance.

This theoretical framework has an added value, because all three lenses have never been applied together in one research. Separately they have been applied, for example the intelligence-cooperation optimum was used before in the master thesis by Dieder de Vries. All three lenses

(23)

22

are important for the work done by the AIVD and can therefore give a complete analysis of the intelligence sharing that the AIVD takes part in. The AIVD must always pay attention to privacy and the protection of personal data, especially with the introduction of the new ISS Act. However, there are major interests and drivers at stake that can influence the way that cooperation is found and personal data is protected. The AIVD is dealing with a new ISS Act that must be put into practice, this results in practical problems and an increased workload. Therefore, applying the law in practice is not easy. Together, these three lenses can give an efficacy assessment of the intelligence sharing by the AIVD. This is of added value, because the CTIVD only gives a lawfulness assessment of the work done by the AIVD.

2.4 Chapter conclusion and answer to questions 1-2

In this chapter, an introduction to the academic field of intelligence was given, after which the body of knowledge on intelligence cooperation and sharing was described. Three lenses were acknowledged, that are employed as a theoretical model in this research. These are the following: the protection of personal data, the intelligence cooperation optimum and the ability to apply the law in practice. Together, the 3 lenses are employed in order to give an efficacy assessment regarding the intelligence sharing by the AIVD.

The first sub question, “what is intelligence and what does the concept exactly entail?’’, can be answered in the following manner. Many contested definitions of intelligence exist at the broadest level. The definition that is used in this thesis is the following: “Intelligence is the result of reflexive knowledge building for policymaking regarding intentions of competing actors (Bakker, 2012: 18). It consists of domestic intelligence, aimed at protection of the legal order and foreign intelligence, focused on foreign countries”.

The second sub question is concerning the operationalisation of the three lenses, “how can the lenses of protection of personal data, intelligence-cooperation optimum and the correspondence between the rules established within the law and the daily practice, be operationalised?” The following answer can be given. The first lens is protection of personal data, this lens is operationalised by taking a closer look at the four legal safeguards that exist when it comes to the protection of fundamental rights within the Dutch context. The level of protection is provided by the Dutch constitution, the European convention on Human rights (ECHR) and the ISS Act of 2002 and 2017. The following legal safeguards can be named: necessity, propriety, due care and reliability. The intelligence cooperation optimum is found when core interests and drivers behind intelligence cooperation align. This is operationalised

(24)

23

by specifying the indicators of the core interests: intelligence gains, policy gains, safeguarding sovereignty and minimizing risk and the three sets of drivers behind intelligence cooperation: Internal demand, external pressure and cooperative momentum. Then there is the third lens of applying the law in practice, it is operationalised by looking at the legal requirements stated within the new ISS Act and their viability in practice.

(25)

24

3. Research design

In this chapter, the research design is further explained in order to answer sub question 3: How can the lenses of protection of personal data, intelligence cooperation optimum and the correspondence between the rules established within the law and the daily practice, be applied within the Dutch context when looking at the CTIVD reports? The conceptual model is further explained, after which the research design is justified, the case selection, method of data collection and methods of data analysis are further explained. Lastly, the limitations of the research are assessed.

3.1 Explanation of the conceptual model

In this research, we aim to measure the efficacy of intelligence sharing by the AIVD using three different lenses. The relationship between the stated variables will be further addressed in order to conduct this research.

The dependent variable is the lawfulness of intelligence sharing. To what extent intelligence professionals comply with the rules established within the law, when sharing information with international agencies, can be dependent on multiple factors. When deciding to cooperate with other agencies and share intelligence, there are criteria established within the law that the AIVD needs to abide by.

Several independent variables can be named that influence the ability to act according to the rules established within the law. Firstly, there is the protection of personal data. When deciding to share information with other intelligence services, concerns over protection of personal data of citizens can form a major barrier. European citizens have the fundamental right on the protection of personal data.

A second independent variable is the theoretical optimum on intelligence cooperation. A cooperation optimum can be reached when core interests and drivers behind intelligence cooperation align.

The third and final independent variable is formed by the ability to apply the law in practice We try to measure weather or not the urgent nature of a security problem can cause tensions with conducting intelligence in a lawful manner.

(26)

25

3.2 Justification of the research design

A comparative case study design is chosen in order to conduct this research. “The comparative case study examines in rich detail the context and features of two or more instances of specific phenomena “(Campbell, 2010: 174). This methodology within social sciences makes it possible to make comparisons between different detailed cases and discover similarities or contrasts.

Using this research design is helpful in this research, because comparisons will be made between different instances of intelligence sharing that the AIVD took part in on the national and international level, based on the reports of the CTIVD. Similarities and differences between these cases are analysed and comparisons will be made. This makes the comparative case study a suitable research design.

3.3 Logic of case selection

The AIVD has been selected as an intelligence agency, based on three reports that were recently published by the CTIVD. The Dutch AIVD was heavily criticised in these reports for not implementing legal safeguards when it comes to data exchange and taking part in international intelligence cooperation. The AIVD has tasks and responsibilities of which the legal limits are described within the Intelligence and Security Services Act. Besides tasks and responsibilities, in this document it is made clear how supervision of the AIVD is organised. The Intelligence and Security Services Act has been renewed in 2017 and has come into force in May 2018 (AIVD, 2018). The new legal safeguards stated within the Intelligence and Security Services Act and recent published reports received much attention in the media and political arena. The AIVD would not work in a lawful manner when it comes to intelligence cooperation and the exchange of data. This research aims to find out if different results could have been measured if another approach is taken.

3.4 Method of data collection

Two forms of collecting data will be used in the process of this research. Firstly, desk research will be conducted. The intelligence sharing and cooperation rules established within the Intelligence and Security Services Act of 2002 and 2017 will be addressed. Existing data collected by the CTIVD, regarding the achieved lawfulness by the AIVD, will then be used as a starting point in this research. When desk research has been completed and more information is collected regarding the nature and practice of intelligence sharing within the Dutch context,

(27)

26

field research is the next step in this research. Semi-structured interviews are conducted with two well- informed employees of the AIVD, a coordinating policy officer and a legal expert. These respondents have taken part in this research on their own behalves, making use of their practical knowledge. However, as instructed by the respondents, the information that was provided cannot be considered as an official position of the AIVD.

A semi-structured way of interviewing is chosen as a way of collecting the data. It enables the researcher to connect the information that was found in the desk research and find out more about the relationship between the stated variables. Because of concerns of confidentiality, it is not possible to form a complete transcription of the interview. However, in annex 1 of this thesis, an introduction given by the interview respondents and the list of questions plus stated answers can be found. Quotes will be used throughout the research. Because most of the observations in this research will be indirect, this could have negative consequences for the validity and reliability of the research. There is a reliance on secondary source data (Bryman, 2012).

3.5 Assessment of limitations

The major limitation of this research is the fact that the research takes place within a field that is secretive and sensitive. Because intelligence is a field that is of major importance to national security, it is surrounded with secrecy. Only limited access is given to the researcher by the gatekeepers. This makes it difficult to form definite conclusions regarding the efficacy, based on publicly available reports and interviews with AIVD respondents.

In order to assess further limitations of this research, it is important to take a look at the validity and reliability. The reliability of a research gives more information to the reader regarding the degree to what the research can be replicated (Bryman, 2012). Several reliability limitations can be named in this proposed research. Replicating a semi-structured interview is rather complex. The answers of the respondent can depend on a lot of different factors. For example, the gender and personality of the interviewer and the place and time that the interview is taking place. By only using the same questions and including an interview transcript, the reliability can be improved.

Another factor for determining the quality of research is the validity. The internal validity shows the reader to what extent the researcher is measuring what he is supposed to be measuring. This decides to what degree there is a viable relationship between observations and theory. This internal validity could be problematic in this research. The dependent variable lawfulness of

(28)

27

intelligence sharing could be affected by the stated dependent variables. However, there are a lot of other variables that could influence the dependent variable in this research that are not named in this research. For example, work pressure amongst intelligence professionals could be a major factor affecting the way that intelligence is shared with other agencies. The external validity examines to what extent the research can be generalised. Because only one intelligence agency in one country will be researched, regional or global conclusions cannot be made. This will however be taken into consideration when making conclusions regarding the research question.

3.6 Chapter conclusion and answer to question 3

In this chapter, a closer look was given at the chosen research design, which is a comparative case study design. The third sub question was answered in this chapter, “how can the lenses of protection of personal data, intelligence cooperation optimum and the correspondence between the rules established within the law and the daily practice, be applied within the Dutch context when looking at the CTIVD reports?” The three lenses are applied by adopting two forms of data collection. Desk research is conducted in the form of a content analysis. Content analysis is applied to CTIVD reports 56,57 and 60, in order to form conclusions regarding the efficacy of intelligence sharing by the AIVD. Also, semi- structured interviews were taken with two experts at the AIVD, a coordinating staff member and part of management operations and a legal expert that was involved in the process of the CTIVD reports. Qualitative research methods have been chosen that make it able for the researcher to find out more about the relationship between the variables. However, because most of the observations are indirect, this could have negative consequences for the reliability and validity of the research. Another major limitation is the limited access that is given to the researcher, because of the secretive and sensitive context in which the research takes place.

(29)

28

4. Analysis CTIVD review reports & interview

A closer look is given at the CTIVD review reports: 56, 57 and 60. To provide the reader with a further insight into the content and nature of these reports, a short summary will first follow. Following the analysis of the reports, a comprehensive interview has taken place with two experts at the AIVD. An introduction to the interview will be given in paragraph two of this chapter.

Then the reports will separately be analysed by conducting a content analysis and analysing the interview. The three lenses will be applied. The lenses are the following: the protection of personal data, the intelligence cooperation optimum and the ability to apply the law in practice. An interview was also taken with two experts at the AIVD. Quotes from the interview are stated throughout the analysis in order to give a more complete answer to the research question.

This chapter aims to answer sub question 4: “What tensions with lawfulness in the sharing of intelligence by the AIVD were ascertained by the CTIVD?”, sub question 5: “What efficacy assessment, of the sharing of intelligence by the AIVD, can be made by applying the lenses of protection of personal data, intelligence cooperation optimum and the correspondence between the rules established within the law and the daily practice?” and sub question 6 “How can the lawfulness assessment by the CTIVD and the efficacy assessment of this research, of intelligence sharing by the AIVD, be compared and does it lead to new insights regarding intelligence oversight?”

4.1 Summary

4.1.1 CTIVD review report number 56

CTIVD review report number 56 was published in March 2018. The CTIVD did research on the multilateral exchange of personal data on (alleged) jihadists by the AIVD within the Counter-Terrorism Group (CTG) and within the framework of cooperation in the field of signals intelligence (sigint). The multilateral cooperation by the AIVD with foreign intelligence and security agencies has heavily increased in the past years. The CTIVD has investigated the legal foundation of certain forms of cooperation and has investigated how the multilateral cooperation in general is shaped and how it functions.

The CTIVD concludes that, as of the moment of investigation, insufficient safeguards for the protection of the individual exist when it comes to the exchange and processing of data within

(30)

29

the framework of multilateral cooperation. A joint responsibility exists, when it comes to multilateral cooperation, which leads to the joint retention and processing of personal data or the joint exercise of powers. According to the CTIVD, it is necessary that the cooperation services come together and decide which multilateral safeguards they will jointly establish when it comes to the protection of individual rights. There is a higher degree of data protection in the context of sigint cooperation.

The performing practice of personal data exchange by the AIVD has been measured up against the legal limits stated within the Intelligence and Security Services Act. The CTIVD concludes that the performing practice mostly stays within the limitations set by the legal requirements. However, two forms of structural unlawful conduct were found: a failure to make a risk assessment based on the legal criteria applicable to the cooperation with foreign services and an indication of the reliability of the data provided by the AIVD was missing. In order to prevent unlawful conduct from occurring in the future, the CTIVD makes recommendations aimed at creating additional safeguards. This makes better protection of individual rights possible and allows for more effective oversight.

CTIVD review report number 57 was published in April 2018. In this report, the national data flows from the AIVD on potential jihadists on the national level was investigated. In the context of national policy, the AIVD increasingly provides personal data to Dutch governmental institutions. Amongst others, this includes the public prosecution service, the police and local governments. This provision of data to governmental institutions takes place in the form of releasing official messages, intelligence messages and open publications. The CTIVD concludes that this data provision was necessary in the interest of national security.

In general, the AIVD has acted in a lawful manner when releasing official messages and intelligence messages regarding potential jihadists. However, the working practice of the AIVD when it comes to oral distribution and open publications was not carefully organised. Internal directives for oral distribution of personal data were lacking. Also, written agreements were missing, regarding the use and further distribution of personal data that was shared by the AIVD. The open publication. ‘Leven bij ISIS, de mythe ontrafeld’. was not realised in a careful manner. In drafting this publication, the AIVD has insufficiently taken the use of it by governmental institutions into account. The publication is aimed at informing other governmental institutions and giving them concrete handles in order to deal with violent

(31)

30

jihadism. However, this means that it must be realised in a very careful manner, which was not the case.

Furthermore, the CTIVD criticizes the way that the AIVD gives substance to its data exchange in practice. The official messages that the AIVD releases can lead to significant temporary measures taken by receiving governmental institutions. Therefore, the AIVD should give more support to the receivers of official messages, so that they can come to careful decision-making regarding the measures that need to be taken. This will help limiting the risk of unlawful data exchange.

CTIVD review report number 60 was published in February 2019. In this review report, the ‘wegingsnotities’ (assessments) used by the AIVD and MIVD concerning cooperative relationships are investigated. These assessments are a written justification for the decision to find cooperation with a foreign service and the way that it is put into practice. The importance and potential advantages of the cooperative relationships are weighed off against the risks that come with it. These risks have to be made clear in the assessment on the basis of five cooperation criteria that are named within the law: democratic embedding, respect for human rights, professionalism and reliability, legal capacity and possibilities and the offered protection of personal data. Which level of risk is acceptable depends on the national security importance that is served with the cooperation, the possibilities to limit the risks and the way that the cooperation is put into actual practice.

The review report is regarding the assessments used for the leading group of international cooperation partners. The new ISS act legally obliges the AIVD to conduct an assessment based on cooperation criteria, when finding international cooperation. The weighing of risks is established within the assessment, which forms the legal foundation of the cooperation partnership. This group consists of the European security agencies that participate within the Counter Terrorism Group and sigint-partners. The CTIVD has measured the assessments on its lawfulness. This research points out severe problems with the assessments in its current form which means a proper legal foundation for the cooperation does currently not exist.

According to the CTIVD, the AIVD makes an unlawful distinction between the legal cooperation criteria in practice, which results in the fact that some criteria are not assessed fully. The substance of all assessments is currently insufficient in giving a proper insight into the risks of the cooperation. The AIVD fails on a structural basis in showing the offered level of data