Summary of report on the Netherlands Counterterrorism (CT) Infobox, a joint operation of Dutch govt organizations

Logo of CT Infobox

[click image to enlarge]

In March 2015, the Research and Documentation Centre (WODC) of the Dutch Ministry of Security & Justice published a report (.pdf, in Dutch) on the Netherlands Counterterrorism Information Box, aka “CT Infobox”. The CT Infobox was established following the terrorist attacks in Madrid (2004), “to improve the official information position in respect of persons posing a potential terrorist or radical threat to Dutch society, and to enable appropriate action to be taken against them”. It is centered at the Dutch General Intelligence & Security Service (AIVD), and is a joint operation of various Dutch government organizations:

  • the General Intelligence & Security Service (AIVD)
  • the Military Intelligence & Security Service (MIVD)
  • the Fiscal Information and Investigation Service (FIOD-ECD; now part of “Inlichtingendienst (ID) Belastingdienst”)
  • the Immigration and Naturalization Service (IND)
  • the Netherlands Police Agency (“Landelijke Eenheid” of the National Police)
  • the Royal Netherlands Marechaussee (KMar)
  • the Public Prosecution Service (OM).

The Dutch Review Committee on the Intelligence and Security Services (CTIVD) in 2007 published an oversight report (.pdf, in Dutch) about the CT Infobox, as well as the CT Infobox covenant (.pdf, in Dutch) . The oversight report states, among others, that the CT Infobox (then) involved ca. 12 fte of AIVD personnel and ca. 10 fte of KLPD personnel.

The WODC report contains an English summary. Here it is in its entirety (~4700 words):


CT Infobox 10 years

The Netherlands Counterterrorism Information Box (CT Infobox) was established ten years ago to improve the official information position in respect of persons posing a potential terrorist or radical threat to Dutch society, and to enable appropriate action to be taken against them. Its objective was to facilitate co-operation and the sharing of information about those individuals between government agencies. It was hoped that a better information position would enable more focused selection of those representing a genuine danger, that a broader arsenal of strategies to counter them could be considered and that co-operation and information sharing would result in customised recommendations to CT Infobox participants and third parties on how to deal with them, thus reducing the threat they pose.

With the CT Infobox now ten years old, the need is felt to analyse (i) the original assumptions underlying its organisation and operations, including the extent to which they are supported by empirical evidence, and (ii) how the box functions in practice and how futureproof it is.

Our analysis is based primarily upon interviews, academic literature and policy documents. To investigate the structure of the CT Infobox and the policy logic behind it, we conducted interviews and examined policy documents. Academic literature was then consulted to determine whether there is empirical support for that logic. In making this analysis, we drew a distinction between the functioning of the box at the operational level and its governance. As far as its practical workings are concerned, our principal sources were interviews with box personnel and with members of the Coordinating Board responsible for its oversight. We also spoke with several representatives of organisations involved in counterterrorism at the national level. To supplement the interviews, we studied the confidential annual reports of the CT Infobox itself, reports from the Intelligence and Security Services Regulatory Commission (Commissie van Toezicht betreffende de Inlichtingen- en Veiligheidsdiensten, CTIVD) and a number of other policy documents. Finally, we visited the box on several occasions to observe its work directly.

It has not proven possible to establish empirically whether the risk to Dutch society posed by individuals with terrorist or radical motives has been alleviated by the creation of the CT Infobox. However, we have been able to investigate whether the box has indeed brought about the kind of co-operation between government agencies which was envisaged when it was first set up. In this closing chapter, we summarise the principal findings of our investigation and reflect upon the future of the CT Infobox.

The Counterterrorism Information Box has undergone a series of changes over the past ten years. The number of participating agencies has grown from five to ten, and its working methods have also evolved. But what has remained constant throughout is the basic principle behind it: the CT Infobox provides a space within which official bodies can share information and communicate about certain individuals and jointly devise recommendations on how to deal with them.

The overall picture produced by this investigation is that the intended co-operation and information sharing have indeed been achieved. Participants are satisfied with these aspects of the box’s work, and with the results generated co-operatively. They view the way in which information is shared as unique, and perceive added value in the fact that information can be approached and assessed from a variety of perspectives and knowledge positions. In their opinion, this enables creative thinking about possible actions and generates appropriate recommendations. The members of the Coordinating Board, the body which oversees and directs the box, are also positive about it. They praised it in particular for the speed and efficiency with which it processes data, for its comprehensive assessment of information and for its social return on investment. The members of the Coordinating Board and the box’s own personnel agree that it is an important resource in the fight against terrorism.

To a certain extent, this positive image is surprising. All too often, after all, efforts by government agencies to co-operate and to share information are beset with problems. We therefore feel that it would be useful in this concluding chapter to focus upon how the CT Infobox is organised and to mention those factors which make it work in the way our interviewees say it does. We shall first discuss the form of co-operation within the box and then briefly consider the way in which it is governed. To conclude, we mention a number of dilemmas relevant to deliberations concerning the future of the CT Infobox.

Co-operation and information sharing between government agencies

From the literature, it is apparent that there are fundamental problems with co-operation and information sharing between government agencies. This is because all have their own tasks and responsibilities, and because partnership arrangements between them often fail to define clear authority relationships. This frequently results in tensions arising between their own interests – maintaining their own autonomy and identity, and achieving their own objectives – and the common interest which gave rise to the partnership. The less the partners are able to account for the benefits of the arrangement to their own organisation, the more their own identities come under threat and the more problematic the partnership becomes. The academic literature highlights a number of factors which appear to determine the extent to which chain partners are able to forge co-operative relationships.

  • The dominance of the chain problem.
  • How the partnership is organised.
  • The underlying legal principles, namely:
    • proportionality, subsidiarity and purpose limitation; and
    • the legal basis.
  • People and resources, especially in terms of:
    • mutual trust; and,
    • data management and the communications system.

In this chapter we look at how the CT Infobox approaches these factors in principle and in practice.

The CT Infobox approach

Dominance of the chain problem

The literature reveals that the dominance of the problem behind a partnership is an important factor in facilitating chain co-operation. In the case of the CT Infobox, certainly, it seems that co-operation between the parties involved is encouraged by the significance all of them attach to countering terrorism. The participants are unanimous in agreeing that this is a key public policy objective, and all are prepared to make their contribution towards that “higher goal” – even if doing so comes at a price and generates little direct return for the organisation. Members of the Coordinating Board state that they have no problem in finding support for CT Infobox participation within their own organisation or in securing the necessary investment in terms of time and capacity. In this respect, it helps that the arrangement has in practice turned out as originally envisaged at the time the box was established. This fact appears to have a self-reinforcing effect.

Organisation of the partnership

According to the specialist literature, organisations compelled to work together and so to share information are often reticent in that respect because they do not know what the other parties are going to do with their material. Moreover, such collaborations are often dogged by problems related to autonomy, authority relationships, task allocations and responsibilities.

In the case of the CT Infobox, these issues are largely overcome by the way in which the box itself is organised. Information is shared only with its own personnel, who do not pass it on or carry out any operational activities themselves. Within the “box”, material provided by the various participating organisations is combined and assessed from a multidisciplinary perspective. Participants or third parties then receive recommendations based upon that assessment. For example, they may be advised to share particular information with another party (“disclosure advice”), to adopt a particular course of action in respect of a given individual (“awareness advice”) or to initiate a personal targeting operation (in advice to the National Co-ordinator for Counterterrorism and Security). It is up to the recipients themselves to decide whether or not to act upon such advice.

In other words, the CT Infobox operates according to the so-called “closed box” principle. Co-operation is intensive when it comes to information, communication, assessment and advice, but the ultimate response to the recommendations emanating from the box is left up to the individual organisations receiving them. That is neither a task nor a responsibility of the CT Infobox itself. The great advantage of this approach is that the participating agencies retain their autonomy of action, in terms of both whether to act and when. Other parties need only be notified of their activities. At the level of specific actions directly against particular individuals, all that is required is good co-ordination – that is, an effective communications structure. There is no need for any more far-reaching forms of co-operation. Effectively, then, the sharing of information and the action taken in response to it have been completely separated. Because of this, the CT Infobox is virtually free of problems related to co-operation at the level of tasks, responsibilities and authority relationships.

One potential disadvantage of this form of organisation, however, is the possibility that CT Infobox recommendations are not taken seriously or are ignored altogether. Although the way in which they are followed up is monitored, the box has no influence over what is done with them. Nonetheless, our interviewees are not under the impression that their recommendations count for nothing. If they are not taken up, there is usually a good reason and it is up to the box to consider possible alternative approaches.

Underlying legal principles

The academic literature includes lengthy discussions centering on the fact that the information exchanged within chains often includes sensitive personal material and so raises issues of privacy. Consequently, there are a number of important legal factors to be considered when establishing co-operative arrangements of this kind: the extent to which the parties involved concur regarding the purposes for which the information is being shared, how they perceive the proportionality and subsidiarity of this activity and the legal guarantees surrounding it.

Proportionality, subsidiarity and purpose limitation

Our interviewees regard the sharing of sensitive personal information within the context of the CT Infobox as proportional, since this is done to combat terrorism and they see that as an overriding social objective. In addition, all agree that sharing material of this kind should only be done in pursuit of such an overriding objective and so should be protected by adequate legal and organisational safeguards.

Within the CT Infobox, attention is paid to the fact that sharing information about individuals must remain within the bounds of proportionality and subsidiarity. In accordance with these principles, the box only collects material about persons notified to it as posing a potential risk and who also meet its own “placement criteria”.

In practice, this means that there must be indications that the subject is involved in terrorism and so represents a potential danger to the Dutch constitutional legal order. If that is indeed the case, the interviewees deem that sharing information about that person complies with the principles of proportionality and subsidiarity. If not, then in principle they are not “hauled through” the CT Infobox process. Moreover, in theory there are regular reviews intended specifically to “delist” subjects. Although these are less of a priority in busy periods, even then they still are carried out from time to time.

Legal basis of the CT Infobox

It is legally permissible for sensitive personal information to be shared within the CT Infobox because, for statutory purposes, it forms part of the General Intelligence and Security Service (Algemene Inlichtingen- en Veiligheidsdienst, AIVD) and so is governed by the Intelligence and Security Services Act (Wet op de inlichtingen- en veiligheidsdiensten, Wiv). People from other organisations who carry out work for the CT Infobox have undergone the same security screenings and are subject to the same confidentiality requirements as AIVD personnel. And, as mentioned earlier, there is the so-called “closed box” principle. Government agencies pool their information inside the CT Infobox, but none of that material leaves it: “What’s in the box stays in the box”. It is thus no more than a space within which information can be shared and communicated about. The only things to leave it are recommendations, and the recipients can choose whether or not to act upon that advice. Under this arrangement, staff seconded to the box do not share any of the information they encounter during the course of their work with anyone outside it, including other employees of their own organisation. Not even their own line manager or representatives on the CT Infobox’s Coordinating Board. This form of organisation makes it legally possible to share information held by different government agencies about particular individuals.

There has been some discussion in the Coordinating Board about the legal status of the CT Infobox, with reference to the fact that criminal investigation and intelligence information can only be shared when absolutely necessary for national security. In the panel’s view, all the activities currently undertaken within the “box” do fall within that definition in terms of necessity and purpose limitation. Were its remit to be extended in the future, however, to include broader analyses not focusing solely upon individual subjects, then some members of the panel believe that such activities would have to be specifically defined as one of its objectives. And in that case it would be helpful if the CT Infobox had an explicit legal basis. But because this kind of information may not be shared under normal circumstances, others feel that creating a separate legal basis would be going too far.

In 2007 the CTIVD did recommend that the CT Infobox be afforded a legal status of its own under the Wiv. Its main reason for doing so was “frictions in the co-operation” at management level, which were apparent at that time. A specific legal basis would confirm the equal status of the participants and clarify their roles and positions. From our interviews, however, it is apparent that those past frictions have now all but disappeared.

Nonetheless, some people still consider the fact that not all CT Infobox personnel formally enjoy so-called “Article 60 status” (designation to undertake work on behalf of the AIVD) reason enough to amend the Wiv on this point. Others, by contrast, believe that the current arrangement works fine in practice.

People and resources

When it comes to people and resources, the literature focuses upon technical factors which may facilitate or hinder co-operation and upon individual willingness to collaborate. With regard to the former, the challenge lies in the fact that the different participating organisations all have their own information systems which are configured first and foremost to support their own primary processes rather than the joint activities to be conducted as part of the chain partnership. Introducing a new system often creates a multitude of new problems. According to the literature, the best solution for a chain partnership is an arrangement whereby each participant manages its own data but relevant material is available to all, with communications about that information also possible.

As for encouraging individual willingness to collaborate, several factors play a significant role. Apart from sharing a common goal, these include mutual trust and building social capital. The more people gain confidence in one another, understand each other’s abilities and limitations and appreciate the added value to be derived from the partnership, the more successful it becomes.

Data management and communications system

The CT Infobox does not have a central database. Instead, it has been decided that each participant manages – and so retains control over – its own material. Box personnel have access to more than ninety information systems, although the technical possibilities for automatic searches remain relatively limited. It therefore takes quite a lot of time to search the systems thoroughly.

In principle, personnel can browse through “all the files in the box”. In practice, however, most confine their searches to the systems administered by their own organisations, looking for relevant information about reported individuals. In part this is because of the technical limitations on searches in each others’ systems and in part because they feel “more at home” in their own IT environments. This effectively means that tasks within the “box” are allocated along organisational lines.

When a subject comes under investigation, box personnel tend to look for information about him or her in their own systems. Anything they find is retrieved and added to an in-house system which all can access and update. This assembles data in a comprehensive and structured manner, so that it can be reviewed and assessed coherently.

Once the picture is complete, a risk assessment of the subject is carried out and possible actions to mitigate the threat they pose are communicated. According to our interviewees, the chosen system of communication reveals possible responses which might not have been devised had the underlying information only been viewed from a single perspective. As a result, they claim, it is becoming more likely that a multidisciplinary approach will be chosen and that creative thinking will result in novel forms of intervention being proposed. In that respect, they say, the CT Infobox is still developing rapidly.

Mutual trust

Thanks to all the legal and organisational safeguards surrounding the CT Infobox, there is a high degree of internal mutual trust and personnel do not feel restricted in sharing information. Participants say that they trust one another completely, because everyone has undergone A+ screening and is subject to the same security regime. Communications between box personnel, and their mutual trust, also benefit from the fact that they all work on the same corridor at the AIVD and so can meet in person and, for example, drink coffee together. The atmosphere “inside the box” is good, and its Head’s style of management is also liked. Our interviewees also say that the fact that he comes from the police rather than AIVD emphasises the equality of the partnership.

The members of the Coordinating Board state that their mutual trust has increased greatly in recent years, too. Even outside the context of the CT Infobox, they are more and more likely to be in contact with one another. And for the most part they are highly positive about the atmosphere within the panel itself. The CTIVD review in 2007 found that the AIVD had claimed too prominent a position in the early years, but our interviewees say that that is no longer the case. Overall, they are positive to highly positive about the degree of mutual trust within the panel, about the openness of the collaboration and about governance of the CT Infobox.

Moreover, that trust extends beyond the box itself. Although we have not looked at exactly what factors are taken into consideration when referring individuals to the CT Infobox for investigation, it is striking that a large proportion of these subjects are reported by the AIVD and the police. If they believed that the information they hold about such persons might be misused, they would probably be more reticent in disclosing it.

Governance by the Coordinating Board

The literature reveals that the extent to which any governance model is appropriate to a given network is determined by four factors: the number of participants, the degree of consensus concerning its goal, mutual trust and the need for network competencies. If, as in the case of the CT Infobox, there are a lot of participants, a high degree of consensus, substantial mutual trust and a great need of network competencies, then the most suitable model would seem to be a “network administrative organisation”.

To guide the work of the CT Infobox, an independent committee has been formed: the Coordinating Board (Coördinerend Beraad). All the participating organisations appoint one board-level representative to sit on this body. This means that the box can indeed be characterised as a “network administrative organisation” rather than one run in accordance with “shared governance” (all the participants guide the network in equal measure) or “lead organisation” (one partner assumes leadership) principles. Moreover, this arrangement seems to work well in practice. The Coordinating Board confines itself mainly to strategic decisions and policy matters, whilst day-to-day operational management is in the hands of the Head of the CT Infobox. According to some of Coordinating Board members we interviewed, however, this structure does leave something of a gap between the operational and strategic levels. This is no way a criticism of either the chair of the Coordinating Board or the Head of the CT Infobox, both of whom are very highly regarded, but more about the limited fulfilment by the panel of its assigned role as a proactive governing body. In the view of some interviewees, the panel in its current form acts purely as a reactive “supervisory board”. Some would like to see a stronger policy component to its work, arguing that it should be lobbying for a wider remit for the CT Infobox. For example, one that include supporting analyses based upon the information available within the box. Because this issue touches upon the very purpose of the CT Infobox, it is one which has to be discussed within the Coordinating Board.

The future of the CT Infobox

Our interviewees agree that the existence of the CT Infobox is justified, and are positive about its future. All expect it to survive for at least the next decade. They consider it futureproof and believe that ten years from now there will still be a need for the “room to share” which it provides. However, several possible options for its future direction were put forward. These concern its composition, its objectives, its legal status, the role of the Coordinating Board and increasing awareness of its existence. The points discussed with the interviewees are summarised below, in all cases subject to the proviso that these are matters for further discussion. They reflect dilemmas which need to be addressed on a regular basis, because the choices made in these respects are always going to be influenced in part by political and societal developments.

Composition – how many participants?

Strikingly, the majority of our interviewees are satisfied with the current composition of the CT Infobox. In the ten years since it was founded, the number of participants has increased from five to ten. However, there is a dilemma in this respect. At the operational level, it is good to have a large number of organisations represented. But the more of these there are, the more complex that makes the box’s governance. And greater numbers also tend to favour a more conservative approach. Including more participants simply in order to gain access to more sources of information does not appear to be necessary, whilst cutting the number of participants is undesirable from the operational point of view.

To simplify the box’s governance, one idea would be to reduce the size of the Coordinating Board. But that could leave active participants without representation at this level. It is for these reasons that many of the interviewees say that the box’s current composition is “exactly right”.

Objectives – different subjects and analyses?

All the interviewees agree that the public policy objective behind the foundation of the
CT Infobox and the partnership it represents – fighting terrorism – is hugely important. But there is some discussion as to whether its remit should be broadened to include additional subject groups or deepened with more fundamental analyses.

Essentially, the box’s success in combining information has led to calls for more of the same: by collecting more information about more people in the same fashion, other serious threats – from organised crime, for example – could also be tackled better. On the other hand, one of the main reasons why the CT Infobox works so well is that its whole raison d’être – counterterrorism – is regarded as a “greater good” for society as a whole. Were its mission to be extended into other domains, that would give rise to debate about the necessity, proportionality and subsidiarity of sharing information in this way. Some participants would certainly question the legitimacy of doing so for these new purposes. The CT Infobox in its current form works because it targets a very small and specific group. Expansion may cause more problems than it solves.

Effectively, the same applies to analyses. The CT Infobox brings together a lot of information which could be used to produce in-depth analyses. But the more it does this, the more the box drifts away from the original purpose for which it was established. This needs to be taken into account when considering what is possible and desirable.

Interestingly, the Coordinating Board has never discussed this issue in a structured manner. This is reflected in the fact that different members interpret the very word “analyses” in quite different ways, from operational analyses of particular subjects to analyses of broad social trends and phenomena.

As for CT Infobox personnel, they express no particular interest in investigating new subject groups but they do consider the underuse of existing analytical opportunities as a chance missed. What they need more than anything is greater capacity for operational analyses – so that they can investigate subjects in more depth, for example, and conduct tactical analyses. They would also very much like to carry out analyses providing them with an insight into the effects of their recommendations – what works, and under what circumstances – so that they can learn lessons for the future. But there are some personnel who believe that there is added value to be gained from the strategic analysis of trends and developments, too, because they feel that such exercises would help when setting priorities and in designing structural barriers against terrorism. In general, personnel think that greater analytical capacity will make the box more futureproof.

Members of the Coordinating Board talk about analyses in general terms, but in many cases seem to be referring to strategic analyses which could be used in formulating policy. Before deciding whether the CT Infobox should start conducting analyses at some point in the future, then, it is essential to establish exactly what is meant by the term and what the benefits and drawbacks of such an extension of the box’s role might be. The same also applies to expansion to include new subject groups, of course, but at this stage there seems to be less support for that course of action.

Legal status

We have already outlined the previous discussion by the Coordinating Board of the legal status of the CT Infobox. Some believe that it requires an explicit legal basis, others that it is best without one. When considering the box’s future, not only should the need for such a status – as already recommended by the CTIVD – be investigated but also its potential benefits and drawbacks as well as what exactly should or should not be established in law.

Role of the Coordinating Board

As far as the role of the Coordinating Board is concerned, the perceived gap between the operational and strategic governance of the CT Infobox could be filled by ensuring that the panel focus more intensively upon operational issues. Alternatively, it could also operate at greater distance from the box’s day-to-day activities. Both possibilities have their advantages and disadvantages. To make a considered choice in this matter, a variety of options for a revised role for the Coordinating Board should be drawn up so that their respective pros and cons can be weighed up explicitly.

Outside support

To conclude, the future of the CT Infobox will be shaped not only by the degree of support it enjoys among its own personnel and the Coordinating Board, but also to a great extent by its image in the “outside world”. In fact, it can only function properly as long as that world trusts in its work and provides it with sufficient backing. Most of our interviewees expressed no concern about the extent of that support, but some members of the Coordinating Board did note that there should really be broader awareness of the high quality of the products the box delivers and the added value its provides. The CT Infobox operates in an environment in which confidentiality and secrecy play a major role, and so its successes often remain hidden. Despite this, they would find it a good thing if some of the positive feeling which prevails inside the “box” were to be sensed outside it. It is certainly worth considering how this might be achieved. The more openness there is, though, the less of a “closed box” the box becomes. There are conflicting interests at stake, but a balance should be struck between them. Perhaps the “theme days” the CT Infobox organises for its participating agencies could help generate greater openness. As should the picture of its work presented in this report.


[Dutch] Enkele interessantere items in WODC-onderzoeksprogramma 2015

In het WODC-onderzoeksprogramma 2015 (.pdf) staan 70 onderzoeken gepland. Hierbij een selectie van onderzoeken die binnen m’n eigen interessegebied vallen.

Vanuit het Directoraat Generaal Jeugd en Sanctietoepassing:

25 Haalbaarheidsonderzoek dark number jeugdige cybercriminelen (extern)

In 2013 heeft het WODC een onderzoek uitgevoerd naar de bestaande kennis op het terrein van jeugd en cybercriminaliteit. De conclusie daarvan luidt dat de prevalentie meevalt. Tegelijkertijd wordt geconstateerd dat er nog veel onbekend is. De indruk bestaat dat bepaalde categorieën van jeugdige cybercriminelen mogelijk onderbelicht zijn in de beschikbare gegevens en dat er mogelijk sprake is van een hoog dark number. Dit haalbaarheidsonderzoek moet inzicht geven in methoden voor een goede inschatting van het dark number van cybercrime.

Vanuit het Directoraat Generaal Rechtspleging en Rechtshandhaving en Openbaar Ministerie:

33 Nationale Veiligheidsindex 2015 (intern)

De NVI is een methode om zo betrouwbaar mogelijk de ontwikkeling in criminaliteit, overlast en onveiligheidsbeleving op landelijk niveau te beschrijven. Het doel van de NVI is de veelheid aan bestaande indices te vervangen en te komen tot een politiek-bestuurlijk bruikbare, duidelijk te communiceren rapportage over de ontwikkeling van de sociale veiligheid in Nederland. In oktober 2014 is de eerste NVI verschenen. In 2015 zal een nieuwe NVI worden opgeleverd, die duidelijk moet maken of een uitbreiding met cybercrime mogelijk is.


37 Inventarisatie opsporingstechnologie (extern)

Opsporingstechnologie ontwikkelt zich snel. Politie en openbaar ministerie zetten bij de opsporing en vervolging van misdrijven diverse technieken in, zoals DNA-onderzoek, analyse van camerabeelden en dactyloscopisch onderzoek. Het scala van opsporingstechnieken is groot en het ontbreekt aan een goed overzicht, zowel van de beschikbaarheid als van het gebruik dat ervan wordt gemaakt. Daarnaast ontbreekt overzicht van technologische ontwikkelingen (innovaties). Inzicht hierin is van belang voor de sturing van opsporing en vervolging.


49 De huidige stand van zaken met betrekking tot het onderzoek ten behoeve van de waarheidsvinding aan inbeslaggenomen elektronische gegevensdragers en inbeslaggenomen geautomatiseerde werken (extern)

Op dit moment mag een opsporingsambtenaar onderzoek doen aan inbeslaggenomen (elektronische) gegevensdragers en geautomatiseerde werken, zoals smartphones, laptops, computers, tablets, usb-sticks, externe harde schijven etc. Hij behoeft hiervoor geen toestemming of machtiging van de officier van justitie of rechter-commissaris. Ook bevat het wetboek geen regels over notificatie, het bewaren en vernietigen van niet-relevante gegevens, het ontoegankelijk maken van gegevens enzovoort. Deze situatie vertoont een grote mate van onevenwichtigheid ten opzichte van de regeling van de andere bevoegdheden tot het vergaren van vastgelegde gegevens, waarbij in beginsel de officier van justitie beslissingsbevoegd is. Gelet op het nog steeds groeiende gebruik van computers en smartphones waarop steeds grotere hoeveelheden gegevens van verschillende aard kunnen worden opgeslagen en het belang dat wordt gehecht aan bescherming van de persoonlijke levenssfeer in verband met dergelijke opgeslagen gegevens, wordt overwogen dit onderwerp in het Wetboek van Strafvordering nader te normeren. Daarvoor is inzicht in de huidige praktijk gewenst.

Vanuit de Cluster Secretaris Generaal:

52 Procedurele en inhoudelijke criteria voor wetsevaluaties (intern)

Wetten worden periodiek geëvalueerd. Volgens Aanwijzing 164 lijkt een evaluatietermijn van vijf jaar in de rede te liggen. Een evaluatiebepaling in deze Aanwijzing zegt dat – indien wenselijk – een wet éénmalig of periodiek wordt geëvalueerd en verslag wordt gedaan over de doeltreffendheid en de effecten van deze wet in de praktijk. In aanmerking komen zowel de mate van verwezenlijking van de doelstellingen en de neveneffecten als de evenredigheid, subsidiariteit, uitvoerbaarheid, handhaafbaarheid, afstemming op andere regelingen, eenvoud, duidelijkheid en toegankelijkheid. Voor een effectief wetsevaluatiebeleid is van belang dat wetsevaluaties aan bepaalde criteria voldoen. Maar welke zijn dat dan? Er is behoefte aan een handreiking of model om een goede wetsevaluatie op te zetten.

53 Gebruik, waardering en effect van internetconsultatie (extern)

De kwaliteit van het wetgevingsproces wordt verhoogd door burgers, bedrijven en organisaties tijdig te informeren over wetgeving in voorbereiding en hen uit te nodigen daaraan een bijdrage te leveren en zo voorstellen te toetsen aan de praktijk. Ook wordt de kwaliteit van wetgeving versterkt door gevraagde of ongevraagde adviezen van adviesorganen. De vraag is of op dit moment het volle potentieel uit consultaties wordt gehaald. Dit onderzoek moet uitwijzen wat de aard, omvang én het effect zijn van het gebruik van internetconsultatie. Hoe waarderen gebruikers internetconsultatie en wat is er te zeggen over de relatie tussen internetconsultatie en het draagvlak van de regeling in kwestie?

Vanuit de NCTV:

54 Cyber-vitaal (extern)

Het is wenselijk om meer inzicht te krijgen in de vitale processen en diensten in het cyberdomein, in de (onderlinge) afhankelijkheden en in het risico dat deze processen en diensten een doelwit worden van cyberaanvallen. De wijze waarop andere landen omgaan met deze vraagstukken kan hierbij worden betrokken. Het achterliggende doel van deze risicobenadering is het verhogen van de weerbaarheid van vitale processen en diensten en het inzetten op een effectieve gezamenlijke respons: publiekprivaat, civiel-militair en met behulp van internationale partners.

55 Evaluatie Nationale Cybersecurity Research Agenda (extern)

Onder de vlag van de Nationale Cybersecurity Research Agenda (NCSRA) zijn meerdere miljoenen euro’s bijeengebracht om onderzoek te doen op het gebied van cybersecurity. In 2013 is de tweede NCSRA verschenen. In dit onderzoek wordt bekeken wat er tot dusver met deze onderzoeksgelden is gedaan en tot welke resultaten dat heeft geleid.


57 Wisselwerking en mogelijke confrontaties tussen extreemrechts en jihadisme (extern)

In het Verenigd Koninkrijk en Duitsland zijn al vaker fysieke confrontaties geweest tussen extreemrechtse groeperingen en radicale moslims. Soms is dit zelfs geëscaleerd tot voorgenomen (maar verijdelde) moordaanslagen op de leiders van de respectievelijke groepen. In Nederland hebben we dit soort escalaties tussen extreemrechts en radicale moslims nog niet gezien. Welke factoren en dynamiek hebben in landen als het Verenigd Koninkrijk en Duitsland tot de genoemde confrontaties geleid en in hoeverre zijn onderscheiden factoren ook voor Nederland relevant?

58 Effectiviteit van counter narratives (extern)

In het kader van preventiebeleid worden door de Nederlandse overheid gematigde tegengeluiden tegen extremistische vertogen gestimuleerd met als doel om radicalisering tegen te gaan. Het gaat hier hoofdzakelijk om initiatieven die het gewelddadige jihadistische vertoog scherp tegen het licht houden en deconstrueren. Ook in andere (niet-Westerse) landen worden dergelijke geluiden door de overheid gestimuleerd of zelfs door de overheid geformuleerd. De vraag is welke methode effectief is en bij welke (elementen uit de) buitenlandse aanpak de Nederlandse overheid baat zou hebben.

59 Evaluatie Nationale Contraterrorisme Strategie 2011-2015 (extern)

De doelstelling van de Nationale Contraterrorisme Strategie is het verminderen van het risico op een terroristische aanslag en de vrees daarvoor, evenals het beperken van de mogelijke schade na een eventuele aanslag. De strategie wordt periodiek geëvalueerd; de eerstvolgende evaluatie start in 2015. Het onderzoek moet uitwijzen of de strategie op de genoemde terreinen effectief is geweest en daarnaast een overzicht geven van de kosten van de maatregelen voortvloeiend uit de strategie. Hoe verhouden deze kosten zich tot de resultaten?

60 Toegang en invloed van buitenlandse investeerders in de Nederlandse vitale sectoren (extern)

De (mogelijke) overname van, c.q. investering in enkele voormalige Nederlandse nutsbedrijven door buitenlandse partijen heeft het thema van buitenlandse investeringen op de beleidsagenda gezet van de ministeries van EZ en VenJ. De vraag daarbij is hoe nationale veiligheidsbelangen kunnen worden gewaarborgd wanneer voormalige nutsbedrijven in handen komen van staatsbedrijven uit landen waarmee Nederland niet direct dezelfde internationale belangen nastreeft. Meer in het bijzonder spelen daarbij issues als hoe ver de inzage reikt van (toekomstige) buitenlandse aandeelhouders in vertrouwelijke informatie van bedrijven in de Nederlandse vitale sectoren, de toegang tot vertrouwelijke publiek/private samenwerkingsverbanden en de eventuele invloed op cruciale besluitvorming ten aanzien van safety/ cybersecurity. Welke impact kunnen dergelijke aandeelhouders in theorie hebben op de wijze waarop het Nederlandse veiligheidsbestel is ingericht? En zijn er al voorbeelden van daadwerkelijk gebruik door buitenlandse aandeelhouders van mogelijkheden tot toegang, inzage en invloed in Nederland, Europa of daarbuiten?











Summary of preparation for evaluation of the Dutch National Counter Terrorism Strategy 2011-2015

In November 2011 it was decided (in Dutch) that an evaluation would be carried out of the Dutch National Counter Terrorism Strategy between 2011 and 2015. The Research and Documentation Centre (WODC) of the Dutch Ministry of Security & Justice in August 2014 published a report (.pdf, in Dutch) plus appendices (.pdf, in Dutch) in preparation of that evaluation, which itself will be carried out at the end of 2015. In February 2015, an official English summary (.pdf) of the preparation was published. Here is that summary in its entirety (~1800 words):


Since the beginning of this decade, major terrorist attacks, like the attacks on ‘9/11’ (2001), Bali (2002), Madrid (2004), London (2005), Mumbai (2008), Jakarta (2009), Oslo/ Utoya (2011) and Boston (2013) repeatedly shook the world. In the Netherlands, the assassinations of Pim Fortuyn (2002) and Theo van Gogh (2004) can also be considered as terrorist attacks. With the exception of the assassination of Fortuyn and the attacks in Oslo/ Utoya, the perpetrators of these terrorist acts have Jihadist origins.

From the 1st of January 2005 onwards, the ‘Nationale Coördinator Terrorismebestrijding’ (National Coordinator for Security and Counterterrorism) is the leading coordinator in the Dutch counterterrorism coordination structure. A multitude of government agencies and organisations are involved in the implementation and execution of the national counterterrorism policy. As the coordinator, the NCTV has a central role between the government actors. The NCTV provides knowledge to executive organisations, links separate sections of policy and sets priorities.

Between 2001 and 2010, the counterterrorism policy was not founded by an overarching strategy. With the ‘Nationale Contraterrorismestrategie 2011-2015’ (National Counterterrorismstrategy 2011- 2015, referred to as ‘CT-strategy’), a comprehensive strategy was established in 2011. This strategy is an integral and coherent approach to terrorism in the period of 2011-2015 and was presented to the House of Representatives in April 2011.

The CT-strategy will be the subject of evaluation for the first time in 2015. This present research is aimed at preparing the evaluation, by contributing to the establishment of an evaluative framework, that can be applied to the evaluation in 2015.

Research questions and activities

The subject of this research is the National Counterterrorismstrategy 2011-2015 and the policies resulting from this strategy. The central research question is:

Which measures, interventions and intentions shape the CT-strategy 2011-2015, according to which mechanisms are they considered to reach their goals, which actors are involved in the shaping and execution of the strategy, what is known about the financial costs, which measures, interventions and intentions have already been subject to evaluative research (and which have not), what can be said about the effect or results of these measures, interventions and intentions and which of these measures, interventions and intentions should yet to be evaluated before 2015?

The research is divided into three sub-studies.

  1. Collecting and identifying the measures and interventions that result from the CT-strategy 2011-2015.
  2. Identifying the means in which these measures and interventions are considered to work.
  3. Identifying what is known about the setup, the implementation, the execution, the costs and the results/effects of these measures and interventions that result from the CT-strategy.

To answer the central research question, an extensive document study has taken place, which included a detailed analysis of the measures which resulted from the CT-strategy. Next, a series of five interviews with key-figures at the NCTV, eight interviews with persons in involved government organisations and five scientists in the field of counterterrorism have taken place. The research was concluded with two meetings at the NCTV and an expert meeting with scientists, researchers and policy advisors in the field of counterterrorism.

This research aims at and is delineated to policy measures, policy interventions and policy intentions that originated from the CT-strategy, which implementations result from input from the NCTV and are based on written documentation.

Examining the National Counterterrorismstrategy

The CT-strategy consists of a central aim, five ‘pillars’ and eight strategic priorities. The core idea behind the counterterrorism policy is the ‘brede benadering’ (‘broad approach’). The ‘brede benadering’ consists of five pillars: ‘verwerven’ (obtain), ‘voorkomen’ (prevent), ‘verdedigen’ (defend), ‘voorbereiden’ (prepare) and ‘vervolgen’ (prosecute). The pillar ‘verwerven’ (obtain) is the foundation for the other four pillars, as it obtains information and intelligence about threats. In the CT-strategy, the pillar ‘voorkomen’ (prevent) is considered the main pillar against terrorist threat.

Based on the documentation study, the interviews and our own analysis, the relation between the central goal, the five pillars and the eight strategic priorities is reconstructed in the means-end diagram below [click image to enlarge].


Analysis of the Dutch counterterrorism policy

This research describes an extensive and complex policy area, of which the coherence between the various components of the policies do not immediately attest from the strategy. Besides the strategic goals, the CT-strategy also describes executive and operational goals. As a consequence, the perception on counterterrorism (and terrorism) and the implementation and execution of counterterrorism measures are not separated. The counterterrorism policies have a strong focus on performance (or focus on ‘acting on new threats’), which means the focus of the counterterrorism policies are constantly shifting. The focus of policy is not defined strongly in the CT-strategy. This flexibility also has advantages; based on the most recent threat-analysis and specific incidents, a wide range of different policy measures offer a lot of possible approaches to new problems.

Using Pawson and Tilley’s CMO-model of policy analysis [footnote 1: R. Pawson & N. Tilley, Realistic Evaluation, Londen: Sage publications, 1997.], the assumptions on context, interventions and mechanisms are analysed. During the establishment of the CT-strategy (the context in which the strategy was produced), there was no strong terrorist threat in the Netherlands. The focus of counterterrorism policies were determined by new threats, new incidents and the political situation at the time.

Regarding the causes of terrorism, policymakers assume a strong causal relation between different determinants, radicalization and terrorist acts. However, in scientific literature and during the interviews, scientists and policymakers have declared that there is uncertainty regarding the exact workings of radicalization and mechanisms through which radicalisation manifests itself. There are no clear assumptions about the (establishing of) goals of counterterrorism policy in the CT-strategy.

Regarding interventions, the assumptions about the approach, the assumptions about the tasks and relations different government actors have, have been analysed. Assumptions regarding the approach are determined by the central idea behind the Dutch counterterrorism approach – the ‘brede benadering’ (‘broad approach’). Assuming intervening in an early stage of radicalization leads to the biggest chances of success, the main focus in counterterrorism policies is in the pillar ‘voorkomen’ (prevent). The ‘brede benadering’ (‘broad approach’) has narrowed in the last years: preventive measures, aimed directly at (suspected) culprits have become more prominent. Three types of generic interventions are embroiled throughout the entire policy area and are of great significance to the counterterrorism strategy: cooperation, coordination and communication.

Considering the exploratory nature of this research, the specific mechanisms behind the interventions and outcomes of these mechanisms have not been reviewed. However, this study does review literature on (identifying) mechanisms, which has led to an expansion of the CMO-model. Illustrating this expanded CMO-model, the new framework has been applied to two counterterrorism measures: the personal approach (‘de persoonsgerichte aanpak’) and training activities increasing resilience against radical ideas. The expanded framework can be used to identify specific workings and mechanisms of counterterrorism measures in the next evaluation.


This study included a search and review of every (known) public evaluation on every measure, intervention and intention resulting from the CT-strategy. We conclude that the strategic priorities have not been evaluated. A small portion of the measures in the five pillars of the ‘brede benadering’ (‘broad approach’) have been evaluated. Key elements of the counterterrorism policy – the pillar ‘verwerven’ (obtain) and a significant section of the pillar ‘voorkomen’ (prevent) – are barely evaluated; only a few measures within these pillars are evaluated. Examples are several evaluations of the work of intelligence services and several evaluations of the cooperation with other partners. Part of the pillar ‘voorkomen’ (prevent), preventing violent extremism, has been evaluated. In addition, we conclude that available evaluations mostly review the (legal) arrangements and the processing (or functioning) of the measures – and do not review the direct effect and results of the measures on countering terrorism. A significant portion on the available evaluations is aimed at reviewing goals and functioning beyond the field of counterterrorism, like the functioning of the intelligence agencies in general.


The relationship between parts of the CT-strategy, an extensive and complex policy area, is not well described in the strategy itself. Many parts of the strategy concern execution policy. The policy strategy and policy execution are not strictly separated. The precise focus of the counterterrorism policies is constantly shifting, depending on the political context and concrete threats at a certain moment. At this moment, the policy focuses on jihadist (travellers). A big advantage of the strategy is her flexibility. The ‘brede benadering’ (‘broad approach’) and the five pillars offer a wide range of measures; according to the threat level and concrete incidents, measures are chosen. However, as a result of this flexibility and the width of the measures that can be chosen the strategy is not the main factor in determining executive policy. This is more determined by concrete developments of threat.

A multitude of cooperative government actors are involved in counterterrorism policy. Partnerships between actors are both formal and informal. The NCTV has the role of coordinator. The NCTV provides knowledge to executive organisations, links separate sections of policy and sets priorities. The role of the NCTV differs by subject and can be directing, informative or facilitating. This flexible role provides benefits, but sometimes creates ambiguities among the participating actors.

The core idea behind the counterterrorism policy is the ‘brede benadering’ (‘broad approach’). During the interviews, policy makers declared that this ‘brede benadering’ (‘broad approach’) has been narrowed. However, the main pillars against terrorist threat remain ‘verwerven’ (obtain) and ‘voorkomen’ (prevent). The pillars ‘verdedigen’ (defend), ‘voorbereiden’ (prepare) and ‘vervolgen’ (prosecute) are also an essential part of the approach, but are less important as far as policy concerns.

The CT-strategy focuses on terrorist threats within the Netherlands and measures to be taken within the Netherlands. The strategy focuses not on foreign factors that can influence the terrorist threat in the Netherlands. The Terrorist Threat Assessment Netherlands (Dreigingsbeeld Terrorisme Nederland, DTN) does offer a description of the foreign situation, by which the threat is placed in a context.

Evaluation framework

This research aims at preparing the evaluation of the CT-strategy in 2015. In the last chapter of the research report, a contribution to the establishment of an evaluative framework is made. We recommend to evaluate the main themes and topics in the field of counterterrorism, and to further review the key interventions – cooperation, coordination and communication. We suggest that the main research question will be:

“Which contribution provides the CT-strategy to achieve its goals and how do the key interventions work?”

In order to answer the main research question, we recommend to take account of the following themes:

  1. A comparison between the deployment of measures covered by a ‘soft’ approach and measures covered by a ‘hard’ approach. The shift in thinking about terrorism as a problem (and it occurs) is also included. The comparison can be viewed in general and in particular with regard to individuals and groups.
  2. The functioning of the process of radicalisation and the possible influence of these
  3. The role of local governments in counterterrorism policies
  4. A comparison with the approach of terrorist threat in other countries



Dutch intelligence agency AIVD unlawfully stored DNA profiles in a small-scale database

On March 25th 2015, the Dutch Review Committee on the Intelligence and Security Services (CTIVD) published an oversight report (.pdf, in Dutch) about the use of forensic biology research methods by the Dutch General Intelligence & Security Service (AIVD) between 2002 to 2014. The CTIVD report was accompanied by a press release (.pdf, in Dutch).

Article 22 of the Dutch Intelligence & Security Act of 2002 (Wiv2002) permits the AIVD to “carry out research on objects for the purpose of establishing the identity of a person”, and is the main legal basis for the use of forensic biology research methods. Article 21 permits the AIVD to use agents, and agents may carry out tasks on behalf of the AIVD; for instance the application of forensic biology research.

While the AIVD is permitted to apply forensic biology research for the purpose of establishing the identity of a person, the CTIVD states that the AIVD is not permitted to do so for the purpose of examining a person’s health. The CTIVD found that the AIVD attempted to do so in two operations, part of one investigation, “a longer time ago”; the CTIVD finds this unlawful.

While the AIVD is permitted to take DNA from objects and store it until the identity of a person has been established, the CTIVD states that the AIVD is not permitted to store that DNA once an identity is established. The CTIVD found that the AIVD keeps a small-scale DNA database that contains information pertaining to persons that are already identified; the CTIVD finds this unlawful. The report itself states that the AIVD employs a forensic adviser, and that that adviser manages said DNA database. The database is stored on a stand-alone computer that is not accessible from the internal network of the AIVD. If an operational team wants to check a DNA profile, that has to be done via the forensic adviser or his supervisor. As stated in the press release, under the current Dutch law, that database can only contain DNA information of persons whose identity has not yet been established.

Here is a translation of the CTIVD’s press release:

The Dutch Intelligence & Security Act of 2002 does not permit the AIVD to create a DNA database

The Dutch Intelligence & Security Act of 2002 (Wiv2002) permits the AIVD to carry out forensic biology research. However, no specific regulation exists that safeguards the storage of cell material and DNA profiles. As soon as the AIVD has established the identity of a person, the DNA profile and possible cell material must be destroyed. The AIVD is thus not permitted to create its own DNA database. At the time of the investigation, it was found that the AIVD had such a database, at a limited scale. This is stated in a report published today by the Dutch Review Committee on the Intelligence and Security Services (CTIVD) about the application of forensic biology research methods by the AIVD.

If the AIVD examines physical characteristics of persons for the purpose of establishing their identity, the privacy of these persons is at stake. Examples include DNA research and dactyloscopy. The protection of privacy demands increasing attention, because the possibilities of, among others, DNA research have strongly increased. Much more personal characteristics can be derived from cell material (blood, saliva or body hair) nowadays than in the past. The CTIVD therefore in its oversight report established a framework for the application of forensic biology research methods.


The law provides two conditions for the application of forensic biology research methods.

Condition 1: only objects, not persons, can be examined

The AIVD can only carry out forensic biologic research concerning objects that have body material on them. The Wiv2002 does not provide room to take such material from the body of persons, for instance by covertly pulling body hair. The AIVD is not permitted to infringe upon the physical integrity of persons.

Condition 2: examination is only permitted to establish a person’s identity

The purpose of the investigation must be to establish a person’s identity. That means:

  • that the law does not provide room to carry out investigations if the identity is already known. It is required that at the time of the investigation, doubt exists about a person’s identity. A method in which, for instance, the DNA profile of an identified person is stored for future use to recognize the person’s identity when the person is expected to travel under an alias or disguise, is thus already not allowed because of this, and;
  • the investigation can only be aimed at the identity of the person involved, or by means of related identifying characteristics, such as the DNA profile or the fingerprint. The Wiv2002 thus does not provide room for carrying out investigations into the decent or health of a person.

No legal basis for storing DNA profiles or cell material

European jurisprudence provides an additional condition for the application of forensic biology research methods. An adequate legal basis must exist for storing cell material and DNA profiles. This legal basis must provide minimal safeguards concerning storage period, use, third party access, procedures for maintaining the integrity and confidentiality of the data, and procedures for destruction.

The CTIVD found that such a specific regulation that provides safeguards for the storing of cell material and DNA profiles, does not exist for the AIVD. The Wiv2002 hence does not provide the legal basis. As long as the current law does not regulate the storing of DNA profiles and cell material, the AIVD is not permitted to create its own DNA database for any reason. At the time of the investigation, it was found that the AIVD had such a database, on a limited scale. As soon as the AIVD established a person’s identity, it must remove and destroy the DNA profile and possible cell material.

Examined operation

The CTIVD has examined all operations since 2002 — the year in which the law took effect — in which the AIVD has used forensic biology research methods. The number of operations was not large, but the use of such methods is increasing. The CTIVD has found unlawfulness in a limited number of operations.


‘Information of Dutch intel agency AIVD in hands of criminals after data theft at Curaçao Security Service VDC’

On March 23rd 2015, Dutch newspaper Volkskrant brought a story (in Dutch) alleging that information of the Dutch intelligence & security service AIVD ended up in the hands of criminals after theft of data from the Curaçao Security Service (VDC). Here is a translation of the Volkskrant article:

‘Information of Dutch intel agency AIVD in hands of criminals after data theft at Curaçao Security Service VDC’

by Charlotte Huisman

Information from the Dutch intelligence & security service AIVD has ended up in the hands of criminals after a large data robbery at the Curaçao security service VDC, according to Dutch MP Ronald van Raak (Socialist Party).

Leaked documents show how the former Prime Minister of Curaçao, Gerrit Schotte, was involved in possible corruption within the security service of Curaçao.

This security service must, among others, commissioned by the governor, investigate whether politicians are ‘clean enough’ to, for instance, become a Minister. Schotte and his team have put a lot of effort into blocking such a screening. How far they are willing to go in that, is made clear in this story.

Employees of the security service certainly can not have relations with politicians. Still, the head of the service, Lawrence P. of the then-Antillian security service, flew to Sint Maarten on September 16th 2010 for a meeting with Gerrit Schotte, Minister-to-be George Jamaloodin,  and Theo Heyliger, a controversial politician at Sint Maarten.

Report to police

On such small islands you will then be ‘signaled’. A day later, Edsel Gumbs, director of the Antillian security service, makes a phone call to the Antillian Minister of Justice about this forbidden meeting. In response, the Minister denies P. access to the building of the security service.

A lot changes on October 10th 2010. Curaçao is no longer part of the Netherlands Antilles, but as of that day is an autonomous country within the Kingdom of The Netherlands. Gerrit Schotte is the first Prime Minister. And the security service for the entire Antilles is reformed into the Curaçao Security Service (in Dutch: “Veiligheidsdienst Curaçao”, aka VDC).

The VDC filed a police report against P., the suspected head of service, for violating professional secrecy. From wiretapped phone data it is apparent that P. borrowed money from Jamaloodin, who has meanwhile been appointed Minister of Finance. In exchange for that, the Minister could obtain information about persons from P.

Prime Minister Schotte wants the suspended employee to return back to work at the VDC. The VDC’s oversight committee blocks that.

The hot issue is the mandatory screening that Schotte and his administration resist. Gumbs, director of the VDC, wants to continue the investigation, against Schotte’s will.


On October 27th 2010, the VDC writes an internal memo [.pdf; mirror] with a long list of incriminating information about Schotte and a number of his Ministers: among others, the Prime Minister is involved in dubious financial businesses, and has debts. It is clear that the majority of the Curaçao government ministers could never have been appointed if that screening was completed prior to their appointment.

On that same day, the government denies Gumbs access to the buildings of the VDC, which later fires Gumbs because he would be unsuitable to lead the service. In February 2015, the court of Curaçao ruled that Gumbs has been “intentionally damaged”: there is nothing, according to the judge, that he is unsuitable or incompetent to lead the security service.

After Gumbs left, the government appointed a new director for the VDC. In October 2011, under his regime, something remarkable happens. The network operator of the security service provides a detailed testimony about this before the Curaçao Ombudsman.

He says that in the beginning of October, he had to tell a number of ‘Columbians’ how the VDC’s information was protected. Commissioned by the Prime Minister, he was told by his supervisors. A few weeks later, the network operator had to provide the passwords of the system, after which all data present could be copied and changed; not just of the VDC, but also data exchanged with the Dutch general intelligence & security service AIVD and the American DEA and FBI.

Dutch MP Ronald van Raak says it might constitute the largest data theft ever concerning a secret service. Multiple sources confirm that the copied data has ended up in the hands of criminals. Data also allegedly was erased, for instance to make possible a positive screening of future politicians, according to Van Raak.

Van Raak finds that the Netherlands must intervene. ‘My request to Minister of the Interior, Ronald Plasterk, is: do something about it.’

Maffia ties

Gerrit Schotte (40) was the first Prime Minister of the country of Curaçao, from October 10th 2011 to September 29th 2012. He is suspected of having accepted 200,000 dollar from Francesco Corallo — who owns a lot of casinos in the Caribbean area and is considered to belong to the Italian maffia — in exchange for influence on the island and promoting the interest of his casino business. The Public Prosecution Service of Curaçao stated this on Friday, in the first hearing in the criminal case against the former Prime Minister. Schotte and his wife are also suspected of money laundering and forgery. The court case will take place in September. The current Prime Minister, Ivar Asjes, who is associated with the political party of Helmin Wiels (who was murdered in 2013), makes little hurry in cleaning things up in Curaçao.


In response to questions from Van Raak, Plasterk states that not the Netherlands, but Curaçao itself is responsible for the course of events at the VDC. “I cannot confirm that information of the AIVD is stolen, copied, or erased. I cannot make public statements about how the AIVD and VDC cooperate. The country of Curaçao has its own oversight committee concerning the VDC. It is up to the government of Curaçao and the parliament of Curaçao to oversee the course of events.”

According to intelligence services expert Constant Hijzen (Leiden University), a reorganization of a security service is a sensitive moment: in this case on October 10th 2010, when the service changed from an Antillian security service into a Curaçao security service. “In such a phase, the question is who should be in charge, who determines what activities to carry out, what mandate the services get, and how they are supervised. And to what extent politics may influence personnel policy, how transparent the procedures are, and how checks it.”

Intelligence services do not give insight into the data they exchange, and thus the damage of data theft is difficult to determine. “As a rule of thumb, the services make an estimation of the reliability of parties they cooperate with. I suspect that the AIVD has not exchanged lots of data with the VDC; it will rather be specific information in certain joint operations”

The topic is scheduled for the Dutch parliamentary agenda of March 31st.