June 15th 2014: Dutch Joint Sigint Cyber Unit (JSCU) officially started

UPDATE 2015-07-02: the Dutch government released their draft intelligence bill into public consultation. Details here.

UPDATE 2014-09-30: example JSCU/MIVD vacancy: scientific researcher on cryptanalysis for the JSCU’s Decryption and Crypto Development Bureau (in Dutch: “Bureau Ontcijfering en Crypto Development”, or BOCD).

UPDATE 2014-07-08: correction: JSCU officially started on June 15th, not on July 3rd; the latter was the date the Parliamentary Papers appeared. Kudos to @electrospaces for the correction.

The Dutch Joint Sigint Cyber Unit (JSCU) was officially launched today on June 15th 2014. My translation of the JSCU’s tasking according to the covenant (.pdf, in Dutch):

Article 1: Task description
The JSCU is a joint supporting unit of the AIVD and the MIVD that, commissioned by and under the responsibility of the AIVD and MIVD, is tasked with:

a. the collection of data from technical sources;
b. making accessible data from technical sources such that the data are searchable and correlation within and between these sources is possible;
c. supporting the analysis, notably in the form of data analysis, investigation into cyber threats and language capacity;
d. delivering Sigint and Cyber capability in support of the intelligence requirements of the AIVD and the MIVD, potentially on-site;
e. innovation and knowledge development on the task areas of the JSCU.

My translation of the announcement (in Dutch) of the launch (I translated as literally as possible):

With the launch of the Joint Sigint Cyber Unit (JSCU), the General Intelligence & Security Service (AIVD) and the Military Intelligence & Security Service (MIVD) take an important step in better protecting the national security and our digital networks against threats, and at the same time better support our soldiers on missions. A successful cooperation requires proper arrangements. These arrangements are laid out in a covenant [.pdf, in Dutch] that is signed by the Minister of the Interior and the Minister of Defense.

The joint unit is specialized in Signals Intelligence (Sigint) and Cyber. Sigint includes information collection from (tele)communications. Cyber is a collective term for various activities related to computer networks and data streams. Think of mapping the internet landscape in a (new) mission area, informing partners about a dangerous computer virus or hacking a terrorist website that threatens national security.

The government is committed to further cooperation between the AIVD and the MIVD. One major reason for this is the bundling of scarce knowledge and resources. Considering the speed of technical developments in the field of Sigint and Cyber, pooling of knowledge and resources within the JSCU is not only desirable, but a necessity.

The JSCU is a logical consequence and intensification of the ongoing cooperation on the area of Signals Intelligence in the National Sigint Organisation (NSO). Together with other specialist parts of the AIVD and the MIVD, the NSO is merged in the new partnership. The JSCU is not an independent entity, but part of the AIVD and MIVD.

Like the other tasks of the two services, the task performance of the JSCU is bound by the Intelligence & Security Act of 2002. Oversight is carried out by the Review Committee on the Intelligence and Security Services (CTIVD).

The announcement was accompanied by two infographics:

Earlier this week the Dutch government partially reversed budget cuts on intelligence & security service AIVD, citing increased threats. One category of threats concerns the promotion of jihad through social media by Dutch jihadists and the threat of Dutch persons returning from jihad in Syria. This is described in the report Transformation of jihadism in the Netherlands: swarm dynamics and new strength that accompanied the announcement that the budget cuts will be partially reversed. The AIVD states that since 2012, some 130 Dutch persons went to Syria, of which 14 got killed.

After the Parliamentary summer recess, which ends on September 1st 2014, the Dutch government will send a proposal to the Dutch Parliament for changing the Intelligence & Security Act of 2002. Notably, it is expected that the proposal will include a broadening of interception powers such that the AIVD and MIVD are permitted to perform undirected (i.e., bulk/mass) interception of cable communications. That would allow the Dutch intelligence services to carry out programs such as GCHQ’s Tempora and NSA’s Special Source Operations (SSO), that feed PRISM. Our legislative regime and oversight mechanism is different from that in the U.S. and the U.K., but one thing is the same: the oversight on existing SIGINT powers in the Netherlands is broken too. It is still unclear how that problem will be addressed by the government.

The Netherlands is a member of the SIGINT Seniors Europe (SSEUR). Whether it should be expected that the Netherlands will participate in the NSA’s RAMPART-A (.pdf, 2010) program, i.e., allow the NSA unrestricted (?) access to cable communications intercepted by the Dutch services, I don’t know. In their article Bound by Silver Cords — The Dutch Intelligence Community in a Transatlantic Context (2012), Dutch academics Beatrice de Graaf and Constant Hijzen suggest that different privacy laws, human rights concerns and legal standards of the Dutch services “put a brake on their relationship with American services and agencies”.


Leave a Reply

Your email address will not be published. Required fields are marked *