Which countries do the Dutch join with their new mass surveillance law?

Digital freedomPrivacy news
3 mins
What is the Dutch Dragnet law?

It’s official—the Dutch government doesn’t care about its citizens’ right to privacy.

With its new mass surveillance law, the Netherlands will join the US, UK, and Russia on the growing list of countries with invasive mass surveillance laws on January 1, 2018.

Even with a referendum (scheduled for March 21, 2018) to bring the Dragnet law into question, members of the Dutch government have vowed to uphold the law regardless. They also plan to go one step further and remove the ability to hold a citizen-held petition for future referendums.

In light of the apparent certainty of the new Dragnet law remaining in the Netherlands, ExpressVPN takes a look at other countries with beefy mass surveillance programs introduced in the name of national security.

What is the Dutch Dragnet Law: A summary

The Dragnet law is an amendment to the 2002 Intelligence and Security Services Act, which will grant the Dutch intelligence agency AIVD and its military counterpart MIVD, among other things, the power to access and retain the metadata of any and all of its citizens.

The law further extends AIVD and MIVD hacking privileges to include the devices of third parties associated with targeted individuals—like friends, family members, and companies they may use (much like the NSA’s relationship with Microsoft, Google, and Apple).

Which other countries with draconian surveillance laws will the Netherlands join?

United States

The Foreign Intelligence Surveillance Act, introduced in 1978, was supposed to collect intelligence on foreign spies. But an amendment 30 years later, FISA Section 702, gave the government the power to gather communications directly from servers of U.S. Service Providers like Microsoft, Google, and Facebook. The amendment allowed two programs—PRISM and Upstream—to essentially collect any and all information sent internationally, from anyone.

As the most significant player in the Five Eyes surveillance alliance, the U.S. collection of all data and metadata is comprehensive, with 80 percent of all deep sea cable communication intercepted and collected by the Upstream program. While apps and operating systems have bumped up encryption since the Snowden leaks in 2013, the surveillance program persists today. FISA Section 702 is up for renewal at the end of 2017, and will likely continue.

United Kingdom

The Investigatory Powers Act, or the “Snooper’s Charter,” passed in 2016, is what Edward Snowden calls “the most extreme surveillance in the history of western democracy.” The act requires the UK’s internet service providers and phone companies to retain all records of their customers’ browsing data for up to one year. And with a warrant, dozens of public authorities can access these files.

In fact, the UK has been snooping since 1999—the “Snooper’s Charter” just made it legal. The UK’s Government Communications Headquarters, or GCHQ, have their own deep-sea cable communication surveillance, TEMPORA, which it shares with its intelligence alliances, namely the Five, Nine, and Fourteen Eyes. Lots of eyes.

The Investigatory Powers Act is currently facing its first challenge now by Privacy International in European Court.


Last, but certainly not least is Russia’s System of Operative-Investigative Measures, or SORM—the country’s national system of legal interception of virtually all communication within the country. Used since 1990, and significantly bolstered last year by the Yarovaya Law, SORM allows the Federal Security Service to access any server communications remotely, without permission from an ISP.

The Yarovaya Law is a series of amendments to SORM, passed in the name of counter-terrorism to include mandatory data retention and the right to obtain “all other information necessary” without a court order. Rather alarmingly, it’s also a crime to “fail to report a crime”—a lack of action that could cost a year in prison.

How to save the Netherlands from overt surveillance

The referendum will be held on March 21, 2018, meaning there’s still time to drum up support for a review of the Dragnet Law. While the Dutch government seems hell-bent on keeping the law enforced, organizations like Bits of Freedom and Public Interest Litigations Project are preparing to bring the legislation to court on the basis that it violates the fundamental human right to privacy.

Want to take back control of your online privacy? Our internet privacy guides are a good place to start.

Ceinwen focused on digital privacy, censorship, and surveillance, and has interviewed leading figures in tech.