Interception Requirements Get Dutch Internet Providers Into Trouble
A third of Dutch Internet Providers are feared to face bankrupcy due to the high costs of mandatory interception of Internet traffic
Dutch Internet Providers announced last week that they are unable to fulfill their legal obligations concerning interception. The deadline for the service providers is the 15th of April 2001. But due to technical difficulties and high costs it is doubted if the providers will manage to make their systems interceptable at this date.
The new Telecommunications Act that came into force on 15 December 1998 extended the compulsory obligation to intercept messages for telephone companies to include Internet service providers (ISP) and other telecom providers. Internet providers were granted temporary exemption from the mandatory installation of interception equipment, but were ordered to comply with all the regulations by August 2000. The providers had not had enough time to prepare for the installation of the necessary equipment and besides, the technical, financial and judicial consequences were not entirely clear.
The Dutch interception requirements were a direct copy of the demands that had already been formulated in international treaties. Neither the providers nor the government knew how these demands were to be translated either practically or organisationally. Many unresolved details appeared in the minutes of the Partial Organ for Interception (a deliberative body between the government and market parties concerned with the interception of telecommunications which falls under the control of Ministry of Transport and Waterways). A. Eisner from the organisation of Dutch Internet Providers, the NLIP, announced that "world-wide there are approximately three companies, located in America, which are producing interception equipment for the Internet. It could be another two years before adequate bugging devices are developed."
Different Interception Standards in Europe
There is also dissent on the interception protocol to be used. The Judicial Tap Standard (JTS), which is currently in use, cannot cope with tapped information originating from high-speed services like ATM and XDSL. The protocol that was developed by the European Telecommunication Standardisation Institute (ETSI) and that is supposed to be applied to all European businesses still does not meet requirements of the Netherlands. This standard is not suitable for tapping or transmitting quick Internet connections.
The negotiations between members of the EU on the European tapping protocol are still dragging on. Dutch companies do not relish the thought of making installations suitable for interception by the JTS, when in all likelihood a new interception protocol in need of new modifications and financial investments will be introduced within the next few years. Secretary of State De Vries from The Ministry of Transport and Waterways announced in February 2000 that a European protocol is not in sight that all the member states can agree on. For the time being, national regulations will continue to apply. The Dutch service providers were granted another year to resolve the problems.
Last week however, the Dutch providers announced that the new deadline is unrealistic. They claim there are still no clear technical specifications for the way in which intercepted traffic has to be delivered to the police. Therefore manufacturers of Internet interception equipment couldn't develop the proper installations. 'This indistinctness has resulted in a lack of relevant offers from which Internet Service Providers can choose,' stipulate the providers in a letter to the Ministry of Transport and Waterways.
They also point again at the differences between Dutch and European requirements for the interception of Internet traffic:
'The Dutch government has chosen to implement the interception obligation at a time when the European interception standard still has to be completed. Most other European countries wait for that standard, before they compell their providers to make their systems interceptable.'
The Dutch providers fear that their international competitive position will be weakened:
'Dutch ISP's have to shoulder the initial costs of the development of the interception equipment, whereby there is still the risk that the Dutch interception standards will differ from the final European ETSI standards.'
The Dutch ISP's also claim that the costs of the interception obligation are too high. The Dutch Providers have to pay for all the costs resulting from the interception task. 'This will have disastrous effects on the Dutch Internet market,' the providers state. 'A third of the Internet providers are expected to end their business as a result of the high interception costs.'
The Dutch digital privacy watchdog Bits of Freedom warns that the interception obligation of the Internet providers will lead to a rise in interception. Figures show that since mobile telephones are interceptable, the interception numbers have grown. For years, the number of intercepted normal telephones where 3000 a year. But in 1998, when there were only two mobile operators, the numbers rose to 10.000. New communication technologies lead to more interception, Bits of Freedom concludes.