The EOS Committee is responsible for overseeing intelligence, surveillance, and security service carried out by, or on behalf of, public authorities in order to safeguard national security interests.
The area of oversight is not associated with specific organisational entities. It is thus not of decisive importance for the oversight authority which bodies or agencies are engaged in EOS services at any given time.
These duties are currently assigned to the Norwegian Police Security Service, the Norwegian National Security Authority, the Norwegian Intelligence Service and the Norwegian Defence Security Department. Consequently, the Committee’s continuous oversight is currently conducted in relation to these services.
However, the Committee may also conduct investigations in other parts of the Norwegian public administration if this is deemed necessary in light of the Committee’s oversight duties. Senior members of the Public Prosecution Authority, that is, chief public prosecutors and the Director General of Public Prosecutions, are, however, exempt from the Committee’s area of oversight. Security clearance decisions made by the Storting’s administration and / or presidium is neither within the area of the Committee’s oversight.
The responsibility for oversight does not include activities involving persons who are not resident in Norway or organizations that have no address in this country. The same applies to activities involving foreign citizens whose residence in Norway is associated with service for a foreign state. However, the Committee may investigate these areas as well, if special circumstances so dictate. The decision on whether or not such circumstances are present is left to the Committee’s discretion.
The Committee is not authorised to order the services to take specific action on a matter, nor to make decisions to which the services are obligated to conform. However, the Committee may express its opinion on matters or situations it investigates as part of its oversight duties and make recommendations to the services, such as recommending that information on a person be deleted from the service’s register, that a matter be reconsidered, or that a practice or measure ought to be changed.
In its reports to the Storting on oversight activities, the Committee may choose to emphasise various situations or problems associated with the EOS services it regards relevant or of current interest. The Committee’s reports shall provide the Storting with an informational basis on which to decide whether amendments to existing legislation or changes in current practice are necessary, and the Committee can recommend changes to legislation that are relevant for the area of oversight.
The Committee shall, as a rule, conform to the principle of subsequent oversight. However, the Committee may demand access to, and comment on, current issues.
The purpose of the oversight carried out by the EOS Committee is primarily that of making sure the EOS services safeguard the security of individuals under the law, particularly in terms of protecting their civil liberties and guaranteeing due process of law. The Committee must further clarify whether any, and ensure that no, individual is subjected to unjust treatment and ensure that the EOS services do not make use of more intrusive methods than necessary under the circumstances.
Furthermore, the Committee shall see to that activities carried out by the services in question do not unduly harm or impede the interests of the society, and it is also committed to carrying out general oversight of the legality of the EOS services, as they are required to keep their services within the framework of statutory law, regulations, and non-statutory law, as well as government directives that apply to these services.
The Committee has according to the Oversight Act unlimited access to the services’ archives and registers, but the Storting adopted a plenary decision that gives the Committee limited access to the Norwegian Intelligence Service’s “particularly sensitive information”
By ‘particularly sensitive information’, cf. the NIS’s Guidelines for the processing of particularly sensitive information, is meant:
1. The identity of the human intelligence sources of the NIS and its foreign partners
2. The identity of foreign partners’ specially protected civil servants
3. Persons with roles in and operational plans for occupational preparedness
4. The NIS’s and/or foreign partners’ particularly sensitive intelligence operations abroad* which, if they were to be compromised, a. could seriously damage the relationship with a foreign power due to the political risk involved in the operation, or b. could lead to serious injury to or loss of life of own personnel or third parties.
*By ‘intelligence operations abroad’ is meant operations targeting foreign parties (foreign states, organisations or individuals), including activities relating to such operations that are prepared and carried out on Norwegian territory.
Otherwise there are few limitations on the manners in which the Committee may carry out its oversight duties. However, the underlying premise is that the Committee does not request access to classified information to a greater degree than is necessary under the circumstances, and the Committee must further take national security interests and the nation’s relations with foreign states into consideration in exercising their supervisory authority. A certain level of caution in overseeing the EOS services is thus recommended.
The statutory provisions that apply to EOS services authorise the individual services to implement various measures toward citizens. These measures must conform to requirements established in national legislation, but they must also conform to provisions in international law, established to protect civil liberties. In Europe, the European Convention on Human Rights (ECHR) is central to the preservation of human rights. In 1999, this convention was incorporated into Norwegian law, and in the event of conflicting provisions, this shall take precedence over other national legislation. Central to the area of operation for EOS services is Article 8 of the ECHR, relating to the right to respect for private and family life, but Article 10, relating to the right to freedom of expression, and Article 11, relating to the right to freedom of assembly and association, are also highly significant in this field.
A certain threshold must be reached before the Committee is able to criticise the services’ discretion in specific matters. The Committee’s responsibilities are associated with oversight only, which is why the Committee may not instruct the EOS services or be consulted by them as part of the decision-making process.
The Committee exercises its oversight authority in three different ways:
- Investigating complaints
- Investigating matters raised on the Committee’s own initiative
The Committee has a broad right to inspect the services’ and public administration’s archives and registers and an equivalent right of access to government’s and services’ premises and installations of all kinds. The Commitee’s right to access to information also includes government bodies and businesses that assist the EOS services. This is necessary in order to enable the Committee to perform its oversight responsibility. The Committee can summon employees of the EOS services and other employees in the public administration and private persons to give evidence orally to the Committee.
The Committee may also, in certain circumstances, require evidence to be given in court. The Committee is entitled to seek expert assistance in oversight activities when deemed appropriate.
In the Oversight Act there is also a penal provisionand persons that do not facilitate for the EOS Committee’s oversight in a manner that they have a legal obligation to do, can be sentenced to fines and maximum one year in prison.
A central aspect of the Committee’s oversight activities is carrying out inspections. The Committee shall inspect the headquarters of the PST at least twice a year, the NSM twice a year, the NIS twice a year, the FSA twice a year, the Norwegian Special Operation Forces once a year and the Army Intelligence battalion once a year. In addition, the local units of the services shall also be inspected regularly. The committee shall also inspect police bodies and other bodies and other institutions that assist the PST (Police Security Service). This includes private enterprises.
Other services may also be inspected, when it is relevant to the Committees area of oversight.
Services are given prior notice of inspections, but the Committee may also carry out inspections unannounced. Inspections usually begin by having the service brief the Committee on relevant conditions and activities that have taken place since the last inspection. In addition, the Committee informs the service of one or more topics it wants clarified during the inspection in advance. Briefings are usually followed by questions from the Committee, which serve as a basis for discussion between the Committee and the service. Later on, the Committee inspects the service’s archives and registers. The inspections are thoroughly prepared by the secretariat.
In inspecting the PST, the Committee’s main focus is the service’s collection and processing of personal data, the service’s new and concluded preventive and investigative cases, the use of various coercive measures, such as wiretaps, and exchange of information with domestic and foreign partners.
The Committee’s foremost responsibility in inspecting the NSM and other security clearance authorities is to oversee processing and decisions in matters concerning security clearance. During NSM inspections, the Committee is routinely presented with all complaint decisions where the complaint was denied. In addition, the Committee regularly carries out random checks of decisions to deny or revoke clearance in cases where no complaint was lodged. The Committee also oversees NSM’s cooperation with other EOS services and NorCERT – the Norwegian National Cyber Security Centre.
FSA inspections primarily focus on security clearance issues, but the service’s responsibilities associated with protective security activities in the Armed Forces also represent a key aspect of the Committee’s oversight activities here.
In inspecting the Norwegian Intelligence Service, a primary concern for the Committee is to make sure that the provisions of the Intelligence Service Act prohibiting surveillance and/or covert procurement of information on Norwegian natural and legal persons in Norway are abided by, and that the service is under national control.
Additionally, the Committee oversees the service’s technical collection of information, the processing of personal data and the exchange of information with foreign and domestic partners.
Much of the information the Committee receives in its oversight capacity and in investigating complaints is classified, i.e. subject to secrecy on grounds of national security interests. The Committee cannot disclose classified information – including information about whether one is under surveillance or is registered by one of the EOS services. This sets clear limitations on the type of information the Committee is able to provide to complainants concerning its investigations and the results thereof.
Read more about how the Committee is handling complaints here.