Adversaries¶

The adversaries in this model are not the hooded figures of popular imagination. Most of them have offices, legal mandates, oversight committees of varying rigour, and annual budgets that appear in parliamentary documents. That is what makes this threat model structurally different from the others in this series: the entities doing the harvesting are, in many cases, the same entities responsible for the legal framework that permits it.

Domestic intelligence agencies¶

Every EU member state maintains at least one civilian intelligence agency with domestic remit. Examples include the AIVD in the Netherlands, the DGSI in France, the BfV in Germany, the ABIN in Poland, and the BVT (now DSN) in Austria. These agencies operate under national legislation that grants surveillance powers for purposes including counter-terrorism, counter-espionage, protection of constitutional order, and, in some cases, broader national security mandates that are defined generously.

They are subject to oversight, but the quality of that oversight varies considerably. In some member states, parliamentary oversight committees have meaningful access and investigative power. In others, oversight is largely formal. Judicial authorisation requirements also vary: some states require prior judicial or independent authorisation for intrusive surveillance; others require only internal approval.

The domestic intelligence agency is the adversary with the most legal access and the deepest structural embeddedness. It is also the adversary that is most constrained by domestic law, at least in theory.

Foreign intelligence agencies¶

Foreign agencies operate under entirely different legal constraints in the target country, which is to say they operate under none enforceable there. Allied foreign agencies (GCHQ, NSA, and others) may have formal or informal access agreements with domestic counterparts, share collected data, and conduct their own collection on infrastructure that passes through or is hosted in EU jurisdictions.

Adversarial foreign agencies (Russian SVR/FSB, Chinese MSS, Iranian MOIS, and others) conduct surveillance and espionage operations against EU citizens, civil society, companies, and government institutions through a range of technical and human means. The Pegasus spyware, developed by the Israeli NSO Group, has been documented in use against politicians, journalists, and civil society figures across multiple EU member states, deployed both by adversarial states and, in some documented cases, by EU member state governments against their own citizens.

The foreign agency adversary is the one with the fewest domestic legal constraints and the most varied technical capability.

Law enforcement¶

Law enforcement agencies are distinct from intelligence agencies in most EU jurisdictions and operate under stricter legal frameworks with clearer judicial oversight requirements. However, they are relevant to this model for two reasons.

First, data collected by intelligence agencies can be and in some cases is passed to law enforcement for use in prosecutions, often through the mechanism of parallel construction (described in the attacks section). The legal threshold for collection and the legal threshold for use in prosecution are handled separately.

Second, law enforcement agencies have expanded their own data collection capabilities, including through data retention mandates applied to telecommunications providers, through access to commercial databases, and through the use of technical surveillance tools that were previously the exclusive domain of intelligence agencies.

The commercial data layer¶

This is the adversary that appears on no intelligence community organogram. The commercial data ecosystem: data brokers, ad-tech networks, telecommunications providers acting as data suppliers, and the broader infrastructure of behavioural tracking that monetises consumer attention. These entities are not conducting surveillance in the sense of targeting specific individuals for intelligence purposes. They are conducting surveillance in the sense of systematically collecting, processing, and selling information about human behaviour at scale.

Their relevance to this model is that they supply the state. Government agencies purchase data from brokers. Intelligence agencies can access platform data through legal instruments or informal cooperation. The commercial layer extends state visibility into domains that would otherwise require intrusive technical operations and legal authorisation, and it does so legally, at commercial rates, with no requirement for a warrant.

The broker is not an adversary in the sense of intending harm. It is an adversary in the sense of being a structural participant in a system that enables harm.

Regulatory bodies¶

Regulatory bodies with access to corporate and financial data (tax authorities, financial regulators, competition authorities, sector regulators) hold detailed information about companies and in some cases individuals. In most EU jurisdictions, intelligence and law enforcement agencies can request access to regulatory data under appropriate legal thresholds. Regulatory compliance requirements can also be structured to create data collection obligations that serve a surveillance function.

This is the adversary that does not look like one. It looks like bureaucracy. The data flows it generates are a byproduct of legitimate regulatory function, but byproducts can be collected and repurposed.