In a major step towards enhancing national security in the era of internet, the Netherlands government has approved a far reaching revision to its Espionage Law in 2025, mainly aimed at massively increasing sanctions for online criminal activity committed in the name of espionage.
The updated law, which was enacted on 15 May 2025, follows growing worries about foreign interference and the growing scourge of digital threats directed against the Netherlands’ critical infrastructure, sensitive technology, and its national interests.
Formerly, Dutch espionage legislation centered mainly on the unlawful release of classified state information. The updated law now defines espionage as the burdening of confidential — though not classified — information to foreign agents just in case that information could harm Dutch interests. In addition, it is now expanded to cover a broader set of activities undertaken for foreign governments that could harm national security, such as cyber spying.
One of the crucial points of the 2025 update is the strengthening of sanctions against computer-related crimes correlated with espionage. Perpetrators of such cybercrimes would now be jailed for a maximum term of eight years.
For particularly serious incidents, like fatal attacks or major damage to important infrastructure, the maximum jail term has been increased to twelve years. The scale of the hike is an indication of how seriously the Dutch government takes digital espionage and the threat it poses.
Justice and Security minister David van Weel said efforts are needed to reinforce the country’s resilience against developing threats from external sources on the cyber front. He underscored the importance of safeguarding not just classified information but also delicate economic, technological and political intelligence that foreign entities could use to their advantage.
The revised act also responds to worries that foreign powers are targeting diaspora groups in the Netherlands. Unauthorized personal data build-up, intimidation, blackmailing, suppression of critics in those communities is now specifically addressed in the extended list of legislation.
This legislative measure is a part of a wider plan to enhance the country’s cybersecurity system in the Netherlands. Concurrently, the government is preparing to introduce tighter controls for researchers and students working with sensitive technologies at Dutch universities in response to fears that intellectual property is being stolen by foreign countries.
The legal amendments come amid a rising tide of cyber operations by foreign powers, including alleged attempts to hack international institutions based in The Hague and to infiltrate Dutch critical infrastructure.
The broader definition of the Espionage Act is clear proof of a concerted effort to modernise the Dutch law and to protect the national security in an interconnected and digital world.
