The Omroep Gelderland experiment—successfully tracking the Royal Netherlands Navy frigate HNLMS Evertsen via a commercially available Bluetooth Low Energy device mailed through official military channels—reveals vulnerabilities far deeper than routine mail-screening failures. While the Dutch Ministry of Defence downplayed the event as posing "no operational risk" because the device was discovered after 24 hours, this misses the central lesson: modern naval forces remain dangerously exposed to low-cost, crowd-sourced tracking networks that adversaries can exploit at scale.

The incident occurred while Evertsen escorted France’s Charles de Gaulle carrier strike group in the Mediterranean, a theater increasingly contested by Russian and Chinese intelligence assets. The tracker, concealed in a postcard to bypass X-ray protocols that crews often ignore for envelopes, leveraged Bluetooth’s mesh capability. Once near commercial shipping, coastal infrastructure, or even airborne platforms near Crete and Cyprus, it reported positions through the same global find networks (similar to Apple AirTag or Tile ecosystems) that millions of civilian devices participate in. This is not traditional emissions; it is parasitic use of the electromagnetic commons.

Original coverage focused on the novelty of the stunt and the predictable bureaucratic response—banning cards with batteries. What it missed is the direct connection to a pattern of self-compromise that has accelerated since 2018. The Strava heatmap scandal exposed forward operating bases in Syria, Iraq, and Somalia because soldiers’ fitness trackers created digital silhouettes of otherwise classified infrastructure (New York Times, 28 Jan 2018). Le Monde’s March investigation similarly located an officer’s deck runs aboard the Charles de Gaulle itself through the same running app. Those cases involved voluntary data leakage; the Dutch case demonstrates involuntary injection is equally feasible.

Synthesizing these with broader analysis from the Royal United Services Institute (RUSI, 2022) on how open-source intelligence transformed targeting in Ukraine, and a 2024 Center for Strategic and International Studies (CSIS) report detailing China’s fusion of commercial sensors, fishing militia vessels, and dual-use satellite constellations to maintain persistent custody of U.S. and allied naval forces in the Indo-Pacific, the strategic implication is clear. Peer competitors no longer need expensive reconnaissance satellites for initial cueing. A network of $15–30 Bluetooth, LoRa, or satellite IoT devices—delivered via proxies, supply chains, or insider compromise—can provide real-time geolocation sufficient to cue hypersonic weapons, submarine ambushes, or swarming UAVs.

This exposes a deeper doctrinal failure in emissions security (EMSEC). While NATO warships drill EMCON (emissions control) procedures to deny radar, communications, and radar signatures, they have not adapted to the reality that every sailor’s personal device, every allowed commercial shipment, and every Bluetooth-enabled piece of logistics equipment constitutes a potential beacon. The Mediterranean deployment of the de Gaulle group was already under Russian shadow—recall the Su-24 buzzing runs and Admiral Kuznetsov presence in 2021–22. China’s observation of these operations feeds directly into PLA targeting doctrine that emphasizes "kill webs" built on commercial infrastructure.

The naivety cited by retired Lt. Gen. Mart de Kruif runs deeper than mail protocols. It reflects a persistent peacetime mindset that treats OPSEC as bureaucratic compliance rather than a warfighting imperative. In a high-intensity conflict against Russia or China, such gaps would be systematically probed and exploited. Adversaries already harvest Strava, AIS spoofing data, commercial SAR imagery from Capella and ICEYE, and now low-power personal tracking networks.

Corrective measures must exceed banning battery postcards. Comprehensive solutions include: mandatory Faraday screening of all inbound logistics, hardened device policies that prohibit consumer Bluetooth/IoT inside sensitive spaces, cultural retraining that treats every sailor as a potential emissions node, and investment in active detection systems for rogue low-power signals. Absent these changes, the next "journalistic experiment" will likely be conducted by the PLA Navy or Russian GRU—with lethal consequences.