Restrictive in cyberspace

New German cybersecurity guidelines harbour even more surveillance and centralised powers

The Federal Cabinet today approved the new „Cybersecurity Strategy for Germany“. The draft, prepared by the Federal Ministry of the Interior, is to be in place for five years and replaces the previous version from 2016. The document describes four different guidelines. Cybersecurity is to be understood as a joint task of the state, business, science and society. Associations as well as citizens themselves should also find „common answers“ to cyber threats. Under the heading „Digital Sovereignty“, the Federal Government wants to invest more in research and develop cyber security into a quality feature „Made in Germany“. „Restrictive in cyberspace“ weiterlesen

Quitting EU adviser: Gilles de Kerchove invents „left-wing terrorist“ threat

A handful of property damages in Italy could lead to left-wing activism being pursued more closely by police and secret services across the European Union. The initiative bears the hallmarks of the German Office for the Protection of the Constitution. Meanwhile, a package of measures against „violent right-wing extremism and terrorism“ has petered out.

In the Terrorism Annual Report for 2020 (TESAT), Europol recently counted 24 left-wing and anarchist terrorist attacks. According to the report, the incidents all took place in Italy, with none of them resulting in human casualties. Most of the attacks were on mobile phone masts and other telecommunications infrastructure, such as relays or cables. Meanwhile, the same report counts only one right-wing terrorist attack, Hanau (Germany), which left nine dead, and six jihadist attacks that killed 12 people.

Each country can determine for itself whether the incidents mentioned in the TESAT are classified as „extremist“ or „terrorist“. It is obvious that the high figures for „left-wing terrorism“ are due to the special counting method of Italian authorities. Nevertheless, the EU anti-terrorism coordinator Gilles de Kerchove has now presented a paper proposing initiatives against a „left-wing terrorism“. „Quitting EU adviser: Gilles de Kerchove invents „left-wing terrorist“ threat“ weiterlesen

Germany: The state hacks along

With the temporary exception of the Federal Police, all German police agencies and secret services are now allowed to hack into computers and telephones. This is an extremely deep invasion of privacy

On 10 June, the Bundestag massively expanded the use of state trojan horse programmes. A bill on the „adaptation of the law on the protection of the constitution“ was put to the vote, which the MPs adopted with 355 votes of the ruling coalition factions CDU/CSU and SPD. According to the bill, the domestic intelligence service will now also be allowed to penetrate foreign computer systems with the help of spy software. The parliamentary groups DIE LINKE, FDP, Bündnis90/Die Grünen and AfD voted against; the SPD voted five against and three abstained.

The bill „to modernise the legal basis of the Federal Police“ was also passed by the CDU/CSU and SPD against the votes of the opposition. This would have allowed the Federal Police to infiltrate computers and mobile phones, just like the Office for the Protection of the Constitution, without the persons concerned having to have committed a crime. A week ago, the upper house (Bundesrat) overturned this new law for various reasons, so the next federal government will have to deal with it again. The renewed Constitutional Protection Act, on the other hand, remains valid. „Germany: The state hacks along“ weiterlesen

Spotlight on: State Trojans

In Greek mythology, the horse outside the city of Troy was a wooden gift in whose hull some of the hostile Achaeans had hidden. Unsuspecting inhabitants, certain of victory over the invaders, pulled it in, the Achaeans climbed out at night and opened the gates for trailing troops, who then captured and destroyed Troy.

Today’s so called state trojan does not disguise itself as a gift and is active even when the enemy is awake. Nevertheless, the reference to the myth fits, because the wooden horses used by criminal investigation agencies may be installed „by means of criminalistic cunning“. First, the investigators find out how the software can best be installed: As a clandestine installation via websites that appear unsuspecting, in downloaded files or an attachment sent by e-mail. It is also possible to introduce the tool by breaking into the device, for example during a secret search of a flat or a police check. „Spotlight on: State Trojans“ weiterlesen

German proposal: Prohibited EU secret service cooperation through the back door

Although this violates EU treaties, the police agency Europol is to cooperate closely with secret services. This involves lists of suspicious persons originating from third countries. The individuals listed there will then be discreetly searched for throughout Europe.

In fact, the European Union has no competence to coordinate the secret services of the Member States. In the case of Germany, this would also violate the principle of separating the tasks of police and services. Nevertheless, the German EU Presidency is now for the first time pushing for operational cooperation coordinated by Europol.

The German proposal for a „coordinated approach“ deals with covert searches for persons under Article 36 of the SIS II Council Decision, which are based on lists of secret services such as the USA, but also from North Africa or the Western Balkans. They are to be entered into the Schengen Information System (SIS II), to which third countries do not have access. Only the 26 EU Member States involved, Iceland, Norway, Liechtenstein and Switzerland may issue such alerts. „German proposal: Prohibited EU secret service cooperation through the back door“ weiterlesen

EU database: European domestic secret services increasingly hunt abroad

50,000 people are under secret surveillance throughout Europe by the French police, another 50,000 are to be checked during routine police operations or when crossing the EU border. In the field of secret services, this wanted list is headed by Germany. Requests for such clandestine observation can also come from third countries.

More than 1,500 persons are being observed by the German secret service with the help of the Schengen Information System (SIS II) throughout Europe, the German Federal Ministry of the Interior writes in an overview. Entries are made by the Federal Office for the Protection of the Constitution (BfV), which is the leading office in the field of clandestine observations in Europe. Secret services in France and Great Britain have each issued alerts for slightly less than 1,500 persons, Sweden 625, the Netherlands and the Czech Republic around 500.

The SIS II has been used for 25 years by border, police, customs and immigration authorities as well as secret services from 26 EU Member States including Iceland, Norway, Liechtenstein and Switzerland. Last year, almost one million people were wanted from these countries in the SIS II, for example, with a European arrest warrant or for missing persons. However, most entries concern persons who are subject to an entry ban after their deportation. Article 36 of the SIS II Council Decision covers with 168,000 in total a relatively large proportion of these one million, and the number is increasing significantly every year. „EU database: European domestic secret services increasingly hunt abroad“ weiterlesen

EU opens its biggest database for secret services from third countries

In the Schengen Information System, police and secret services may, inter alia, issue alerts for secret monitoring. Authorities from non-EU states can now have searches carried out via a detour. The German government remains silent about the exact role of its own secret service.

The Schengen Information System (SIS) is the largest European database, which has been used for 25 years by border, police, customs or immigration authorities and secret services. Today’s SIS II involves 26 EU Member States (all except Ireland and Cyprus) as well as Iceland, Norway, Liechtenstein and Switzerland. As of 1 January 2020, more than 90 million people and objects were stored. Most of the entries, which increase every year, come from Italy, followed by France and Germany. The number of searches is also growing rapidly, with almost seven billion of them reported last year. That is about 220 searches per second.

Each Member State is responsible for the accuracy of its entries and must respect deadlines for deletion. Information that is stored in SIS II may also come from third countries, which is part of the normal practice of police forces and secret services. Last year, however, the European Union launched a pilot project to extend these entries to selected „trusted third countries“ and to find a uniform procedure for handling them. „EU opens its biggest database for secret services from third countries“ weiterlesen

Germany: Many „silent SMS“ at federal and state level

Inquiries in parliaments and under the Freedom of Information Act show the amount of secret text messages to find out the whereabouts of telephones and their owners. Police use the method in real time for arrests, while secret services create longer-term movement profiles with it.

„Silent SMS“ are text messages whose reception is not indicated by the mobile phone. However, they generate a communication process that is logged by the telephone providers. With a court order, security authorities query this data record. Police and secret services are interested in the radio cells in which the phones are located. In this way, they obtain the location and a movement profile of the persons concerned.

For some years now, biannual inquiries to the German government have documented that the figures for „silent SMS“ at the Federal Criminal Police Office (BKA) and the Federal Police are at a similar level. The highest value for both authorities together was in the first half of 2016 at around 138,000, the lowest in the first half of 2019 at around 26,000. Subsequently, the figures have more than doubled again, the Federal Ministry of the Interior announced last week. „Germany: Many „silent SMS“ at federal and state level“ weiterlesen

The tracking bug in your pocket: Mobile phone surveillance in Germany

Procedures according to §§ 100 of the Code of Criminal Procedure (StPO) to determine the whereabouts and identification of mobile phones in Germany

In addition to telecommunications surveillance (§ 100a StPO) and online searches (§ 100b StPO), German police authorities use technical means within the framework of §§ 100 StPO to determine the location of mobile phones. These include the so-called „silent SMS“, IMSI-Catcher and cell site analysis. Customs and the secret services are also partially authorised to perform these tasks. Six-monthly parliamentary inquiries in the Bundestag document that the number of measures for federal authorities has remained at about the same level in recent years. According to the figures of individual states, the investigative methods under Sections 100 of the Code of Criminal Procedure are in some cases used much more frequently there than by federal authorities. Some measures for the localisation of telephone owners are in a grey area and have led to legal adjustments. A ruling by the Federal Court of Justice last year could be the reason why the figures for „silent SMS“ have suddenly fallen sharply. Some federal states are currently merging into „Joint Competence and Service Centres“ in the field of police telecommunications surveillance (GKDZ), which are being set up in Hamburg and Leipzig/Dresden. It is possible that with these centralised GKDZs, the number of measures for telecommunications surveillance within the framework of §§ 100 StPO will increase further. „The tracking bug in your pocket: Mobile phone surveillance in Germany“ weiterlesen

EU facial recognition

Police and secret services can currently search facial images only in individual EU Member States. The EU wants to change that

The European Union wants to make it much easier for police to cross-check facial images. In the future, it will be possible to compare search photos with corresponding databases in all member states. Such a search could be carried out with still images from surveillance cameras in order to identify an unknown person. At present, each country in the EU must be contacted individually for this purpose.

The relevant facial image databases are usually held by police authorities. In Germany, this is the police information system INPOL, which is maintained at the Federal Criminal Police Office (BKA) for all German police departments. More than four million searchable photographs are currently stored there, many of them from police measures after an arrest. „EU facial recognition“ weiterlesen