1 The Bestandsdatenauskunft surveillance law.
On 21 March 2013, the German parliament (Bundestag) has passed the law for the so-called “Bestandsdatenauskunft” – stored data inquiry (legal text, supplement). This allows police and authorities far-reaching access – almost without any hurdles – to private user data with telecommunications providers – even passwords. The law must now only be confirmed by second parliament chamber (Bundesrat) (the vote will presumably take place on 3 May 2013), then the law will become effective. On 14 April 2013 we will protest with rallies against the Bestandsdatenauskunft surveillance law.
This is about an intrusion in the innermost core of the privacy of humans: “Bestandsdaten”, the data that can be retrieved, besides name, address, date of birth, phone number, account number, they include passwords to email accounts or services like Facebook, Dropbox, Google and YouTube, as well as PIN code numbers of mobile/cell phones.
The access to our passwords means not only access to completely all of our most private (stored or sent) thoughts, but the complete access to our very self. This very easy access puts into question the informational self-determination of humans over their own identity in the web – their personal accounts. And thus our individual right to exist on the Internet.
This easy access – even allowed when it is only about misdemeanors or less infringements – on something as central as this makes arbitrariness possible, which is a threat to fundamental principles of democracy. Also, anonymous visits to websites on the Internet are endangered by the identification of IP addresses leading to names and addresses without any hurdles. The German Federal Data Protection Officer, the New Judges’ Association, and many others who were invited as experts in the parliament, view the law as highly problematic in terms of data protection, privacy, and fundamental civil rights.
This view on the internet is illustrated by a statement from the Vice President of the German Federal Police (BKA): According to the Spiegel, he sees the Internet as a space without any privacy, and therefore any surveillance as unproblematic. We oppose this view: Privacy is a human right – on the Internet, too! Only then can the Internet serve for the emancipation and empowerment of all humans, and not for the contrary, their oppression (whether by economic or political power accumulation).
The Bestandsdatenauskunft surveillance law was passed with the votes of the CDU/CSU, FDP and SPD. The Left and the Greens voted against it. The original law on which this law is based and which has been declared unconstitutional, stems from the government of the SPD and the Greens. At the parliamentary session which passed the law, only a few representatives were present in parliament. The constitutional challenge that toppled the first law came from Schleswig-Holstein member of parliemant Patrick Breyer of the Pirate Party.
“Control over passwords means control over people.” I tweeted when the law was adopted in parliament. But we will stop this surveillance / oppression on the Internet. Just like we stopped ACTA. Privacy is a human right – on the Internet, too! Our passwords are ours!
2 Short overview of all points of criticism.
- It’s about your passwords.
Stored data such as name and address, and your passwords (!) for e-mail accounts and services such as Facebook, Google, YouTube, Dropbox, and PIN and PUK numbers of mobile phones, can be queried.
- Even with misdemeanors and petty offenses / lesser infringements.
The access is allowed at mere misdemeanors, and generally for agencies “to fulfill their statutory mandate.” There can probably found a petty offense for every one, so this means random/arbitrary access by law enforcement agencies and secret services on our most private data.
- No real obstacles.
To access passwords and PIN and PUK codes, a judge must sign it, which is a small step in the right direction, but in practice this is no real protection and obstacle and can be easily avoided (“imminent danger”, time problem of the judges). In all other cases, there is no checking other than by the authorities themselves.
- IP addresses unprotected.
Every Internet user, every visitor to a website, every mail sender can always be identified with his name because of the automated interface this law provides, the identity of the person can be queried. This problem is multiplied by the introduction of IPv6 with mostly static IP addresses for Internet users and for many devices.
- By an automated interface.
All the major telecommunications providers must introduce electronic interfaces for police, law enforcement services and agencies that allow easy queries by the computer. This minimizes the hurdles and invites a frequent use of this opportunity. As just one example of many, all visitors to a website can easily be identified.
- Notifications are unreliable.
The notifications on this access can be greatly delayed or completely left out when it threatens investigations or “overrides legitimate interests” of third parties. So Internet users cannot later check the legality of these interventions, or even never know about it.
- Access by intelligence agencies and other authorities.
Access to the data for intelligence agencies such as the “Verfassungsschutz” and the BND (German Domestic and Foreign Intelligence Services) – and many other state services and agencies – is unacceptable.
3 Rallys, protests, and important links.
26 March 2013, Tuesday: 20 clock planning meeting in Pirate Party Mumble for protest against the existing data information.
14 April 2013, Sunday: demonstrations against the inventory data information. Nuremberg already a rally is planned (planning group Middle Franconia)
26/27 April 2013, Friday/Saturday: Optional second day of action with protests against the existing data information.
3 May 2013, Friday: Expected to vote on the inventory data information in the Bundesrat second chamber of German parliament.
- Planning Wiki with list of all protest rallies (see also: Wiki of AK Vorrat with further arguments)
- Bestandsdatenauskunft.de – Learn about and protest against the “Bestandsdatenauskunft” surveillance law, write to your representative
- Protocol of PirateParty-Mumble-Meeting
See also my blog posting from March 2013: “12 March 2013: World Day Against Cyber-Censorship and Surveillance.“
This work by TheCitizen.de is licensed under a Creative Commons Attribution-ShareAlike 3.0 Unported License.