Compliance Management, Privacy

Encryption-dodging hacking powers expanded for German law enforcement

German law enforcement has been be granted vast new hacking powers. The Bundestag - the German legislature - voted on June 22 to grant law enforcement the powers it needs to hack into, and spy on, smartphones and computers.  

The ruling coalition government, made up of the conservative Christian Democrats and the centre-left Social Democrats, pushed hard for the law, arguing that the police will need to get around encryption if they are to do their job.

Existing law allows law enforcement to tap a phone, but not actually hack an electronic device in any other case than one where lives are directly threatened. With the expansion of of their powers, law officers will now be able use malware - ‘state trojans', or Bundestrojaner -  to watch the real time communications of suspects and view a device's saved files and data.  The new law expands the cases in which such measures can be used to include nearly 40 offences, such as murder, drug trafficking, money-laundering and illegal pornography.

With the passage of the law, Germany enters further into the group of western states who use hacking technology in police work. While this is not an attempt to ‘break encryption' as per the desire of so many states, it does allow law enforcement to circumvent it and read the encrypted communications of those it chooses to surveil.

Germany has traditionally held a liberal stance on policing powers, mindful of a return to the authoritarian governments that ruled the country for much of the twentieth century.

When the ‘state trojan', R2D2, was first discovered by the Berlin-based Chaos Computer Club (CCC), it prompted a public outcry. At the time the CCC offered an analysis which may be considered prescient: "this refutes the claim that an effective separation of just wiretapping internet telephony and a full-blown trojan is possible in practice - or even desired. Our analysis revealed once again that law enforcement agencies will overstep their authority if not watched carefully.”

Germany has some of the strongest data protection laws in the world and has often eschewed the kinds of mass surveillance regimes that have emerged in the UK and the US, going so far as to publicly condemn them.

When it was discovered that German Chancellor Angela Merkel's phone was being monitored by the US National Security Agency, Germany vowed to ban tech companies that worked with the NSA from being granted Federal contracts.  In 2016, German courts ruled heavily against mass surveillance programmes, declaring many of its allies' projects as well its own, unlawful.  

That legacy of liberalism now clashes with resurgent terrorist campaigns across Europe and the transformation of crime in cyber-space. In 2016 alone, the German public were subject to three separate terrorist attacks culminating in a truck attack on a Christmas market in December, which left 12 dead. In direct response to the atrocity, the German government proposed the expansion of CCTV monitoring to a variety of new public spaces.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.