In the future, customs authorities such as the Customs Criminal Police Office (ZKA) and the offices responsible for prosecuting and punishing administrative offenses under state law should be able to access inventory data such as name, address and e-mail addresses of users in order to take action against undeclared work. You can also query IP addresses for this purpose and compare them with participants.
This is provided by a heise online draft law with which the government groups of the CDU / CSU and SPD want to adapt the provisions for inventory data information to the requirements of the Federal Constitutional Court (BVerfG). The Karlsruhe judges had ruled that “a sufficiently precise delimitation of the intended use” of inventory data must be guaranteed.
The authorized authorities should be able to call up relevant information from providers of telemedia services . These include social media, chats, game apps, search engines, shops and private homepages, webmail services, podcasts and flirt communities. A data query should be permitted for example on WhatsApp, eBay, Facebook, Google with Gmail and YouTube as well as Tinder & Co., provided that in individual cases there are actual indications of undeclared work or illegal employment when publishing job offers or comparable advertising measures “without specifying name and address “are available.
The information to be collected must be” necessary to identify the client “, it continues. The coalition does not justify the project in any more detail. The Act to Combat Undeclared Work and the “Prevention and prosecution of related crimes and administrative offenses” are in principle already used as purposes for information on inventory data in accordance with Paragraph 14 of the Telemedia Act ( TMG). However, there was no concrete legal basis for access.
Inventory data information for secret services Furthermore, the Military Counter-Intelligence Service (MAD ) May access inventory data from providers of telemedia services including IP addresses. At the same time, the agents are given permission to access security codes such as PINs and PUKs from telecommunications companies. Unlike in the draft bill from the Federal Ministry of the Interior (BMI), the powers should no longer only apply to the investigation of certain illegal activities or activities in the armed forces, but also to ensure the operational readiness of the armed forces or to protect the members of the departments and facilities of the Federal Ministry of Defense .
Schwarz-Rot wants to grant the Federal Office for the Protection of the Constitution and the Federal Intelligence Service (BND) similar competencies for querying inventory data according to the Telecommunications Act (TKG) and the TMG. The foreign secret service should be able to request information on political information and early warning of danger if in individual cases there are actual indications that information of foreign and security policy importance for the Federal Republic could be obtained.
The range for relevant Schwarz-Rot wants to bring danger areas into line with the broad catalog for strategic telecommunications intelligence from the planned reform of the BND law. In addition to threats to the highest legal interests such as life and limb, it includes “critical developments abroad”, terrorism or extremism, the proliferation of weapons of war, the protection of critical infrastructure, hybrid threats and criminal, terrorist or state attacks with malicious programs on confidentiality, integrity or availability of IT systems, which also means “hacktivism”.
Extensive powers for police forces As from the BMI already provided, the Federal Police, the Federal Criminal Police Office (BKA) and the ZKA as well as other customs investigation services are to have particularly extensive powers. According to the new draft, you are not only allowed to access PINs and PUKs, but also passwords for operators of telemedia services. The law enforcement officers should therefore have access to identifiers with which access to user accounts, devices and cloud services is protected.
The coalition wants to increase the requirements a little. For the Federal Police and the BKA this means, for example: Information about this particularly sensitive data may only be requested “to avert a specific danger to life, limb or freedom of a person or to the existence of the federal government or a country”. The BKA should be able to query general inventory data, especially according to the TKG, if there is a current or impending danger to a person to be protected, a property or a material asset. The Federal Police and the BKA should only be allowed to request IP addresses if there is a current or imminent “danger to a legal asset of particular importance”. Similar conditions are planned for the ZKA.
Obligation to transmit According to the explanatory memorandum, this is now being introduced for all security authorities the federal authority to collect inventory data according to the TMG. This corresponds to a transmission obligation for the affected telemedia service providers. It is estimated that around 3500 to 4000 of such “manual” inventory data inquiries per year. This would result in costs of around 15. 15 Euro annually, for which they would be compensated. The MPs do not illuminate the effects on fundamental rights.
To avoid difficulties of interpretation, the draft law uses the imminent term instead of the concrete danger coined by the BVerfG, write the authors. Ultimately, “manifestations of the preliminary stages of the concrete danger” from the Karlsruhe judgment would only be elaborated. At the same time, “the increasing demands on proportionality are taken into account by also increasing the weight of the legal interests to be protected”.
The project is considered urgent because, due to the announcement from Karlsruhe, the controversial draft law on the “Fight against right-wing extremism and hate crime” is on hold. At the beginning of October, Federal President Frank-Walter Steinmeier (SPD) refused to sign the initiative approved by the Bundestag in June. In principle, this contains the controversial rules for issuing passwords to security authorities, which, however, require parallel access rights in individual laws.
Adoption in the urgent procedure In its statement on the BMI draft for the “Repair Act”, the IT association Bitkom criticized the fact that “a password with many providers can provide access to areas that are used by the police Research excludes “such as e-mails, historical location data and search histories. Almost all service providers only save encrypted access IDs. Therefore, there are “substantial” constitutional doubts. It is unclear whether the data can be used at all. The much more widely used automated information procedure will not be touched at all.
The coalition actually wanted to bring its “final” draft to the Bundestag this week and discuss it for the first time. However, the AfD vetoed due to deadlines not being observed. The project could not be decided before the end of January in an urgent procedure. The Greens Renate Künast and Konstantin von Notz complained that the hang-up game with the anti-hate law continues. It is incomprehensible why the federal government does not tackle its “existing, central deficiencies” such as the obligation of providers to report to the BKA. The new inventory data rules would have to be checked intensively.
(olb)