Police in Germany have too much access to personal online data
Germany's top court on Friday ruled that police and
intelligence officials have excessive access to personal data on mobile phone
and internet users, a decision that will make it more difficult for
investigators to access private information held on digital devices and
accounts.
The Constitutional Court in Karlsruhe ruled that several
regulations that allowed access to so-called "inventory data," which
includes internet and mobile users' names and birth dates, were
unconstitutional.
In a press release on its website, the court said that
current law violates users' "fundamental rights to informational
self-determination and to the protection of telecommunications secrecy."
The court said that while accessing such data is generally
permissible under German constitutional law, "transmission and retrieval
regulations must sufficiently limit the purposes for which the data is
used."
Lack of 'concrete danger'
"The Senate has made it clear that the general powers
to transmit and retrieve inventory data...generally require a concrete danger
present in the individual case and an initial suspicion for criminal
prosecution," it said.
In the eyes of the court, authorities had been allowed to
access data for causes that did not meet the threshold of legal interest.
The ruling means that Germany's Telecommunications Act and
several other laws will need to be revised.
Data used to prevent terrorist attacks
The current law allows Germany's federal police to query
personal data during criminal investigations, though they are limited from
accessing data showing connections with other users.
Investigators are also permitted to request further data
from telephone and telecommunication companies as well as from hospitals and
hotels. Law enforcement authorities use private data to solve crimes and
prevent acts of terror.
The Constitutional Court had largely upheld the practice in
a ruling in 2012. Judges determined that the increasing importance of
electronic communication meant law enforcement required the "simplest
possible method for tracing telephone numbers to individuals."
However, they also ruled that an existing telecommunications
act was too liberal in the access it permitted, prompting revisions.
Privacy activists push back
Friday's ruling was in response to two lawsuits that had
sought to limit data access to serious crimes only.
In one of the complaints, plaintiffs argued that the current
telecommunications act gave police even easier access to personal data and on a
larger scale. Investigators could, for example, often circumvent the need for a
judge's approval in accessing e-mail account passwords or the PIN numbers of
mobile phones.
Every Internet user can also be identified by name at any
time using the IP address.
The suit, brought by over 6,000 plaintiffs, was filed in
2013 by the current European Pirate Party politician Patrick Breyer and former
party colleague Katharina Nocun. The Pirate Party champions Internet and data
protection rights.
Germany's data protection commission had also expressed
disapproval at allowing access to such information in the case of administrative
offenses or more abstract threats.
Influence in fight against online hate speech
The ruling is likely to influence the application of a new
law in Germany that aims to combat right-wing extremism and hate crime on the
Internet, .
The measure will require social networks such as Facebook
and Twitter to disclose IP addresses to identify users who post neo-Nazi
propaganda, incite people to violence, or make threats of murder or rape.
In serious cases such as terrorism and homicides, a judge's
decision will also allow access to passwords.
Comments
Post a Comment