Privacy International defends the right to privacy across the world, and fights surveillance and other intrusions into private life by governments and corporations. Read more »


II. Surveillance policies

National Security, Government Surveillance & Law Enforcement

Wiretapping, access to, and interception of communications

Another important federal law in Germany is the G-10 Law, which imposes limitations on the secrecy of certain communications as provided in Article 10 of the Basic Law (Grundgesetz).1Under the G-10 Law, parliamentary control commissions, established on federal and Länder's level, supervise the surveillance powers of intelligence agencies. As amended in 1994 by the Crime Fighting Law (Verbrechensbekämpfungsgesetz), the G-10 Law allows warrantless automated wiretaps of domestic and international communications by the national and states' Intelligence Services for purposes of protecting the freedom and the democratic order, preventing terrorism and illegal trade in drugs and weapons.In July 1999, the Federal Constitutional Court upheld the screening method authorized under the G-10 Law.2The Law was amended in 2001 to require that electronic communications service providers give intelligence agencies the means to monitor data as well as voice lines. DPAs complain that after a G-10 measure any notification of the person concerned is dispensable if the data is ready for deletion.3

Service providers are legally compelled to request the name and address of new customers to which they allocate a telephone number, even though they only use prepaid services.4Telecommunications operators providing publicly available services are also mandated to provide – at their own expense – the technical facilities required to implement telecommunications interception for law enforcement purposes. The Telecommunications Interception Ordinance(Telekommunikations-Überwachungsverordnung, TKÜV) of November 3, 2005 issued by the German government under the Telecommunications Act of 2004 (TKG) lays out specific technical requirements for the implementation of lawful interception by providers of public electronic communications services.5Telephone monitoring has been on the increase since 1995, when there were 4,674 instances of monitoring, up to 35,329 in 2006.6Four out of five wiretappings monitor cell phones. This renewed rise of interventions in secret communications gives the Federal Commissioner for Data Protection and Freedom of Information (BfDI) great concern for data security. For years, the Commissioner has appealed to prosecution authorities to use this means sparingly.7

According to a 2003 survey, 75 percent of conducted telephone wiretapping actions violated the law. In most instances of wiretapping, law enforcement agencies did not inform the subjects after the eavesdropping took place, contrary to what is stipulated by the law.8

The so-called "Grosser Lauschangriff" ("Big Eavesdropping Attack") formed part of the Law for the Enhancement of the Fight against Organized Crime, which became effective in 1999, and was intended to provide the legal basis for law enforcement agencies to survey potential criminals. In April 1998, Article 13 of the Constitution (Grundgesetz) that provides for the inviolability of private homes was amended in order to allow police authorities to place bugging devices in private homes (provided there is a court order).

In March 2004, the German Federal Constitutional Court ruled9that significant portions of the eavesdropping law infringed the Constitution, or Basic Law, especially Article 1 on human dignity and Article 13 on the inviolability of private homes.10The court held that certain communications are protected by an absolute area of intimacy wherein citizens can communicate privately without fear of government surveillance.11This includes conversations with close family members, priests, doctors and defense attorneys, but excludes conversations about crimes that have already been committed or the planning of future crimes. However, to justify surveillance between the target and such persons of trust, competent law enforcement agency must show that "there is strong reason to believe that the content of conversation does not fall in the area of intimacy,"12and that the crime is "particularly serious."13Once a specially protected conversation begins, the eavesdropping must stop immediately and any recordings of that portion of the conversation must be erased. The German legislature was granted a transitional period until June 2005 to comply with the court's decision, and in May 2005 the German Bundestag passed legislation to comply with the court.14

In 2001, the Bundestag (the German Parliament) passed a law that added to the Criminal Procedural Code (StPO) further means of investigation into electronic communications. It serves as the legal basis for police and law enforcement to access "telecommunications connection data" for the investigation of serious crimes.15The law took effect in January 2002 and requires telecommunications service providers to disclose data, such as time and duration of use, place of use and identifying numbers.

In February 2008, in a landmark decision, the Federal Constitutional Court declared unconstitutional provisions of the North-Rhine Westphalia Law on the domestic intelligence service (Nordrhein-westfälisches Verfassungsschutzgesetz) that allowed for secret online searches of private computers (Online-Durchsuchung).16The Court interpreted the German Constitution (Articles 1 (1) and 2 (1)) as containing a fundamental right for every citizen to have the integrity and confidentiality of systems of information technology guaranteed by the state ("Recht auf Gewährleistung der Vertraulichkeit und Integrität informationstechnischer Systeme") The decision is considered to be the most important on privacy issues since the census decision of 1983. However, the Court did not categorically rule out the possibility of secret online searches of computers by law enforcement agencies. However, such measures can only be justified under strict preconditions (such as a judicial warrant) and only where concrete facts indicate that there is an imminent threat to the life, physical integrity or liberty of persons, or to the foundations of the state or the existence of mankind.Furthermore, the exercise of such a secret information technology system search is subject to judicial oversight.Without those conditions, any regulation on online searches – at the federal and at the federal state (Länder) level - would be unconstitutional.17

Meanwhile, the Federal Government was pushing through Parliament a bill to extend the powers of the Federal Office of Crime Prevention (Bundeskriminalamt, BKA) that has the power to secretly search private computers (so called "Bundestrojaner"). The preemptive online-search has been legally implemented in Article 20k of the Federal Office of Crime Prevention Act (BKA-Gesetz).18The Bill vests to the Bundeskriminalamt investigatory powers that used to be restricted to intelligence agencies. It will lead to the biggest restructuring of police authorities in Germany since 1949. It was then that the Allied Powers ordered a strict separation of police and intelligence agencies, learning from the experience with the Gestapo in World War 2 Nazi Germany. Police matters were also mandated to be under the jurisdiction of the federal states (Länder) rather than the Federation. These principles have already gradually been eroded before September 11, 2001 ("9/11"). In 2006 the Federal Constitution was amended to give the Bundeskriminalamt powers to fight international terrorism.

National security legislation

The G-10 Law imposes limitations on the secrecy of certain communications as provided in Article 10 of the Basic Law (Grundgesetz).19As amended in 1994 by the Crime Fighting Law (Verbrechensbekämpfungsgesetz), the G-10 Law allows warrantless automated wiretaps of domestic and international communications by the national and states' Intelligence Services for purposes of protecting the freedom and the democratic order, preventing terrorism and illegal trade in drugs and weapons.(See more information under the section “Wiretapping, access to, and interception of communications”).

A new bill extended the powers of the Federal Office of Crime Prevention (Bundeskriminalamt, BKA) to secretly search private computers (so called "Bundestrojaner"). The preemptive online-search has been legally implemented in Article 20k of the Federal Office of Crime Prevention Act (BKA-Gesetz).20(See more information under the section “Wiretapping, access to, and interception of communications”).

On 2nd March 2010, Germany’s data retention legislation has been declared unconstitutional by the Federal Constitutional Court.21(See more information under the section “Data retention”).

Data retention

In March 2006, the EU adopted the Data Retention Directive that mandates the retention of telecommunications data for a period of 6 months to 24 months.22The Directive has been implemented in Germany by amendments to the Telecommunications Act of 2007, which came into force on 1st January 2008.23It requires data retention for six months.24Access to retained data is given only with a warrant issued by a judge, and only if the authorities investigate a crime in the list enumerated in the proposal. However the list also covers offences not covered by the directive, such as those committed via telecommunication. This effectively would include the possibility to access the retained data also in cases of online copyright violations. At the same time a direct access of the data by the copyright holders had been discussed under the implementation of the EC law enforcement directive but was finally abandoned.25

A significant public movement against data retention has been formed, with some thousand people attending demonstrations, and about 34.000 people have filed a case before the Federal Constitutional Court (Bundesverfassungsgericht), which is quite extraordinary, since the procedures do not allow for class action suits.26The Arbeitskreis Vorratsdatenspeicherung (German Working Group on Data Retention) is an association of civil rights campaigners, data protection activists and Internet users. The Arbeitskreis is coordinating the campaign against the introduction of data retention in Germany.

The Constitutional Court issued a preliminary ruling on 11 March 2008 suspending those provisions of the law that go beyond the Data Retention Directive.27On 2nd March 2010, the Federal Constitutional Court declared unconstitutional the data retention and void the relevant section of the Telecommunications Act.28The Federal Constitutional Court’s decision does not rule out the possibility to introduce data retention schemes in principle though. Significant would be that the data “is not directly retained by the state, but that it is realized through a commitment of private service operators”.29Moreover, such storage would require “sufficiently sophisticated legislation with well-defined provisions on data security, data use, transparency and legal protection”.30As a consequence of this decision all retained telecommunications traffic data has to be deleted without undue delay and can not anymore be transferred to law enforcement agencies.31For the time being there is in Germany no legal basis for data retention.

National databases for law enforcement and security purposes

In April 1998, a law was passed that allows the Bundeskriminalamt (Federal Police) to run a nationwide database of genetic profiles related to criminal investigations and convicted offenders.32

No more has been reported.

Photographic and video surveillance

In 2004, a new regulation of the German Criminal Code (§201a StGB) took effect. This regulation protects private life against the invasion of privacy by the taking of pictures of persons in their apartments or other protected areas, e.g., changing cabins. Furthermore, publishing and distribution of such photographs on the Internet is punishable as a criminal offense.

On 12 April 2002 the motorway toll law (Autobahnmautgesetz, ABMG) came into effect, which contains significant data protection requirements pertaining to the collection and control of the toll levied on lorries in Germany.33For this purpose two types of movement data are used, on the one hand traffic data (route, amount of the toll, license plate number of the lorry, place and time of the payment) and on the other hand control data (image and license plate number of the lorry, size and type of the lorry, place and time of tolled motorway use).34These data can be used and processed exclusively for the purpose of the toll. Any access by law enforcement authorities for criminal investigations is inadmissible, which is frequently challenged from politicians.35In principle, the infrastructure for automated toll collection and control would be capable to monitor traffic and search vehicles. The Federal Government (Bundesregierung) recently stated that it is not aware of any access by law enforcement to information of the toll system.36

Independently from the toll system, in the State of Hessen and Schleswig Holstein the new Police Laws permitted the electronic scanning of vehicles' number plates that are then automatically matched with a database of searched vehicles.37Nevertheless, on 11 March 2008, the Federal Constitutional Court ruled that laws allowing police to indiscriminately scan automobile license plates using electronic surveillance devices, and match them against databases kept by law enforcement and state officials were unconstitutional.38In both cases there is a lack of designation of the purpose of automatic number plate data recognition, which coincides with an unconstitutional lack of determinedness regarding collectable information and does not comply with the proportionality principle.39This does not foreclose completely the automatic number plate data recognition which would still be possible under narrowly described circumstances.

There are several other video surveillance projects in Germany that have generated not only a response from privacy and data protection advocacy groups. For example, in Weimar, Germany, a local newspaper protested the installation of video surveillance cameras that watched the entrance of a newspaper building (along with medical and political offices), and the local government eventually uninstalled the cameras.40Public debate on camera observation was heightened by the revelation that a museum's security camera could see into chancellor Angela Merkel's private flat in Berlin. Upon discovery, the mechanism of the camera was changed to reduce the angle of observation.41

In February 2007, the Federal Constitutional Court declared illegal a video surveillance scheme in the city of Regensburg where the site of a former synagogue (destroyed by the Nazis) was to be put under video surveillance to prevent vandalism.42The Court stressed the freedom of individuals to freely walk the streets and places and not to be put under surveillance without good reason. In Regensburg the city had based the video surveillance on the general provisions of the State Data Protection Act, which however did not determine with sufficient clarity the purpose and limits of such measures in order to rely on this legal basis for the video surveillance. The Bavarian Police Act (unlike Police Acts in most other German Länder) did not contain provisions on preventive video surveillance when the case came before the Constitutional Court.

Location privacy (GPS, mobile phones, location based services, etc.)

As prescribed by EC Directive on Privacy and Electronic Communications, the TKG 2004 sets out the requirements of the processing of location data, either anonymously or with the subscriber's consent, for the provision of location based services.43It is upon the subscriber to inform any co-users of all such consent given. In the case of "Track your Kid" services parents consent to give up their child's data protection because they are the subscribers, whereas the child is the user of the mobile phone.44Apart from content, all positive and negative (e.g. the unsuccessful attempt to call) circumstances of telecommunications are protected as telecommunications privacy. Service providers are required to protect their users' personal data and telecommunications privacy. The collection and use of traffic data is strictly limited to: (1) the purposes of charging and billing, (2) remedy malfunctions in telecommunications systems, and (3) detect telecommunications service fraud and, (4) to market and customize services to service providers' subscribers, as well as to provide value-added services with the consent of the data subject.

Germany also implemented in the Criminal Procedures Law (Strafprozessordung, StPO) the possibility of using a so-called IMSI-Catcher system to track individuals trough the location of their cell phones. The law, which entered into force on August 14, 2002, provides law enforcement with the ability to obtain, upon court request and from the time it is granted, the data of individuals' movements and their cell phone device number (IMEI number - International Mobile Equipment Identity) for a period of up to six months.45The location of a mobile phone can further be conducted with silent SMS that is covered by general investigation powers in criminal cases.46Silent SMS means that an empty message is sent to a mobile phone, which allows for some approximation of its whereabouts, but it does not report itself to the respective user.

The Federal Constitutional Court (Bundesverfassungsgericht) has ruled that the police may use GPS technology to track suspects driving motor vehicles in cases of serious crimes even without a judicial warrant.47The Court approved §100c StPO to be consistent with the Constitutional principle of clarity and definiteness and when allowing police to use "all technical observational means" to investigate suspicious behaviour that might be considered a crime of substantial significance. However, the Court stressed that Parliament had to monitor the fast technological developments in this field and may have to correct laws if the risks for fundamental rights caused by technical surveillance increase. Parliament also has to ensure by procedural rules that law enforcement agencies (e.g. from different Länder or the Federal level) do not subject citizens to uncoordinated surveillance measures. The "additive effect" on fundamental rights has to be kept in mind.

In 2005, a new system to electronically collect tolls for trucks using the national highways was launched.48The system tracks vehicles through GPS (Global Positioning System) and cellular phone networks. According to a common standpoint of the DPAs in 200149, the Federal government implemented special data protection measures in the laws governing toll systems: data collection and processing is limited only for the purpose of billing; all data must be deleted after the payment; and all data collected from vehicles that are not subject to a toll must be immediately deleted.50After a series of murders allegedly committed by the same offender, there are now plans by the government to abolish these restrictions.51If law enforcement could have access to the data, the existing infrastructure would enable the monitoring of the movement of almost all cars and trucks on German highways.

The introduction of Google’s Street View service has sparked public controversy52and the competent supervisory authority, i.e. Hamburg’s Data Protection Commissioner (Hamburgische Beauftragte für Datenschutz und Informationsfreiheit), has started investigations into the admissibility of the service under German data protection laws. Individuals have the possibility to object electronically or in writing against the publication of private premises, houses and flats. Until October 22, 2010, Google reported a total of 244.237 opt-outs which equals nearly 3 percent of households in Germany’s 20 largest cities for which Google’s Street View service was launched in 2010.53Where an opt-out has been declared Google has to pixel the concerned premise’s image.

Travel privacy (travel identification documents, biometrics, etc.) and border surveillance

In May 1998, the Bundespolizei (Border Protection Forces), originally a federal border police force but now responsible for securing and controlling borders, as well as working in foreign embassies, received permission to check persons' identities and baggage without any concrete suspicion.54

Germany was among the first states in the EU to introduce the new biometric passports, following the EU Council Regulation on standards for security features and biometrics in passports and travel documents issued by the Member States.55Since November 1, 2005, the German passports contain RFID (Radio Frequency Identification) chips with facial images, and beginning 1st November 2007, the chips also include fingerprints. After much debate between the ruling coalition parties (Social Democrats and Christian Democrats), it was decided to store the fingerprint data neither in a central nor in local databases. Subsequent to the production of the passport, the manufacturer and local authorities are obliged to delete the data. Furthermore, this also applies after every verification process. Apart from the short-term processing of the data in specific control situations, the fingerprints are thus only to be stored in the German passport itself and not in any databases of public authorities.

National ID & smart cards

More recently the Federal Government has adopted a bill, still under discussion, to introduce ID cards (Personalausweise) with the option to have digitized fingerprints included on a voluntary basis. The original plan of the Federal Home Secretary to include digitized fingerprints on a compulsory basis met with strong public opposition. The crucial question is whether people who reject fingerprints on their identity card will be at a disadvantage.56In Germany there is a general duty for each individual to have an ID card (as opposed to passports).

RFID tags

RFID chips, when queried by a radio device, would respond by transmitting a unique ID code. Under § 6(c) of the BDSG, notice must be provided to data subjects of communications with "intelligent" RFID (devices with integrated processors), thus prohibiting secret reading or writing of personal information. However, Germany does not yet have any regulations specifically addressing "non-intelligent" RFID, which still create a privacy risk, as they can be linked to personal information held elsewhere without violating § 6(c).

In May 2003, the German retail giant Metro started a trial project to introduce a new cashing and customer convenience program with small chips, called Radio Frequency Identification (RFID) chips, at their Metro Future Store. The chips were to be attached to all products. It therefore would have allowed customers to pay and check out automatically by pushing a loaded trolley past a sensor. Combined with an automatically readable customer client card, the system would have allowed the tracking of all purchases and linking to the customer's identity.57Metro claimed that the RFID chips could easily be deactivated, thus erasing any privacy invasions, but their process for deactivation leaves intact the unique identifying number on the RFID chip, so even "deactivated" cards can be traced back to their origin.58In March, 2004, Metro halted the trial program in response to protests from digital rights groups regarding possible privacy violations.59In a speech, the Federal Data Protection Commissioner pointed out the privacy implications of RFID, and called on the legislature to make provisions on RFID tags.60

RFID-chipped tickets for the 2006 Football World Cup in Germany enabled authorities to track the movements of the individualized spectator during the event.61The application forms for tickets required a large number of personal information, i.e. passport number, nationality, and day of birth. This was subsequently upheld by the courts.62

Bodily Privacy

In 2004, a new regulation of the German Criminal Code (§201a StGB) took effect. This regulation protects private life against the invasion of privacy by the taking of pictures of persons in their apartments or other protected areas, e.g., changing cabins.

Since September 2010 the Hamburg airport operates two body scanners in a government initiated pilot to test the technology for six months.63Passengers can decide whether to pass the security control with the body scanners. The use of the technology is controversial due to interferences with the intimacy of an individual’s body and the exposure to radiation on the one hand and on the other hand the ability to enhance the security is questionable.