Jump to ContentJump to Main Navigation
Bulk CollectionSystematic Government Access to Private-Sector Data$

Fred H. Cate and James X. Dempsey

Print publication date: 2017

Print ISBN-13: 9780190685515

Published to Oxford Scholarship Online: October 2017

DOI: 10.1093/oso/9780190685515.001.0001

Show Summary Details
Page of

PRINTED FROM OXFORD SCHOLARSHIP ONLINE (www.oxfordscholarship.com). (c) Copyright Oxford University Press, 2019. All Rights Reserved. An individual user may print out a PDF of a single chapter of a monograph in OSO for personal use. date: 09 December 2019

Systematic Government Access to Private-Sector Data in Germany

Systematic Government Access to Private-Sector Data in Germany

Chapter:
(p.61) 3 Systematic Government Access to Private-Sector Data in Germany
Source:
Bulk Collection
Author(s):

Paul M. Schwartz

Publisher:
Oxford University Press
DOI:10.1093/oso/9780190685515.003.0003

Abstract and Keywords

This chapter covers German law as it applies to government access to private-sector data. German law has long been strongly committed to informational privacy. Its protections are found at the constitutional and statutory levels. At the same time, legislation over the last two decades has expanded the ability of the government, including police and intelligence agencies, to process, store, and share personal information. The resulting databanks create elements of systematic access to personal data in Germany. At the same time, German unease with systematic data access is shown by the ongoing controversies with data retention and the abandoned ELENA process. Complex questions have also been raised by private sector attempts to create a Germany-only “cloud” as well as the significant and ongoing collaboration between German and US intelligence agencies.

Keywords:   German law, information privacy, data retention, security services, German/NSA cooperation, antiterror databases

I. Abstract

German law has long been strongly committed to information privacy. Its protections are found at the constitutional and statutory levels. At the same time, legislation over the last two decades has expanded the ability of the government, including police and intelligence agencies, to process, store, and share personal information. The resulting databanks create elements of systematic data access for government to personal data in Germany. The leading examples of such access concern “strategic searches” by intelligence agencies, data mining by the police, the structured statutory system for access to the contents of the “Anti-Terror File,” and the police’s “radio-cell inquiries” pursuant to the Code of Criminal Procedure, § 100g. At the same time, German unease with systematic data access is shown by the ongoing controversies with data retention and the abandoned ELENA process. Complex questions have also been raised by private sector attempts to create a Germany-only “Cloud” as well as the significant and ongoing collaboration between German and US intelligence agencies.

II. National Legal Context and Fundamental Principles

Germany has a strong commitment to the rule of law and to information privacy. Its concept of the “rule of law” is best summed up in the idea of the Rechtsstaat. The Rechtsstaat is a “legal state” that is based on civil liberties as well as the expression and protection of constitutional rights. For example, Article 1(1) of the German Constitution, the Basic Law, states that human dignity is inviolable, and that the duty of all state authority is to respect and protect it.1 Article 2(1) (p.62) guarantees the right of free development of the personality. Article 20(3) of the Basic Law, the German Constitution, explicitly binds all three branches of government to the constitutional order and to law and justice.

As for information privacy, it has constitutional status in Germany. The constitutional protections derive both from specific and more general constitutional provisions. These are Article 10 (privacy of communications), Article 13 (inviolability of the home), and Articles 1(1) and 2(1) (the basis for a judicially created “right of informational self-determination” and “right of trust and integrity in information systems”). Many decisions of the Federal Constitutional Court interpret and develop these provisions.

Federal and state data protection commissioners also play an important role in privacy policymaking in Germany. These officials are established under the Federal Data Protection Law (Bundesdatenschutzgesetz, or BDSG). They monitor the data use of the government and of the private sector, and they direct public attention to violations of privacy. The law of the European Union and German law provide strong protections for the independence of data protection commissioners.

Great public attention in Germany is directed to privacy issues. The constitutional complaint against a data retention law set a record in Germany for public participation in constitutional litigation; it was brought by 35,000 citizens. As another indication of this public interest, over 244,000 Germans opted out from Google Street View before it went live in 2010.2 By 2011, Google had stopped updating Street View because of the cost of blurring images of buildings whose inhabitants objected to their residence appearing in this service. Finally, the media covers privacy and surveillance issues heavily, and there have been numerous popular general audience books on these topics, such as Sie kennen dich! Sie haben dich! Sie steuern dich! (2014) (They Know You! They Have You! They Control You!), Finger Weg von Unseren Daten! (2014) (Hands Off Our Data!), Digitale Diktatur (2014) (Digital Dictator), Die Datenfresser (2011) (The Data Eaters), and Die Facebook Falle (2011) (The Facebook Trap).

In reaction to terrorist attacks in the United States on 9/11 and subsequent terrorist actions throughout Europe, the Federal Parliament, or Bundestag, has enacted a wide-reaching series of laws that modified the structure under which German law enforcement agencies and intelligence organizations gather and share information. The trend of increased legislation about national security and crime had already started before 9/11; an initial round of legislation was driven by post-Cold War concerns about new threats to Germany in a Europe without traditional borders and the traditional postwar power blocs.

Although many in Germany emphasize the protection of informational self-determination and data protection, other views exist on how much to emphasize (p.63) information privacy. The founders of the Federal Republic structured it as a “militant democracy” (wehrhafte Demokratie). This idea meant that the liberal democratic order would be capable of protecting itself against those who would destroy it. From this idea, a core one in modern German politics, a series of interior ministers have stressed the importance of the state’s protection of security and provided strong policy leadership for greater data sharing among government agencies and, under certain circumstances, between the private sector and government.

It was a small step after 9/11 to build on this idea of “militant democracy” and to advocate a “right to security.” One of the leading advocates of this idea has been Manfred Baldus, a German law professor. In 2008, he warned, “A minimum of State leads not in the least to a maximum of freedom.”3 He argued that “real freedom depended as well on the exclusion of private violence” and “that the security function of the state, that is, the security of freedom from private violence that the state provides, counts as one of the essential and indispensable components of a state centered on freedom and based on the rule of law.”4 Less controversially, the historian Eckart Conze argues that the long-standing mission of the Federal Republic is a “search for security” for the German people after the destruction of World War II. Conze observes, moreover, that the terrorist threat post-9/11 served as a kind of “legal, political and moral ‘unlocking action’ ” that acted to “strengthen the imperative of security.”5

Thus, there has been a division in German politics and public policy discussions between the supporters of privacy and those more concerned about security. The revelations of Edward Snowden further heightened this division. Beginning in June 2013, Snowden leaked classified information from the National Security Agency about the global surveillance activities of the United States as well as European government agencies. In Germany, the matter was brought home by news that the NSA had monitored the cell phone of Chancellor Angela Merkel, the leader of the country. At this juncture, even some politicians from the CDU and CSU, the two conservative parties, joined in anti-American rhetoric. The widespread uproar was reflected by the cover of Stern magazine, a popular weekly, showing Uncle Sam with his fingers crossed behind his back with the headline: “The False Friend.”

For some in Germany, Snowden is a folk hero. One pro-Snowden book, published in 2014, is titled: “111 Reasons to Support Edward Snowden.”6 Others are far from fans of Snowden. As an example of the latter view, Hans-Georg Maaßen, head of the Federal Bureau for Protection of the Constitution, sees Snowden as serving the interests of Vladimir Putin’s Russia by driving “a wedge between the (p.64) US and its closest European ally, the Federal Republic.”7 The Snowden revelations and subsequent investigations have inspired political and public pressure in Germany to limit or restructure shared US-Germany intelligence activities. A goal upon which a majority of German politicians likely agree would be to place these activities on a stronger legal basis and to institute additional procedural safeguards. This task is proving to be a highly complex one. One difficulty has been the intertwined nature of the activities of US and German intelligence agencies, which will be explored below.

III. Constitutional, Statutory, and Regulatory Overview

A. Law

1. Constitutional Provisions

There is a significant body of constitutional law in Germany concerning information privacy. The specific constitutional protections for privacy include the Basic Law’s Article 10, which creates constitutional norms regarding the government’s ability to carry out the surveillance of communications, including letters and telecommunications. In addition, Article 13 protects the inviolability of the home and creates constitutional norms for the government’s ability to carry out wiretaps within a residence. As Francesca Bignami observes regarding telecommunications privacy law, “At the constitutional level [in Europe] … only in Germany is the privacy of communications and data related to communications afforded protection under a separate article of the Constitution and a separate line of cases.”8

The Basic Law’s general provisions that safeguard privacy are Article 2(1) in conjunction with Article 1(1). The German Constitutional Court has read these provisions as protecting a general right of personality. In its Data Screening opinion of 2006, the Federal Constitutional Court observed that the general right of personality “is a gap-filling guarantee” that “is especially required against the background of novel dangers for the development of personality that appear in accompaniment to the progress of science and technology.”9 From this general right, the Constitutional Court has identified other important individual privacy rights. These are the right to a private sphere in which one is to be free to shape her life, a right to one’s spoken word, and a right to informational (p.65) self-determination. In 2008, the Court identified a new related interest, which was the right to “trust and integrity in information systems.”10

As a general matter, the German constitutional law of information privacy, as established in the Census decision of 1983, permits a public sector entity to collect, process, and transfer personal information subject to a limited set of conditions.11 One of the most important of these is the requirement that there be a statutory basis for this informational activity. Such a legal basis requires that all personal data processing have a valid legislative basis, clearness of norms, and observance of the “principle of proportionality” (Verhältnismäßigkeitsprinzip). The principle of proportionality consists of a three-prong test for evaluating the constitutionality of legislation. First, the Court asks whether the means chosen are suitable (geeignet). Second, it inquires whether the means chosen are necessary (erforderlich). Finally, the Court examines whether the means chosen are reasonable (zumutbar).

Building on the existing constitutional framework, the right to trust and integrity in information systems safeguards the right of citizens to trust their digital networks. The Constitutional Court has termed this interest “a guarantee of confidentiality and integrity in information systems.” Invasions of this right are permitted only within narrow borders. Thus, an invasion of it for a “preventive governmental purpose” requires actual indications of a concrete danger to a predominately important legal interest.12

Due to these important provisions of the Basic Law, and the extensive case law of the Constitutional Court, this Court plays a central role in deciding questions relating to the boundaries of governmental access to private-sector data. The Constitutional Court’s significant involvement in these matters is one of the most visible manifestations in the context of data protection of the German commitment to the rule of law. Regarding the topic of systematic government access to data, there are important constitutional decisions concerning strategic searches (the G-10 opinion) (1999), data screening (2006), automated number plate recognition (2008), data retention (2010), the counterterrorism database (2013), and the counterterrorism role of the Federal Criminal Police (the BKA opinion).13

In addition, decisions of the Constitutional Court concern the protection of a “core area of life formation.”14 These opinions examine acoustic wiretaps within (p.66) residences (2004), preventive telecommunications surveillance (2005), the counterterrorism database (2013), and the counterterrorism role of the Federal Criminal police (the BKA opinion). The Constitutional Court of Germany has been involved in a profound effort to draw on the nation’s constitutional norms to develop standards for systemic data use.

a. The G-10 Opinion (1999)

The Bundesnachrichtendienst, or BND, and other German intelligence agencies are permitted to engage in surveillance of letters, conversations, or telecommunications through two kinds of legal processes. First, the surveillance can take place as an “individual investigation,” which involves the collection of personal data to investigate criminal behavior that threatens the survival of Germany or its democratic order. Second, the surveillance can take place as “strategic surveillance.” Later in this chapter, I discuss the current statutory requirements regarding strategic surveillance for the BND and the other institutions that are part of the German intelligence community. This section will examine the constitutional requirements before such activity can occur. These standards must then be reflected in the applicable statutory framework.

In the Constitutional Court’s G-10 opinion, the strategic surveillance in question involved observation of telegram, fax, and, to a lesser extent, telephone traffic transmitted via satellite.15 The government admitted during oral argument that the BND had plans for surveillance of emails, but the Court did not provide further details in its opinion about this activity. Today, such searches extend to emails as well as to web fora.16

In its G-10 opinion, the Constitutional Court found that the protections of the Basic Law’s Article 10 were not limited exclusively to communications that took place entirely within the national borders of Germany. As long as enough of a nexus existed between the surveillance and German territory, the protections of Article 10 were applicable.17 The Court identified such a nexus in the G-10 case, where the governmental surveillance activity occurred from within Germany and at least part of the communications ended or originated from within Germany.

The Constitutional Court also found that the dangers of such surveillance were considerable. Most important, it pointed to the risk that such surveillance would lead to “a nervousness in communication, to disturbances in communication, and to behavioral accommodation, in particular to avoidance of certain (p.67) content of conversations or terms.” For the German Court, the threat was to social communication. In American terms, this idea is similar to that of a chilling impact on speech.

After noting the dangers posed by the data collected in the G-10 case, the Constitutional Court nevertheless found the surveillance to have a strong justification. The activity to be placed under observation “affected the foreign and security politics of the Federal Republic … to a significant extent.”18 Moreover, the law permitted the collection of information necessary to detect dangers to Germany. As a result, the Constitutional Court declared that the G-10 statute was generally “not improper.”

Although the Court did not declare the entire statute to be void, it did find several aspects of it to be unconstitutional.19 Among the elements of the law that it struck down were certain provisions concerning the BND’s transfer of personal data to other agencies. These transfers were only permissible when the controlling legislation was consistent with the principle of proportionality. Judicial review pursuant to a proportionality analysis is one of the Constitutional Court’s most important tools when confronted with statutes that infringe upon privacy. In the G-10 case, in a demonstration of this technique, the Constitutional Court decided the applicable statute did not limit these data transfers in a permissible fashion.

To be sure, the Court found, as a general matter, that it was constitutional for the BND to share with other agencies information gained from its surveillance of telecommunications traffic to the extent that the data in question revealed criminal behavior. The failing of the statute was, however, that it did not restrict data sharing to instances in which serious crimes had been committed, as opposed to more minor delicts. This lowered threshold did not meet the proportionality test. The Court also found that the statute allowed a sharing of the BND’s information in a manner that was too widespread. The Court required the enactment of new statutory standards for the BND and other intelligence agencies that restricted transfer of information in a manner similar to limits placed on domestic law enforcement agencies when engaged in the “individual investigation path.”20

These new requirements do not present major obstacles to strategic searches, which are regulated in the G-10 Statute, Sections §§ 5–8. I discuss this statute later in this chapter; here, however, one might briefly consider the recent statistics concerning use of this technique by the German intelligence services. According to the 2014 statistics from the Parliamentary Control Panel (Parlamentarische (p.68) Kontrollgremium) on the use of relevant statutory authorities, German intelligence agencies relied upon the statutory justification regarding “international terrorism” in searching 14,604 examples of “telecommunications traffic.”21 The official report explained that this number resulted in the capturing of one fax, four telexes, one email, 197 voice communications, and 13,329 text messages. In regard to “proliferation and conventional armaments,” 11,670 searches were ordered. These searches were made of 10,588 examples of telecommunications traffic.

b. The Data Screening Opinion (2006)

Data mining is an established technique of law enforcement authorities. Its use in Germany dates back to the 1970s and the country’s struggle against the Red Army Faction (RAF). The German term for this practice is “Rasterfahndung,” or a “screening search.”22

In its Data Screening opinion of 2006, the German Constitutional Court found that data screening posed a significant infringement of the right of informational self-determination. In this opinion, the Court used its existing proportionality test as a constitutional yardstick for evaluating the permissibility of data screening. The Data Screening opinion involved a search carried out after the terrorist attacks in the United States on 9/11. The German data mining search was made in hopes of discovering “sleeper terrorists” in Germany.

The criminal police collected personal data from universities, the Registration Office for Inhabitants, and the Central Register for Foreigners. According to the Constitutional Court, the different police headquarters received “data batches” with information on 5.2 million persons. The information collected at the state level was then transferred to the Federal Criminal Police Office (Bundeskriminalamt, or BKA), where it was incorporated into a federal database termed “Sleepers.” The data screening was notably unsuccessful, and the government erased all information in the “results file” by 2004.

In Germany, laws at the federal and state levels distinguish between the use of “data screening” to (1) investigate past crimes, or (2) permit a preventive response to potential crimes. Data screening to investigate past crimes is regulated by various state laws and at the federal level by Section 98a of the Criminal Procedural Code (Strafprozeβ‎ordnung).23 The federal statute applies when the BKA takes a lead role in investigating crimes considered to be a federal matter.24 (p.69) In Section 98a, the Criminal Procedure Code regulates the “automatic comparison and transfer of personal data.” It requires “sufficient factual indications to show that a criminal offense of significant importance has been committed.” Thus, this statute squarely requires proof of the existence of a crime.

In contrast to this federal law, there are state statutes in Germany that permit a preventive use of this practice.25 In 2006, in its Data Screening opinion, the German Federal Constitutional Court established significant limits on such law enforcement use of data screening.26 The Court found that the state’s activity raised issues concerning the threat of modern means of surveillance to an individual’s underlying communicative ability. It also acknowledged that individuals were obligated to accept limitations on their right of informational self-determination that were justified by weightier public interests. In its use of proportionality review, the Constitutional Court found that data screening statutes are constitutionally permissible only when there was “a concrete danger” to a legal interest. Through this aspect of the Data Screening opinion, the Constitutional Court did more than invalidate the state law before it. It also raised significant questions about the majority of the other state laws that permitted preventive data searches.27

At the same time, however, the Constitutional Court did not declare data screening to be per se disproportionate and, hence, facially unconstitutional. Its decision was that law enforcement officials had to demonstrate the existence of a certain risk of danger before using this technique. At this juncture, the Court placed a significant limit on preventative use of data screening. As the Constitutional Court stated, a concrete danger was “a prognosis of probability” based on facts that the predicted harm would occur. The Constitutional Court added, “Vague clues or bare suppositions are not sufficient.”28 Rather, data screening required proof of actual preparations for a terrorist attack. Such evidence showing a concrete danger would include, for example, “factual clues for the preparation of terrorist attacks or the presence in Germany of persons who are preparing terrorist attacks that in the near future will be perpetrated in Germany or elsewhere.”

c. Automatic Number Plate Recognition (ANPR) Opinion (2008)

Beyond the use of data screening by the intelligence agencies in Germany, another type of systemic data use concerns automatic number plate recognition (p.70) (ANPR) systems.29 Indeed, law enforcement agencies throughout Europe use these systems to detect and track criminals and terrorists. In 2008, the German Constitutional Court invalidated two state ANPR laws and identified constitutional norms for statutes authorizing the collection and storage of such information.

For the Constitutional Court, there was a threshold question of when the police’s automatic detection of motor vehicle license plates implicated the right of informational self-determination. Such constitutional protection was compromised whenever law enforcement did not make its comparison of a plate number immediately and did not at once erase non-matching information. For the Court, the protections of the Basic Law extended to the collection and storage of ANPR data in databanks. As the Constitutional Court stated, “Even if the acquisition of a larger dataset is ultimately only a means to the end for a further reduction of the number of hits, the collection of information can be invasive in making the information available to the authorities and in creating the basis for the subsequent comparison with search terms.”30 The Court also found that constitutional protections attach to information that is publicly viewable—such as the license plate number of a vehicle that is being driven. The right of information self-determination protects such information from “automated information collection for storage with a possibility of further use.”

The ANPR Opinion then turned to the established constitutional test regarding proportionality. It found that the nature and intensity of the invasion of a constitutional interest depended on the specific context of the use of the ANPR system. A heightened interest was present where the ANPR system was used for further purposes beyond finding a specific motor vehicle or when it collected a “movement profile.” The Constitutional Court found that the state legislation under review failed to create sufficient limited and clear norms for constitutional use of ANPR.

d. The Data Retention Opinion (2010)

Pursuant to its obligations under the European Union’s Data Retention Directive, Germany enacted a data storage obligation in its “Act for the New Regulation of Telecommunications Surveillance” (Gesetz zur Neuregelung der Telekommunikationsüberwachung) on December 21, 2007. This statute amended the Telecommunications Act, or TKG. On March 11, 2008, the Constitutional Court issued a temporary injunction that suspended certain parts of the statute. In 2010, the Court issued an opinion that struck down the statute.

(p.71) The German data retention statute required suppliers of telecommunication services to store specific kinds of traffic and location data for a period of six months. By choosing this term of a half year, the Bundestag opted for the minimum retention period then required by the European Data Retention Directive. The newly drafted statutory provisions were inserted into the Telecommunications Act at §§ 113 a, 113 b TKG. The first provision, § 113 a, TKG, contained the obligation for a six-month retention period and specified the kinds of data that were to be stored. The second, § 113 b TKG, set out the conditions under which law enforcement officials could gain access to the stored data.

In its 2010 opinion, the Constitutional Court declared that storage of telecommunications data, including traffic data, constituted a serious encroachment on individual rights. Even though the storage was not of content, it was still possible to use the data to make “content-related conclusions that extend into the users’ private sphere.”31 The result might even permit the drawing of “personality profiles of virtually all citizens.” Nonetheless, the Constitutional Court found that data retention could be made compatible with Article 10(1) of the Basic Law. Despite the potential dangers of data retention, access to information about telecommunications connections was of particular importance for “effective criminal prosecutions and prevention of danger.”

Despite the potential of this information to assist law enforcement and intelligence agencies, the Constitutional Court decided that the data retention statute had fatal flaws. To be constitutional, such a statute needed well-defined provisions for data security, limits on the use of data to investigations of particularly serious crimes, sufficient transparency about its use for the public, and judicial control of transmission and use of the stored data.32 In addition, statutory prohibitions were required on obtaining access to certain kinds of privileged professional data, such as communications with religious officials or lawyers.33 Interestingly enough, the Constitutional Court explicitly declared that IP addresses were subject to less stringent constitutional standards. Although the question of accessing IP addresses would impact on the extent to which anonymous communication could take place, the Court nonetheless found that such information could be disclosed based on “a sufficient initial suspicion or a concrete danger,” or even for a significant regulatory offense, that is, a non-criminal matter.

Subsequent to the Data Retention opinion, the Bundestag enacted another data retention directive, which the Bundesgerichtshof upheld in 2014.34 Further muddying the waters, the European Court of Justice (ECJ) in its Digital Rights Ireland decision (2014) found the European Data Retention Directive to violate (p.72) the European Charter of Rights.35 The ECJ struck down this Directive as violative of the Charter’s Article 7 (privacy), Article 8 (data protection), and Article 52 (proportionality). The European Commission announced in September 2015 that it would not develop any further data retention measures, but would permit Member States to establish their own rules.36 In 2015, the Bundestag enacted another data retention bill, which, among other provisions, requires telecommunications providers to store all data required by the law within Germany.

e. Counter-Terrorism Database Opinion (2013)

The Constitutional Court returned to the issue of the constitutional requirements for data mining in its Counter-Terrorism Database opinion.37 This decision found that the Counter-Terrorism Database Act was “in its fundamental design compatible with the right to informational self-determination.”38 The counterterrorism database itself had a legitimate aim and the challenged provisions of the Act were “suitable and necessary” to achieve its goal “of a limited facilitation of information transfer” among security agencies and law enforcement authorities.39 Yet, the Constitutional Court also found that the challenged provisions were subject to heightened constitutional requirements because they involved a sharing of information between the police and intelligence services. The legal order in Germany distinguished between the function of the police and the intelligence services, and held that they necessarily must limit their sharing of personal information with each other. Since the end of World War II and the creation of the Federal Republic of Germany, this idea has been a fundamental one in German law; the doctrine is called the “Trennungsgebot,” or “Separation Rule.”

As part of the right of informational self-determination, German constitutional law creates a related concept to the “Separation Rule,” which is that of a “principle of separation of information” (informationelles Trennungsprinzip). Due to this principle, the exchange of information between intelligence services and the police is generally forbidden and permitted only by exception. The Constitutional Court found numerous aspects of the Counter-Terrorism Database Act that did not meet its heightened scrutiny. These pertained to the range of persons included in the database as “affiliated with terrorism,” the way (p.73) in which “contact persons” were included, the way in which “extended basic data” were included, and the lack of a guarantee of effective supervision by data protection commissioners. The law also interfered with constitutional guarantees for the privacy of correspondence and telecommunications (Article 10, Basic Law) and the right to the inviolability of the home (Article 13, Basic Law).40

f. Federal Criminal Police Office (BKA) Opinion (2016)

In 2009, the Bundestag assigned a significant role combatting international terrorism to the BKA. The legislation authorized the BKA to carry out covert surveillance in the context of protecting against threats from international terrorism and the prevention of criminal offenses and to transfer data to other authorities both inside and outside of Germany. In 2016, the Constitutional Court found that the legislation was unconstitutional in part.41 For the Constitutional Court, the resulting powers were not objectionable “in principle,” but these powers were “to be restricted to the protection of sufficiently weighty legally protected interests”42 and to be used “only in those cases in which there is a sufficiently specific foreseeable danger to these interests.”43

The BKA opinion provided highly detailed requirements for the BKA’s covert surveillance. For example, the Court found that the requirements for the use of data beyond the original investigatory purpose were not entirely sufficient. There were also flaws in the protection of professional confidentiality, in particular regarding the communications of defense counsel and other lawyers. The Court also identified shortcomings in the statute’s provisions on transparency, on transfer of data to other domestic authorities, and on transfers to other countries.

In separate dissents to the BKA opinion, Justice Michael Eichberger and Justice Wilhelm Schluckebier argued that the majority of the Constitutional Court was interfering with the legislative role by articulating excessively detailed requirements.44 Justice Eichberger also drew a distinction between investigations that were targeted and those that collected data more broadly. In his view, many of the challenged statutory provisions did not “authorize a general collection of data affecting a wide range of persons.”45 He felt that individuals affected by instances of more specific targeting could constitutionally be expected to sacrifice some of their privacy as part of “a citizen’s duty for the public guarantee of security.”46

(p.74) g. Protecting the Home: the Great Eavesdropping Opinion (2004), the Preventive Telecommunications Surveillance Opinion (2005), the Counter-Terrorism Database Opinion (2013), and the BKA Opinion (2016)

In four important decisions, the Constitutional Court assessed the nature of Article 13’s protection of the home and the “core area of life formation.” These opinions followed amendments to the Basic Law in 1998 that explicitly permit acoustic and visual surveillance of the home. Until then, there had been some open questions about the extent of Article 13’s protection of the privacy of private residences. Article 13(1), which dates to the enactment of the Basic Law in 1949, states, “The home is inviolable.” Yet, the Basic Law’s Article 13(2), also found in its original text, permits judges to order searches. The debate had been about whether surveillance was permissible within the home and whether such surveillance could occur in bedrooms and other areas associated with intimate activities.

The 1998 amendment to the Basic Law resolved certain but not all aspects of this debate. This constitutional amendment added new subsections to Article 13 of the Basic Law. Of these, the critical new section, Article 13(4), states, “To avert acute dangers to public safety, especially dangers to life or to the public, technical means of surveillance of the home may be employed only pursuant to judicial order.” Thus, the Basic Law after 1998 explicitly permits at least some surveillance within the home while also continuing to protect “the inviolability of the home.” In a series of subsequent decisions, the Constitutional Court assessed the extent to which such surveillance could occur consistent with the Basic Law.

First, in its Great Eavesdropping opinion (2004), the German Constitutional Court upheld the 1998 amendments as constitutional.47 In its view, the Basic Law does not provide absolute protection for the space of private residences. Rather, its absolute protection was provided to behavior in this space that “depicts individual development in the core domain of private life formation.”48 In the Court’s view, the constitution’s protection of physical spaces turned on how people used these areas. In particular, its ruling held that “the greater the probability of capture of highly personal content, the stricter the requirements for lawfulness of surveillance of living quarters.”49

Second, the Constitutional Court elaborated on the nature of these requirements in its Preventive Telecommunications Surveillance opinion (2005). It stated that preventative surveillance would be constitutionally acceptable only when “there was an especially high ranking endangered legal interest and a designated situation with concrete stopping points and a connection through direct references to the future carrying out of a criminal offense.”50 Moreover, it was (p.75) sometimes not possible to know when a conversation might touch on the core domain of private life formation.51 As a result of law enforcement not being able to predict the content of conversations in advance, the Constitutional Court required these officials to actively monitor their surveillance and to stop it immediately if the private domain of life formation was implicated. As an additional safeguard, there was a need for specific protections to guarantee that communications from the “highly personal domain” would not be stored and subject to further use. As an example of such protection, if such material was collected, it was to be immediately erased.52

Third, in the Counter-Terrorism Database opinion (2013), the Constitutional Court noted that personal information to be included in the database could be obtained in ways that impinge on the inviolability of the home. Such information, as well as that data which interferes with telecommunications privacy, were to be labeled as such in the database. The Court observed, “The recognisability of such data is intended to ensure that the specific limits on data use are obeyed even after the data may have been forwarded to other agencies.”53 The law must then “ensure specific thresholds” for any transfers and use of this information. Without such metadata labeling on this sensitive information, its collection would not be constitutional. Moreover, the data were only to be collected subject to strict standards and an elevated showing of need, “such as an especially dangerous situation or a specific suspicion of an offence, a threat to especially significant legally protected interests, or the prosecution of especially serious criminal offences.”54

Fourth, the BKA opinion, also discussed above, evaluated the statutory powers of the Federal Criminal Police Office to covertly collect personal data from private homes. The Court noted that the surveillance of private homes represented a “particularly serious interference with privacy” and could, therefore, be justified only when it focused “exclusively on the communications of the target person from whom the threat emanates.”55 The Court found that the legislation (p.76) expanding the BKA’s authority failed to take such a step, as well as neglected to assign an independent person, one not charged with security tasks, to screen access to the BKA’s “information technology systems.”56

2. Statutory Law

German privacy law regulates information privacy through an omnibus law, the BDSG,57 and sectoral laws.58 As a general matter, the BDSG controls as far as there is not a more specific sectoral statute that is applicable. For online communications and other forms of telecommunications, there is the added legal wrinkle of the “Schichtenmodel,” or “Layer Model.”

The “Layer Model” functions through different legal requirements for content, services, and the technical level of transmission. As for the content of an online communication, it is regulated either by the BDSG or any applicable legislation. As for services that are provided on the Internet, these are regulated by the Telemediengesetz, or Telemedia Law.59 Concerning the level at which the transfer takes place, it is regulated by the Telekommunikationsgesetz, or Telecommunication Law.60 As a further matter, the law uses a different range of statutory authorities to govern the access to communications by domestic law enforcement and intelligence agencies (see below).

Not surprisingly, it can be quite difficult to determine which statute applies to a given dimension of an online service or communication. As Thomas Hoeren notes, “Due to the acceleration of legislative activity in recent years, more and more special laws have been added to data protection law, without careful coordination of the application areas of the resulting statutes.”61 Voice over Internet Protocol (VoIP) and other aspects of technical convergence have only added to the difficulty in maintaining a distinction, for legal purposes, among the layers.

(p.77) An evaluation of German statutory law regarding the government’s systematic data access is, therefore, quite complex. As a basic matter, however, German data protection law itself represents a considerable hurdle to systematic data access. The use of and access to personal data generally requires a legal basis. German law expresses this concept as a “Verbot mit Erlaubnisvorbehalt,” or a “prohibition with conditional permission.” German law starts by forbidding the collection, processing, or use of personal data. This prohibition is lifted, however, once a statute authorizes the data collection, processing, or use in question. This statute must, of course, also fulfill the proportionality requirement of German law.

Under the BDSG, moreover, data can be processed, shared, and transferred only under a limited set of circumstances. BDSG, § 14(1) provides one of the most important of these restrictions for public entities. It limits the “storage, alteration, or use of personal data” by private bodies to circumstances when it is “necessary to carry out the tasks for which the controller is responsible and for the purpose for which the data were collected” (emphasis added). Thus, this passage sets a standard of necessity as well as a requirement of “original purpose specification.” BDSG, § 15(1) places similar kinds of restrictions on data transfers to public bodies.

B. Law Enforcement, Regulatory, and National Security Access

1. Basic Organizational Concepts and the “Anti-Terror File”

As in US law, German law distinguishes between law enforcement and intelligence agencies. The two countries also share a distinction between domestic intelligence and foreign intelligence agencies. Law enforcement agencies are generally tasked with enforcing the criminal code and policing violations of it. Intelligence agencies gather and analyze information that is needed to protect national security.

The Bundesnachrichtendienst, or BND, is the German agency for foreign intelligence. Unlike the United States, however, Germany has a separate domestic intelligence agency: the Federal Office for the Protection of the Constitution, or the Bundesamt für Verfassungsschutz. This agency is dedicated to threats against the democratic order of Germany; it also has counterparts in each German state. The federal and state offices for the protection of the constitution have traditionally lacked police powers, such as the ability to perform arrests. Finally, the federal investigative police authority is the Federal Criminal Police Office, the Bundeskriminalamt, or BKA.62

The development of the federal police, the BKA, and its role in Germany have long been controversial issues. The Gestapo, the centrally-organized police force of the Nazis, casts a long dark shadow. In addition, East Germany’s Ministerium für Staatssicherheit, or Stasi, provided a later negative example from German (p.78) history of a centrally-organized agency for domestic security. Another factor in the debate about the proper role of a federal police force has been the desire of the German states to keep their own independent authorities for policing and gathering intelligence.

As a result of these factors, since the end of World War II and the creation of the Federal Republic of Germany, a fundamental legal concept has been the “Trennungsgebot,” or “Separation Rule.” The Trennungsgebot expresses a legal norm for organizational and informational divisions between intelligence and law enforcement agencies. For example, this legal concept would prevent the creation of a single German agency with borderless law enforcement and intelligence capacities, or the limitless sharing of information between law enforcement agencies and intelligence agencies. The rough analogy would be with the concept of “the wall” in the US regulation of the intelligence community. In both countries, legal limits on information sharing between intelligence agencies and law enforcement organizations are viewed as necessary for the protection of civil liberties.

Nonetheless, German law does not require a total ban on law enforcement agencies and intelligence agencies working together and sharing information. Indeed, a significant development in Germany, and one pre-dating 9/11, has been a stream of legislation that expands the powers of the BKA, BND, and Federal Office for the Protection of the Constitution, as well as related agencies, and increases their ability to work together and to share information.

One of the best examples of this trend is provided by the creation of an “Anti-Terrordatei,” or “Anti-Terror Database.” Through enactment of federal legislation in 2006, Germany established this databank, which consists of a common data source with an extended index. Already by 2011, the information in the Anti-Terror Database was collected from 38 different security authorities and concerned approximately 18,000 individuals considered to require scrutiny.63 Although a number of different agencies can search the databank, and do so electronically, the database is constructed to distinguish information in “open” and “concealed storage.”

If information in the database is in “open storage,” a match to a suspect’s name will reveal information about him. If information is in “concealed storage,” the inquiring agency will receive a negative result to its search for data about a person. At the same time, however, the agency that has stored the information in “concealed storage” will receive data about the inquiry. That agency is then to decide whether the applicable legal rules permit it to share further information with the inquiring agency. In 2006, German civil libertarians awarded a Big Brother Award to the Conference of Interior Ministers for their role in establishing the Anti-Terror database.64

(p.79) As noted above, the Constitutional Court has identified flaws in legislation assigning the BKA a role opposing terrorism and in the statute establishing the Anti-Terror Database. Most critically, and as part of the right of informational self-determination, the Court identified the concept, that of a “principle of separation of information” (informationelles Trennungsprinzip). This principle serves to create strict limits on the exchange of information between intelligence services and the police.

2. Intelligence Agencies

a. Strategic Surveillance: The Basic Structure

German constitutional law permits the BND to engage in so-called strategic surveillance. Subsequent to the Constitutional Court’s G-10 decision, the Federal Parliament, the Bundestag, amended the applicable statutory authorities to make the law conform with the Basic Law. In 2009, the Bundestag again amended the relevant statute, the “G-10 Statute,” or, more formally, the “Gesetz zur Beschränkung des Brief-, Post- und Fernmeldegeheimnisses,” to provide additional surveillance powers to the BND. In addition, as noted above, federal and state intelligence agencies, as well as police authorities, can also gain access to electronic data in the Anti-Terror Databank.

The G-10 Statute is, however, the main statute regulating the BND’s access to letters and telecommunications. This law’s §§ 5–8 contain the provisions applicable to strategic surveillance. Its § 5(1) lists the nature of the dangers that justify the use of strategic surveillance. These include the risk of an armed attack on Germany, the committing of international terrorist attacks with a direct relation to Germany, international trafficking in weapons of war, drug trafficking, or a limited set of other significant dangers. The statute also sets obligations for the BND to check whether the collected personal data are “necessary” to one of the Article 5(1) purposes. If not, such data are to be immediately erased.

Following the enactment of statutory amendments in 2009, the G-10 Statute contains a specific section that protects a “core area of private life formation” in the context of both individual surveillance and preventive surveillance. The 2009 amendments to the G-10 Statute reflect the constitutional safeguards that the Constitutional Court identified in its Great Eavesdropping opinion (2004) and Preventive Telecommunications Surveillance opinion (2005). In particular, the G-10 Statute, § 5 a contains an absolute prohibition on capture of communications from the core area of private life formation.65 Should such information, nonetheless, be collected, authorities may not use them and these data are to be erased at once.66 A protocol for the erasure is to be maintained for purposes of (p.80) “the oversight of data protection.”67 Finally, strategic surveillance may not use “search terms” (Suchbegriffe) that contain “identifying features” that (1) will lead to a “targeted acquisition of determined telecommunication connections,” or (2) that “concern the core area of private life.”68

The G-10 Statute also contains mechanisms for oversight of the intelligence agencies. It establishes the Parliamentary Control Panel as well as the G-10 Commission. Most important, the G-10 Commission has a central role in deciding on the permissibility of surveillance by intelligence agencies. It plays an analogous role to the Foreign Intelligence Surveillance Act (FISA) court of the United States. To begin, however, with the Parliamentary Control Panel, it consists of members of the Bundestag, the German Parliament. The government (Bundesregierung) is required by law to “inform the Parliamentary Control Panel extensively” about “general activities” of the intelligence agencies and about “events of particular importance.”69 The Parliamentary Control Panel may also request files and other papers of intelligence agencies. It publishes an annual report about its oversight activities, which includes highly useful statistics about the use by intelligence agencies of surveillance powers. A 2009 law heightened the Parliamentary Control Panel’s constitutional status and its powers to gather information from the government and intelligence agencies.70

As for the G-10 Commission, the Parliamentary Control Panel names the members of this entity. The G-10 Commission decides on the “permissibility and necessity” of surveillance carried out by intelligence agencies pursuant to the G-10 Statute.71 As the Parliamentary Control Panel explains, “the supervisory power of the Commission extends to the entire collection, processing and use of personal data by federal intelligence agencies pursuant to the G-10 Statute.”72

b. The Role of Telecommunication Providers

Telecommunications Law §§ 110–113 provide a particularly important statutory example of systematic data access. These sections require that telecommunication providers collect certain data about their customers, such as name, address, and telephone number, before the service is established. This information is termed Bestandsdaten, or “inventory information,” and is sent to an automated databank of the Bundesnetzagentur, or Federal Network Agency.

(p.81) Pursuant to Telecommunications Law § 112, governmental agencies can make automated requests for this information from the databank. The legal standard for justifying such access to “inventory information” is quite low. Law enforcement and intelligence officials can request the information when it is required for discharge of their “legal functions.”73

3. Domestic Law Enforcement Agencies

The Code of Criminal Procedure § 100g(2) contains important legal provisions for systematic data access. It allows law enforcement agencies to gain information about “a sufficiently specific spatial and temporal description of telecommunications” in cases of a serious criminal offense, and when the investigation of the matter would otherwise be made significantly more difficult. Under this authority, the police in Berlin, Dresden, and many other locations have made massive requests for cell tower data about any person located in a given area during a specific time period. One attorney has called this action “the equivalent of data mining through the cell phone.”74 There are no national statistics regarding this activity, but only occasional requests for information made within state parliaments. Thus, a Berlin newspaper, the taz, reported in 2012 that the Berlin police since 2008 had made 410 “Funkzellenabfragen,” or “radio-cell inquiries” and, thereby, collected information pertaining to 4.2 million cell phone connections.75 These requests had been made to combat an epidemic of vandals setting automobiles on fire. In 2011, the same newspaper revealed that the police had gathered similar kinds of information after an anti-Nazi protest in Dresden.76 Another report states that 11,474 radio cell inquiries had been made in the state of North Rhein-Westphalia from December 2010 to March 2014.77 In Berlin there were 1,408 inquiries between 2009 and 2012.78 In 2013 alone, at least 50 million sets of data were acquired in Berlin, of which 36 million sets originated from a single (p.82) proceeding.79 A report from the state of Schleswig-Holstein in 2016 found that the number of “radio-cell inquiries” had gone up more than five times since 2009.80

C. Rejection of the ELENA Project

A controversy concerning systematic data access involved the government’s termination of the ELENA project, which was a planned database of employee data. ELENA stands for the “Elektronische Entgeltnachweis-Verfahren,” or “Electronic Payment Verification Process,” and had its basis in a statute enacted in March 2009.81 It was intended to afford German companies significant savings in their human resource departments by streamlining the collection of a wide variety of employee data. A government agency was to maintain the resulting centralized database of information, which consisted of name, data of birth, insurance number, home address, time missing work, and “possible misbehavior.” The information was to be shared for purposes of unemployment insurance, housing benefits, parental benefits, and other kinds of social insurance. According to the Spiegel magazine, ELENA, was to be “the largest official collection of data in Germany.”82

In July 2011, the German government abandoned the ELENA project. The project failed because of the lack of an adequate electronic signature for use within the ELENA process and a series of contested data protection issues. In addition, local political authorities and small and medium-sized businesses, an economic sector termed the “Mittelstand,” had complained about their costs under the project.

D. Voluntary Access to Data

As noted above, German data protection law permits a private or public sector entity to collect, process, and transfer personal information only subject to a limited set of conditions. As a fundamental matter, there must be a statutory basis for such informational activity. There are also strong and numerous protections in place in the relevant constitutional law. As a result, informal or cooperative agreements are permissible under German law only if they comport with constitutional and statutory requirements.

(p.83) E. Role of the Courts

As the discussion above of constitutional law has already indicated, German courts have a central role interpreting the relevant legal norms when personal information is processed, collected, and transferred. Indeed, this area of German law functions as a textbook illustration of Alec Stone Sweet’s idea of “constitutional politics” in Europe. Drawing on “the “privileged status” of fundamental rights in the Basic Law, the Federal Constitutional Court in the area of information privacy can be seen as constructing “a discourse, a set of dialogues and collective conversations, about the capacities and limits of the use of state power.”83 The resulting rules then draw a variety of state officials into discourse around constitutional concepts as developed by the Court in a reconfigured policymaking environment.

There have been general complaints, to be sure, about an “overconstitutionalizing” of constitutional law as well as objections to a “Karlsruhe Republic,” that is, a Germany run from the Constitutional Court’s headquarters in Karlsruhe, Germany.84 Nonetheless, among both elites and the general public, there is a high level of acceptance of the role of the Constitutional Court—and one that it has exercised in numerous cases by limiting systemic data access.

F. Data Retention

Following the Constitutional Court’s decision in 2010 voiding the data retention statute and the ECJ’s decision invalidating of the Data Retention Directive in 2014, Germany enacted a new law, which came into force in 2015 and requires full compliance by 2017 at the latest.85

One rejected policy proposal was to replace mass data retention with a “Quick Freeze” process.86 Under it, law enforcement and intelligence agencies would obtain an order for targeted data preservation relating only to a person under suspicion. If a crime was, in fact, committed, there would then be a “thawing” of the data, that is, access provided to it, to aid in the prosecution of the party. The current data retention requirement does not, however, take this approach. It requires storage of location data (Standortdaten) for mobile telephones for 4 weeks, storage of location data for mobile Internet use for 4 weeks, and the storage of call (p.84) numbers and the time and duration of all calls for 10 weeks. The Data Retention statute also requires storage of “assigned IP addresses” of Internet users and the time and duration of Internet use for 10 weeks. This information can be released without a judicial order for purposes of criminal prosecution and prevention of significant concrete danger. Finally, this statute mandates telecommunication providers to store mandated data in Germany. The European Commission has criticized these data residency requirements as violating European Union principles concerning freedom of services.87

As another example of the ongoing controversy around the topic of data retention, the Max Planck Institute for Foreign and International Criminal Law published an expert opinion in January 2012 finding the absence of a negative impact on the solving of crimes due to the lack of stored data since 2010.88 The Justice Ministry had authorized this report and welcomed it as proof that data storage was unnecessary.89 In contrast, the Interior Ministry and the BKA criticized the methodology of the report.90

G. Cross-Border and Multi-Jurisdictional Issues

In its G-10 opinion, the Constitutional Court found that the protections of the Basic Law’s Article 10 were not limited exclusively to communications that took place only within the national borders of Germany. As long as enough of a nexus existed between the surveillance and German territory, the protections of Article 10 were applicable.91

There is an open question, however, regarding the regulation of surveillance of satellite communications. According to the BND, its capture of information from satellite connections is limited neither by statutory nor constitutional law. This idea is termed the “space theory” (Weltraumtheorie). Distinguished legal experts have disagreed with it, but the matter remains unresolved.92

(p.85) IV. Recent Controversies

Two controversies of current relevance have already been discussed, namely the abandonment of the ELENA database of employment data and the ongoing debate about data retention. Further controversies concern the proposal for Germany-based cloud services and the collaboration between the National Security Agency and the Bundesnachrichtendienst.

There has been considerable discussion in Germany about privacy and security issues relating to data processing in the cloud. In the judgment of the Federal Data Protection Commissioner, for example, cloud computing represents a form of “contract data processing” (Auftragsdatenverarbeitung).93 Such activity requires that the party carrying out the processing in the cloud “comply with technical and organisational measures to ensure privacy.”94

The policy debate in Germany about the cloud has also considered the potential for US government access to German data stored in this fashion. The introduction of Microsoft’s Office 365 in Germany marked an early moment in which such concerns were raised. In response to a question, a Microsoft executive discussed the obligation of his company to share data from European data centers with US officials if requested pursuant to appropriate legal authorities.95 According to an analysis in a German law review, however, such a transfer, even if pursuant to statutory authorities in the United States, would violate the Federal Data Protection Law of Germany.96 In that article, Benno Barnitzke observes that “a transfer to US authorities is not covered by an authorization in the German federal data protection statute (BDSG).” As a consequence, “the release represents an improper and illegal data processing in the sense of the BDSG.” Moreover, BDSG § 43 would provide sanctions against it.97

Another window into German attitudes about cloud services and storage is offered by a White Paper from the Conference of Federal and State Data (p.86) Protection Commissioners of Germany. The White Paper raises concerns regarding the lack of transparency for individuals regarding data processing in the cloud.98 In reference to non-EU nations, or so-called “Third Countries,” the White Paper also warns that “when a public cloud is used in Third Countries, access to the data of the company using the cloud is possible and cannot be controlled.”99 Finally, a law review article in Germany has warned, “The solution to this problem should certainly not be that European clouds are moved to the United States … [and] lawfully subject to the access of US authorities.”100

One specialized German concern about cloud services run by US companies relates to the storage of governmental information in them. Already in 2012, the Minister of the Interior, Hans-Peter Friedrich, called for development of “a Federal cloud” as part of a plan to consolidate the IT infrastructure of the German government. The “Bundes-Cloud” is intended to keep “sensitive governmental and enterprise data from landing with US officials.”101 In 2015, the Federal Office for Information Security (Bundesamt für Sicherheit in der Informationstechnik) published a resolution with criteria for the procurement and use of cloud services by the federal German administration.102 Among the Resolution’s key requirements is that information such as business secrets and sensitive data about the federal IT infrastructure were to be processed exclusively in Germany. Cloud providers were to implement appropriate technical and organizational measures to keep data subject to secrecy provision from disclosure to unauthorized third parties.

Beyond the public sector’s effort to build the Bundes-Cloud, the private sector has also responded to these German concerns. One major step has involved data localization. Tech companies are now building cloud centers throughout Germany and developing technical solutions to keep information localized within that country. Microsoft has developed an innovative “data trustee” approach for the German market.103 First, it opened data centers in Frankfurt-am-Main and Magdeburg and offered business clients the option of storing data exclusively in these German centers. Second, it partnered with Deutsche Telekom’s independent subsidiary T-Systems, which will act as data trustee for (p.87) information in these centers. Although Microsoft operates the data centers, T-System controls access to all stored information. Through a web of contracts and trusts, Microsoft limits its access to data on the German servers and assigns T-Systems exclusive legal authority to release information stored on them.104 This service is available only to business customers of Microsoft and not private ones.

The trustee model is intended to bolster Microsoft’s legal arguments against disclosure when faced with data demands from US courts, whether in criminal, intelligence, or civil settings. The idea is that Microsoft cannot share the German cloud data of its customers because to do so would violate the applicable law of German trusts and contracts.105 This legal theory is untested before US courts; use of Deutsche Telekom as a data trustee may or may not shelter information from US legal processes. At any rate, Microsoft has demonstrated its willingness to litigate these kinds of issues in the United States. In 2016, for example, it won a victory in the Second Circuit against a US government request for information stored in an Irish data center. The Second Circuit ruled that the Stored Communications Act lacked extraterritorial reach.106

Other companies are exploring the use of encryption in their EU data centers. In this model, customers are given keys to their information and have the sole ability to decrypt stored data.107 This approach is analogous to the San Bernadino iPhone case where Apple argued that it lacked the ability, at least not without considerable additional effort, to unlock information stored on the phone seized by US authorities.108

As for the collaboration between the NSA and BND, a single location perhaps best symbolizes this work: Bad Aibling, a small town in Bavaria, in the south of Germany. Bad Aibling is best known today in Germany not as a luxury health resort, but for its satellite tracking station. Until the early years of the twenty-first century, the NSA ran this listening post. After its official departure date, the NSA continued to have a physical presence at the station and worked in close collaboration with the BND by supplying it with so-called “selectors” (“Selektoren”). (p.88) As the Zeit magazine explains, these are “something like search terms.”109 The NSA sent the BND IP addresses, telephone numbers, email addresses, MAC-Addresses, URLs, and geo-coordinates.

Over the years, the NSA provided the BND with some 14 million “selectors.” The process took place automatically with a BND server downloading the terms several times a day from an NSA server. The BND turned over the results of these searches to the NSA for storage in its own databanks. In carrying out data searches for the NSA, the BND in many cases engaged in activities forbidden by German law. For example, although it was supposed to filter out forbidden searches according to a so-called G-10 Filter, this process did not function completely or accurately. In 2015, a Big Brother Award went to the BND and its then president Gerhard Schindler for its involvement in “a whole range of scandals and violations of privacy and civil rights.”110

A special committee of the Bundestag is investigating NSA-BND activities. In October 2015, the expert’s report to the committee found that the activities at Bad Aibling violated bilateral agreements between Germany and the United States as well as German law.111 According to the Zeit magazine, moreover, there are secret agreements in place among the NSA, BND, and the Federal Office for the Protection of the Constitution, under which the NSA provides technologies and goals for data gathering and analysis, and the German intelligence agencies collect the information.112 One fear, as expressed by the then Federal Data Protection commissioner, Peter Schaar, is that the intelligence agencies will engage in “competence hopping” (Befugnis-Hopping).113 Schaar was concerned (p.89) that the German and other foreign intelligence services, such as the NSA, will engage in a division of labor to strategically evade legal and constitutional restrictions on their work.

In addition to the investigation by the special Bundestag Commissioner, the Federal Data Protection Commissioner carried out its own investigation of the BND. This effort was started by Peter Schaar and continued by the current Commissioner, Andrea Voβ‎hoff. Netzpolitik, a German blog, has now leaked the Commissioner’s full report. The Data Protection Commissioner identified 18 violations of law by the BND and filed 12 complaints.114 According to Netzpolitik, this number represented the largest amount of complaints ever directed at a single time against a German authority by the Federal Data Protection Commissioner. Perhaps most critically, the Commissioner found, “Contrary to its explicit legal obligation, the BND had created databases without an establishing order and used them (for many years), thus disregarding fundamental principles of legality.” The report also found that the BND had “collected personal data without a legal basis and has processed it systematically.” Finally, the Commissioner objected to the BND’s illegal and massive restrictions of her supervisory authority. As Netzpolitik’s noted, the Bad Aibling station was only one of five BND listening stations in Germany. The Commissioner demanded that the BND take into account her power under federal data protection law to carry out on-site investigations not only in Bad Aibling but at other BND sites.

The United States historically has shared a special intelligence relationship with the so-called Five Eyes: the United States, United Kingdom, Canada, Australia, and New Zealand. As the Snowden revelations and subsequent investigations have shown, beyond the Five Eyes, Germany and the United States have negotiated the terms for their own intelligence cooperation. The final report of the special investigatory committee, the report of the Federal Data Protection Commissioners, as well as attempts by the Bundestag to introduce new legislation to reform the BND are unlikely to change the basic elements of this US-German arrangement, or to make all aspects of the relationship transparent to the public.

The relationship between these intelligence agencies also has importance for efforts to create German clouds. One reason for such data localization is to put the data beyond the reach of US intelligence agencies. In the assessment of (p.90) Lothar Determann and Karl Guttenberg, the close cooperation between intelligence agencies in the United States and other European countries means that “data stored and transmitted exclusively on European territory is not safer from US cyberspying than it would be in the United States.”115 Determann and Guttenberg also note that the law of the European Union “does not impose any meaningful limitations on government surveillance because the EU has limited jurisdiction over the foreign intelligence activities of its member states.”116

V. Concluding Observations

German law has devoted significant attention to the regulation of systemic government access to private-sector data. German lawmakers have enacted numerous statutes and amended these laws frequently. The Federal Constitutional Court has accompanied every step of this process and developed highly detailed constitutional standards to make such access comport with the Basic Law. It has sought to protect informational self-determination and to preserve the roles of law enforcement and intelligence agencies in enforcing the criminal laws and protecting the public from terrorism.

German officials and experts have been skeptical of the standards of US information privacy law and, as a result, deeply concerned about systematic data access on the other side of the Atlantic. At the same time, German intelligence agencies have assisted in some of the efforts of US intelligence services, both before and after 9/11.

After revelations that the NSA had eavesdropped on her cell phone, Angela Merkel, the Federal Chancellor, complained in 2013 about Americans: “Spying among friends—that just is not done.” (“Ausspähen unter Freunden—das geht gar nicht”). By 2015, however, Chancellor Merkel was praising the cooperation between German and American intelligence services in defending against terrorism. Chancellor Merkel called for identification of mistakes and deficiencies in this collaborative work. At the same time, her bottom line was clear: “[W]‌e need the cooperation with the American services.”117 German law will continue to develop constitutional and legal standards for systemic data access. An important part of this task will be to establish appropriate procedures and legal norms for the collaboration by German intelligence agencies with allied services, including their American counterparts.

Notes:

(1.) Grundgesetz für die Bundesrepublik Deutschland [GG] [Basic Law for the Federal Republic of Germany, Basic Law], Bundesgesetzblatt III. [BGBl. III.] 100-1 (1949) (most recently amended by Law of Dec. 23, 2014, BGBl. I., 2438).

(2.) For the statistics from Google, see “How Many German Households Have Opted-out of Street View?,” Google Europe Blog (Oct. 21, 2010), http://googlepolicyeurope.blogspot.com/2010/10/how-many-german-households-have-opted.html.

(3.) Manfred Baldus, “Freiheitssicherung durch den Rechtsstaat des Grundgesetzes,” in Vom Rechtsstaat zum Präventionsstaat 107, 109 (Stefan Huster & Karsten Rudolph, eds., 2008).

(4.) Ibid. at 109.

(5.) Eckart Conze, Die Suche nach Sicherheit 906 (München: Siedler, 2009).

(6.) Marc Halupczok, 111 Gründe Edward Snowden zu Unterstützen (Berlin: Schwarzkopf, 2014).

(7.) Hans-Georg Maaßen, 102. Meeting of Committee of Inquiry (102. Sitzung des Untersuchungsausschusses) (June 9, 2016). For media coverage, see Andre Meister, Live-Blog aus dem Geheimdienst-Untersuchungsausschuss: “Ob Snowden russischer Agent ist, kann ich nicht beurteilen,” netzpolitik.org (June 9, 2016), at https://netzpolitik.org/2016/live-blog-aus-dem-geheimdienst-untersuchungsausschuss-verfassungsschutz-praesident-maassen-und-vorgaenger-fromm/#zeuge2.

(8.) Francesca Bignami, “European versus American Liberty: A Comparative Privacy Analysis of Antiterrorism Data Mining,” 48 B.C. L. Rev. 609, 639 (2007).

(9.) 115 BVerfGE 320, 341–66 (2006) [Data Screening].

(10.) 120 BVerfGE 274, 302 (2008) (Online Search).

(11.) 65 BVerfGE 1 (1983) (Census).

(12.) 1 BvR 370/07, ¶ 242 (2008) (Right to Trust and Integrity in Information Systems).

(13.) 100 BVerfGE 313, (1999) (G-10); 115 BVerfGE 320, (2006) (Data Screening); 125 BVerfGE 260 (2010) (Data Retention), subsequently BGH, Decision July 3, 2014 (III ZR 391/13) (Data retention constitutional for seven days, because retention is not meant for law enforcement purposes).

(14.) 109 BVerfGE 279 (2004) (Great Eavesdropping); 113 BVerfGE 348 (2005) (Preventive Telecommunications Surveillance); Case 1 BvR 1215/07 (2013) [Bundesverfassungsgericht](Counter-Terrorism Database); Case 1 BvR 966/09 (2016) [Bundesverfassungsgericht] (BKA-Opinion).

(15.) 100 BVerfGE 313 (1999) (G-10).

(16.) Unterrichtung durch das Parlamentarische Kontrollgremium, Deutscher Bundestag, 17. Wahlperiode, Drucksache 17/4278, p. 7 (2010).

(17.) 100 BVerfGE 313, 363–64 (1999) (G-10).

(18.) Ibid. at 382.

(19.) For example, the statute’s § 3(1) no.5 permitted international surveillance for investigations of the counterfeiting of currency. The Constitutional Court found that the statutes allowing surveillance to prevent this crime did not follow the principle of “proportionality.” Ibid. at 385. It noted, however, that such surveillance would be constitutionally permissible if the strategic surveillance was limited to cases that threatened “the stability of the value of the currency of Germany and thereby the economic power of the country.” Ibid.

(20.) 100 BVerfGE 313, 385–386 (1999) (G-10).

(21.) Unterrichtung durch das Parlamentarische Kontrollgremium, Drucksache 18/7423, p. 7 (2016).

(22.) In this discussion of the Data Screening opinion, I draw on my article, “Regulating Governmental Data Mining in the United States and Germany,” 53 William & Mary Law Review 351 (2011).

(23.) Strafprozeβ‎ordnung [StPO] [Criminal Procedure Code], Bundesgesetzblatt I. [BGBl. I.] 1074, 1319 (1987) (most recently amended by Law of Dec. 22, 2011, BGBl. I., 3044), § 98a.

(24.) The Criminal Procedure Code’s basic approach reflects the approach the different state laws take, and our discussion will, therefore, concentrate on the federal statute.

(25.) See, for example, Polizeigesetz des Landes Nordrhein-Westfalen [PolG NW] [North Rhine-Westphalia Police Statute], Gesetz- und Verordnungsblatt für das Land Nordrhein-Westfalen [GV NRW] 410 (2003), § 31.

(26.) 115 BVerfGE 320 (2006) (Data Screening).

(27.) Winfried Bausback, “Fesseln für die wehrhafte Demokratie?,” 59 NJW 1922 (2006), p. 1922, 1924.

(28.) 115 BVerfGE 320, 339 (2006) [Data Screening].

(29.) For a legal discussion of online services such as Google Street View, see Thomas Dreier and Indra Spiecker genannt Döhmann, Die systematische Aufnahme des Straßenbildes: Zur rechtlichen Zulässigkeit von Online-Diensten wie “Google Street View” (Baden-Baden: Nomos, 2010).

(30.) Case 1 BvR 2074/05 (2008) [Bundesverfassungsgericht] (Automatic Number Plate Recognition).

(31.) 125 BVerfGE 260 (2010) (Data Retention).

(32.) See ibid. at 260–61.

(33.) See, for example, German criminal procedure provision StPO § 160a.

(34.) Federal Court of Justice, Case III ZR 391/13 (2014) [Bundesgerichtshof].

(35.) Joined Cases C–293/12 and C–594/12 Digital Rights Ireland Ltd v. Minister for Communications, Marine and Natural Resources and others, and Seitlinger and others [2014] ECLI:EU:C:2014:238.

(36.) European Commission Statement on National Data Retention Laws (Sept. 16, 2015), at http://europa.eu/rapid/press-release_STATEMENT-15-5654_en.htm. For an overview of the data retention laws of Member States, see EU Agency for Fundamental Rights, Data Retention across the EU, at http://fra.europa.eu/en/theme/information-society-privacy-and-data-protection/data-retention.

(37.) Case 1 BvR 1215/07 (2013) [Bundesverfassungsgericht] (Counter-Terrorism Database).

(38.) Ibid. at ¶ 105.

(39.) Ibid. at ¶¶ 106–107.

(40.) Ibid. at ¶ 224.

(41.) Case 1 BvR 966/09 (2016) [Bundesverfassungsgericht] (BKA-Opinion).

(42.) Ibid. at ¶ 156.

(43.) Ibid. at ¶ 109.

(44.) Dissenting Opinion Justice Schluckebier, Case, 1 BvR 966/09 (5, 7) (2016) [Bundesverfassungsgericht] (BKA Opinion).

(45.) Dissenting Opinion Justice Eichberger, Case 1 BvR 966/09 (4, 5) (2016)

(46.) Ibid.

(47.) 109 BVerfGE 279 (2004) (Great Eavesdropping).

(48.) Ibid.

(49.) Ibid. at 328.

(50.) 113 BVerfGE 348, 392 (2005) (Preventive Telecommunications Surveillance).

(51.) Some information would fall on one side of the constitutional dividing line—other, on the constitutionally-protected side. As an example of kind of information that could be collected without concerns about the “core domain of private life formation,” the Court pointed to content that made “direct reference to concrete criminal actions, such as statements about the planning of approaching criminal offenses, or reports about perpetrated criminal offenses.” Ibid. at 391.

(52.) Ibid. at 392; see also Case 2 BvR 1513/14 (2014) [Bundesverfassungsgericht] (unconstitutional to broadly interfere with a custodian’s direct and unrestricted communication with third parties, without balancing on a case-to-case basis the individual’s right to privacy against such limitations).

(53.) Case 1 BvR 1215/07 (¶ 225) (2013) [Bundesverfassungsgericht] (Counter-Terrorism Database).

(54.) Ibid. at (¶ 226) (2013).

(55.) Case 1 BvR 966/09 at (¶ 151) [2016] [Bundesverfassungsgericht] (BKA Opinion).

(56.) Ibid. at ¶ 30.

(57.) Bundesdatenschutzgesetz [BDSG] [Federal Data Protection Statute], Bundesgesetzblatt I. [BGBl. I.] 66 (2003) (most recently amended by Law of August 14, 2009, BGBl. I., 2814).

(58.) For example, there are special data protection provisions for prisoners. See Strafvollzugsgesetz [StVollzG] [Criminal Penalty Enforcement Statute], Bundesgesetzblatt I. [BGBl. I.] 581, 2088 (1976) (most recently amended by Law of July 29, 2009, BGBl. I., 2274), §§ 179–187.

(59.) Telemediengesetz [TMG] [Telemedia Law], Bundesgesetzblatt I. [BGBl. I.] 179 (2007) (most recently amended by Law of May 31, 2010, BGBl. I., 692). For a discussion of the “Layer Model,” see Wissenschaftliche Dienste des Deutschen Bundestags, Die Verletzung datenschutzrechtlicher Bestimmungen durch sogenannte Facebook Fanpages und Social-Plugins (October 7, 2011), p. 10, https://www.datenschutzzentrum.de/facebook/material/WissDienst-BT-Facebook-ULD.pdf.

(60.) Telekommunikationsgesetz [TKG] [Telecommunication Law], Bundesgesetzblatt I. [BGBl. I.] 1190 (2004) (most recently amended by Law of December 22, 2011, BGBl. I., 2958).

(61.) Thomas Hoeren, Wenn Sterne kollabieren, entsteht ein schwarzes Loch—Gedanken zum Ende des Datenschutzes, ZD 145–46 (2011).

(62.) An important organizational distinction can be made with the United States, where the Federal Bureau of Investigation (FBI) has traditionally functioned as both the federal police authority, like Germany’s BKA, and as a domestic intelligence agency, such as Germany’s Federal Office for the Protection of the Constitution.

(63.) Drucksache 17/6233, Deutscher Bundestag, 17. Wahlperiode 8 (2011), http://dipbt.bundestag.de/dip21/btd/17/062/1706223.pdf.

(64.) Big Brother Awards, Politics II: Interior Ministers, http://www.bigbrotherawards.de/2006/.pol/pol-02.

(65.) Gesetz zur Beschränkung des Brief-, Post- und Fernmeldegeheimnisses, Artikel 10-Gesetz [G-10] [G-10 Statute], Bundesgesetzblatt I. [BGBl. I.] 1254, 2298 (2001) (most recently amended by Law of November 17, 2015, BGBl. I., 1938), § 5a.

(66.) Ibid.

(67.) Ibid.

(68.) Ibid. at § 5(2).

(69.) Kontrollgremiumgesetz vom 29. Juli 2009 (BGbl. I S. 2346), § 4(1).

(70.) Bertold Huber, “Die Reform der parlamentarischen Kontrolle der Nachrichtendienste und des Gesetzes nach Art. 10 GG,” 28 NVwZ 1321 (2009).

(71.) G-10 Statute, § 15(5).

(72.) Unterrichtung durch das Parlamentarische Kontrollgremium, Drucksache 17/4278, p. 3.

(73.) Already in 2003, I had observed about the previous statutory provision creating this process for access to inventory information: “In Germany, it is quite easy to obtain ‘inventory information.’ Law enforcement officials can request it when required for discharge of ‘their legal functions,’ and judicial review of this request does not occur.” Paul M. Schwartz, “German and US Telecommunications Privacy Law,” 54 Hastings L.J. 751, 781 (2003).

(74.) Paul Wrusch, “Mal eben ausgespäht,” taz (June 19, 2011), http://taz.de/Demo-berwachung-per-Mobilfunk/!72708/.

(75.) Konrad Litschko, “Polizei sammelte Handydaten,” taz (January 23, 2012), http://www.taz.de/Autobrandstiftung-in-Berlin/!86239/.

(76.) Paul Wrusch, “Mal eben ausgespäht,” taz (June 19, 2011), http://taz.de/Demo-berwachung-per-Mobilfunk/!72708/.

(77.) Constanze Kurz, “Erneut steigende Zahl von Funkzellenabfragen,” netzpolitik.org (July 8, 2015), https://netzpolitik.org/2015/erneut-steigende-zahl-von-funkzellenabfragen/.

(80.) Markus Reuter, “Zwei Funkzellenabfragen am Tag alleine im Schleswig-Holstein,” netzpolitik.org (April 13, 2016), at https://netzpolitik.org/2016/zwei-funkzellenabfragen-am-tag-alleine-in-schleswig-holstein/.

(81.) “Das Ende von ELENA: Arbeitnehmer-Datenbank wird ‘schnellstmöglich’ eingestellt,” MMR-Aktuell 321105 (2011).

(82.) “Abschied von “Elena”: Regierung stoppt umstrittene Arbeitnehmer-Datenbank,” Spiegel (July 18, 2011), http://www.spiegel.de/netzwelt/netzpolitik/0,1518,775145,00.html.

(83.) Alec Stone Sweet, Governing with Judges: Constitutional Politics in Europe (Oxford: Oxford University Press, 2000), 22.

(84.) For a discussion of the over-constitutionalizing of German politics and law, see Michael Zürn, “Ist die Karlsruher Republik demokratisch?,” in Herzkammern der Republik 258 (Michael Stolleis, ed., 2011).

(85.) Gesetz zur Einführung einer Speicherpflicht und einer Höchstspeicherfrist für Verkehrsdaten 10.12.2015 BGBl. I S. 2218.

(86.) Quick Freeze/Datensicherung, Bundesministerium der Justiz, http://www.bmj.de/DE/Buerger/digitaleWelt/QuickFreeze/quickfreeze_node.html.

(87.) For a discussion, see Lothar Determann and Michaela Weigl, “Data Residency Requirements Creeping into German Law,” 15 PVLR 529 (March 14, 2016).

(88.) Max-Planck-Institut für ausländisches und internationales Strafrecht, Schutzlücken durch Wegfall der Vorratsdatenspeicherung, p. 219 (2d ed. 2011), https://www.mpg.de/5000721/vorratsdatenspeicherung.pdf.

(90.) “Vorratsdatenspeicherung: Friedrich stellt Studie infrage,” Focus (January. 27, 2012), http://www.focus.de/politik/deutschland/vorratsdatenspeicherung-friedrich-stellt-studie-infrage_aid_707678.html.

(91.) 100 BVerfGE 313, 363–64 (1999) (G-10).

(92.) See Baldus, Beck’scher Online-Kommentar Grundgesetz, Territorialer Schutzgehalt, Article 10, ¶¶ 20–21 (Epping, Hillgrubered ed. 29, 2015) (constitutional protection does not differentiate between where the German government acts or where the effects of the action occur, provided that the act represents the power of the German government); Hans-Jürgen Papier, Opinion on 1. Committee on Inquiry of the Parliament of the Federal Republic of Germany 18. Legislative Period, p. 7 (May 24, 2014), https://www.bundestag.de/blob/280842/9f755b0c53866c7a95c38428e262ae98/mat_a_sv-2-2-pdf-data.pdf (“an act of intervention has to be attributed to German authorities whenever it is conducted from German soil or with the approval and tolerance of German authorities”). For media coverage of the issue, see Thorsten Denkler, “NSA Untersuchungsausschuss: Juristen werfen BND Verfassungsbruch vor,” Süddeutschen Zeitung (February 5, 2015) at http://www.sueddeutsche.de/politik/nsa-untersuchungsausschuss-juristen-werfen-bnd-verfassungsbruch-vor-1.1972477.

(93.) Bundesbeauftragten für den Datenschutz und die Informationsfreiheit, Tätigkeitsbericht 2009 und 2010, Drucksache 17/5200, pp. 63–64.

(94.) Ibid.

(95.) Benno Barnitzke, “Microsoft: Zugriff auf personenbezogene Daten in EU-Cloud auf Grund US Patriot Act möglich,” MMR-Aktuell 3211103 (2011).

(98.) Arbeitskreise Technik und Medien der Konferenz der Datenschutzbeauftragten des Bundes und der Länder, Orientungshilfe—Cloud Computing 16 (Sept. 26, 2011).

(99.) Ibid.

(100.) Christian Schröder and Nils Christian Haag, “Neue Anforderungen an Cloud Computing für die Praxis,” 1 ZD 147, 150 (2011).

(101.) Jürgen Berke, “Innenminister Friedrich will Bundes-Cloud aufbauen,” Wirtschaftswoche (January 20, 2012).

(102.) IT Board Resolution, No 2015/5 (2015) (Beschluss des Rates der IT-Beauftragten der Ressorts, July 29, 2015).

(103.) Michael Rath et al., “Die neue Microsoft Cloud in Deutschland mit Datentreuhand als Schutzschild gegen NSA & Co.?,” Computerrecht 98, p. 100 (2016).

(104.) Ibid. at p. 101. For an analysis of this legal model, see Paul M. Schwartz & Karl-Nikolaus Peifer, “Datentreuhändermodelle—Sicherheit vor Herausgabeverlangen US-amerikanischer Behörden und Gerichte?,” Computer und Recht 165 (3/2017).

(105.) Ibid. at p. 103.

(106.) Microsoft Corporation v. United States, 2016 US App. LEXIS 12926 (2d Cir. 2016). Extraterritorial requests for information are possible, of course, under other legal authorities other than the SCA. Paul M. Schwartz, “Microsoft, Ireland and a Level Playing Field for US Cloud Companies,” 15 PVLR 1549 (August 1, 2016).

(107.) Peter Maushagen, “Erfolg mit der Wolke: Deutsche Cloud-Dienste werden bei US-Konzernen immer beliebter,” Businessinsider.de (March 17, 2015), at http://www.businessinsider.de/cebit-us-konzerne-schuetzen-daten-in-deutschen-cloud-diensten-4785413?IR=T.

(108.) Matter of Search of an Apple iPhone Seized during Execution of a Search Warrant on a Black Lexus IS300, California License Plate 35KGD203, No. ED 15-0451M, 2016 WL 618401 (C.D. Cal. Feb. 16, 2016).

(109.) See Kai Biermann and Patrick Beuth, “Was sind eigentlich Selektoren?,” Zeit (April 24, 2015), http://www.zeit.de/digital/datenschutz/2015-04/bundesnachrichtendienst-bnd-nsa-selektoren-eikonal.

(111.) The German government had refused to share the “selectors” with the German parliament; the compromise reached was to share them with an expert, Kurt Graulich, a former federal judge. The resulting report by Graulich also found evidence of economic espionage against European as well as German companies. The expert report was, in turn, widely criticized as placing too much blame on the NSA, the Americans, and too little on the BND, the Germans. See, for example, Kai Bermann, “Ein Versuch, den BND freizusprechen,” Die Zeit (October 30, 2015), at http://www.zeit.de/digital/datenschutz/2015-10/selektoren-nsa-bericht-graulich-bnd/komplettansicht; BND/NSA-Affäre, Heiseonline (October 30, 2015), at http://www.heise.de/newsticker/meldung/BND-NSA-Affaere-Sonderermittler-deckt-erhebliche-Maengel-und-Rechtsbruch-auf-2866243.html.

(112.) See Kai Biermann and Patrick Beuth, “Was sind eigentlich Selektoren?,” zeit.de (April 24, 2015), http://www.zeit.de/digital/datenschutz/2015-04/bundesnachrichtendienst-bnd-nsa-selektoren-eikonal.

(113.) Unterrichtung durch den Bundesbeauftragten für den Datenschutz und die Informationsfreiheit, Deutscher Bundestag, 18. Wahlperiode, Drucksache 18/59 (15.11.2013).

(114.) The report is entitled: Betreff: Datenschutzrechtliche Beratung und Kontrolle gemäβ‎ §24 und §26 Absatz 3 Bundesdatenschutzgesetz der Erhebung und Verwendung personenbezogener Daten in bzw. in Zusammenhang mit der Dienststelle des BND in Bad Aibling (May 15, 2016). For the Netzpolitik report on it, see Andre Meister, “Geheimer Prüfbericht: Der BND bricht dutzenfach Gesetz und Verfassung—allein in Bad Aibling,” Netzpolitik.org (September 1, 2016), at https://netzpolitik.org/2016/geheimer-pruefbericht-der-bnd-bricht-dutzendfach-gesetz-und-verfassung-allein-in-bad-aibling/. For an English translation of the Netzpolitik reporting, see Andre Meister, “Secret Report: German Federal Intelligence Service BND Violates Laws and Constitution by the Dozen,” Netzpolitiki.org (September 2, 2016), at https://netzpolitik.org/2016/secret-report-german-federal-intelligence-service-bnd-violates-laws-by-the-dozen/.

(115.) Lothar Determann and Karl T. Guttenberg, “On War and Peace in Cyberspace: Security, Privacy, Jurisdiction,” 41 Hastings Const. L.Q. 878, 886 (2014). Karl Guttenberg is the former Minister of Defense of Germany.

(116.) Ibid. at 885.

(117.) “Wir brauchen die amerikanischen Geheimdienste,” Frankfurt Allgemeine Zeitung (August 31, 2015), at http://www.faz.net/aktuell/politik/merkel-wir-brauchen-die-amerikanischen-geheimdienste-13778270.html.