Germany joins worldwide surveillance trend

From...

By Rick Perera

BERLIN (IDG) -- The German government has approved a surveillance regulation intended to make it easier for authorities to eavesdrop on communications via fixed-line and mobile phone, e-mail, fax and SMS (short message service).

The move puts Berlin in-line with other Western governments rushing to enact similar rules since the September 11 terrorist attacks in the United States.

The new rule, passed by the Cabinet, requires network providers to install and maintain equipment and procedures to give access to their customers' electronic traffic when authorities have a legal surveillance order. Eavesdropping "in cases of suspicion of certain serious crimes" is already allowed under existing law, the government said in a statement.

The technical requirements are limited to providers of "public telecommunication systems," which include fixed-line and mobile phone operators and providers of e-mail accounts, but not ISPs (Internet service providers), the government said.

IDG.net INFOCENTER IDG.net's main page Free daily newsletters PC World.com Product Finder Computerworld Communities Related IDG.net Stories Future tense: Business and technology after Sept. 11 IT community resists Carnivore bill at ISPcon Senate OKs use of Carnivore against terrorism Features Cool gifts for cool nerds! Your complete guide to broadband DSL bloodbath continues Visit an IDG site Choose a site: IDG.net CIO Computerworld Darwin Dummies.com GamePro.com The Industry Standard ITWorld.com InfoWorld.com JavaWorld LinuxWorld Macworld Online Network World Fusion PC World Publish.com UnixInsider IDG.net search

However, "operators of the means of transmission that provide immediate user access to the Internet," such as DSL (digital subscriber line) connections, are also required to install the eavesdropping technology. In Germany, the largest such operator is Deutsche Telekom AG, the former incumbent telecom provider, which is still majority-owned by the state.

Proposals for surveillance regulations were already on the table before September 11, but faced heavy criticism from the IT and telecom industry, which complained of the high cost of installing the required equipment. However, industry representatives agreed to a compromise version of the regulations in a September 27 meeting with government officials.

Not all industry concerns were addressed in the new version, said the IT industry association BITKOM (Bundesverband Informationswirtschaft, Telekommunikation und neue Medien e.V.) in a statement, "but the regulation now presents an acceptable compromise between the legitimate interests of the state in surveillance of telecommunication and the Internet, on one side, and the technical and economic possibilities for the realization in practice on the other side."

BITKOM was particularly relieved that the compromise version does away with plans for the wholesale surveillance of service providers, but rather focuses on user network connections, which the group said lightens the load for smaller network providers and ISPs.

But privacy advocates were not so easily pacified.

In a joint statement, 12 human rights groups warned Wednesday of the danger of a "surveillance state," citing the country's experiences with totalitarianism under the Nazi regime and East German communism.

"The balance between legally guaranteed citizen freedoms and the state's rights of encroachment must not -- as at present -- be abolished in the interest of abstract state security," wrote the activists, who include the Humanist Union, the German Association for Data Protection, and the hackers' group Chaos Computer Club. They were addressing not only the eavesdropping rule, but other proposed security measures including fingerprinting, the release of student records to police, and increased surveillance of non-Germans.

"Almost all of the proposed measures massively interfere with basic rights. But none of them creates more security for citizens. In a democratic, constitutional state, infringements according to the motto 'something has to happen' or 'those who have nothing to hide...' are not acceptable," they continued.

Several countries have proposed or passed new security measures in the aftermath of the September 11 attacks.

In the U.S., the House and Senate have passed bills broadening law enforcement authority to tap phones, e-mail and Internet surfing, and share that information among agencies.

The United Kingdom's government has proposed emergency antiterrorism legislation that would, among other things, "allow communication providers to retain data about customer communication, but not the content, for access by law enforcement," a spokesman for the Home Office said, adding that the proposal will be debated in Parliament in the coming weeks.

And in France, the Senate adopted on October 17 antiterrorism proposals by the Interior Minister, including requirements for "decryption, under certain circumstances, of encrypted messages transmitted by means of the Internet." The proposals is to be taken up by the National Assembly on October 31.