Bloomberg Law: Privacy & Data Security brings you single-source access to the expertise of Bloomberg Law’s privacy and data security editorial team, contributing practitioners,...
A German bill to allow law enforcement access to mobile device encrypted communications goes beyond what most Western countries allow, privacy attorneys told Bloomberg BNA.
The bill would create a legal framework to allow court-approved surveillance, the attorneys said. The bill cleared the lower house of Parliament June 22 and is expected July 7 to pass the upper house. It would need the president’s signature to become law. If enacted, the bill would take effect immediately.
Under the proposed law, companies that promise to keep user communications private, such as Facebook Inc.'s WhatsApp and Messenger, Open Whisper Systems’s Signal, and Telegram Messenger LLP, would face new challenges in Germany.
Germany has one of the strictest privacy regimes in the world and has been a strong advocate in the European Union of consumer privacy rights, but the anti-terrorism legislation would place national security ahead of personal privacy, attorneys say.
“Europeans, generally speaking, are more concerned with privacy rights than” U.S. citizens, Shawn Chang, privacy partner at Wiley Rein LLP in Washington and a former chief counsel in the U.S. House of Representatives, told Bloomberg BNA. “I am surprised that” Germany “would consider measures that would go so far,” he said.
German law enforcement, specifically the Federal Criminal Police Office, are already authorized to hack into consumer devices in cases of imminent threat of terror attacks, attorneys said.
Under the new bill, the authority would be expanded to cover other “severe” crimes—from online betting fraud to murder. The measure would also expand the authority to other law enforcement agencies that now must get a court warrant to intercept text messages and phone calls to investigate specific crimes.
The present legal regime also allows for access to communications via telecommunications operators, which can only turn over encrypted consumer data from apps. But law enforcement doesn’t have a a way to decrypt the communications, attorneys said. Apps with end-to-end encryption options, such as Microsoft Corp.'s Skype and WhatsApp, pose difficult challenges for law enforcement. The bill seeks to change that, the attorneys said.
In the U.S., a standoff between Apple Inc. and the FBI over access to an encrypted terrorist’s iPhone hurled the issue to the forefront of the debate over balancing privacy and security. Congress is considering legislation in the area and the Trump administration supports forcing companies to create consumer encryption backdoors.
The bill would allow law enforcement to secretly hack into the devices of suspected criminals with programs that would intercept their ongoing communications in real time via logging keystrokes, recording audio, or taking screenshots.
A WhatApps spokesman, although declining to comment on the particular bill, told Bloomberg BNA that legislation doesn’t “include any attempts to crack our method of end-to-end encryption or to include backdoors.”
“The bill would not oblige the manufacturers or service providers to cooperate but would allow the government to use existing backdoors or security loopholes to access the device—they would be allowed by law to hack the phone,” Christoph Nuessing, a technology attorney with Morrison & Foerster’s Berlin office, told Bloomberg BNA.
“What’s new is that they could listen in on data while you are typing that would otherwise be encrypted—so it would circumvent any encryption that has been put into place—without having the phone in hand,” he said.
Jorg Hladjk, privacy and data protection of counsel at Jones Day in Brussels, told Bloomberg BNA that the bill “opens up the big battlefield between safety, law enforcement and access to personal data on devices on one side, and data privacy on the other.” There may be issues with the legislation regarding constitutional privacy rights, he said.
Nuessing says the reach of the bill is likely to be struck down because of the degree to which it would intrude on individual rights: “Live ongoing communication is protected much more strictly than the seizure of data stored on a device,” he said.
In general, the U.S. has strict standards requiring law enforcement gain a warrant to seize or monitor personal data. The burden of proof for conducting live intercepts is very high, requiring a showing that there is no alternative, less intrusive manner to get the information, Jennifer Archie, a privacy and data protection partner at Latham & Watkins in Washignton, told Bloomberg BNA. “Everyone is sick of hearing that the U.S, doesn’t have privacy laws but we have the 4th amendment and that’s even better than European protections,” Archie said.
Lothar Determann, a data privacy and technology partner at Baker McKenzie in Palo Alto, Calif., told Bloomberg BNA that “legal protection against government surveillance is relatively strong in the United States compared to many European jurisdictions, including Germany.”
To contact the reporter on this story: Jabeen Bhatti in Berlin at email@example.com
To contact the editor responsible for this story: Donald Aplin at firstname.lastname@example.org
The bill is available, in German, at http://dip21.bundestag.de/dip21/btd/18/127/1812785.pdf.
Copyright © 2017 The Bureau of National Affairs, Inc. All Rights Reserved.
All Bloomberg BNA treatises are available on standing order, which ensures you will always receive the most current edition of the book or supplement of the title you have ordered from Bloomberg BNA’s book division. As soon as a new supplement or edition is published (usually annually) for a title you’ve previously purchased and requested to be placed on standing order, we’ll ship it to you to review for 30 days without any obligation. During this period, you can either (a) honor the invoice and receive a 5% discount (in addition to any other discounts you may qualify for) off the then-current price of the update, plus shipping and handling or (b) return the book(s), in which case, your invoice will be cancelled upon receipt of the book(s). Call us for a prepaid UPS label for your return. It’s as simple and easy as that. Most importantly, standing orders mean you will never have to worry about the timeliness of the information you’re relying on. And, you may discontinue standing orders at any time by contacting us at 1.800.960.1220 or by sending an email to email@example.com.
Put me on standing order at a 5% discount off list price of all future updates, in addition to any other discounts I may quality for. (Returnable within 30 days.)
Notify me when updates are available (No standing order will be created).
This Bloomberg BNA report is available on standing order, which ensures you will all receive the latest edition. This report is updated annually and we will send you the latest edition once it has been published. By signing up for standing order you will never have to worry about the timeliness of the information you need. And, you may discontinue standing orders at any time by contacting us at 1.800.372.1033, option 5, or by sending us an email to firstname.lastname@example.org.
Put me on standing order
Notify me when new releases are available (no standing order will be created)