Jump to content
Überwachungskameras Bild von Joseph Mucira auf Pixabay
Freedom in the digital age
Art. 10, 2, 1

Article 10 Act: The constitution also applies to the Office for the Protection of the Constitution

Together with ten plaintiffs we have filed a constitutional complaint against the Article 10 Act and other laws.

On 9 July 2021, the Act "on the adaptation of the law on the protection of the constitution" came into force. For the first time, this law grants all 19 German intelligence services the right to use state trojans to read ongoing communication on computers or smartphones, as well as even past communication data. The measures massively encroach on several fundamental rights – without any significant hurdle or sufficient external control. At the same time, individual legal protection is almost impossible, as the surveillance takes place in secret and is usually not disclosed afterwards. Together with ten plaintiffs, we have filed a constitutional complaint against the Article 10 Act (G10) and other laws. The plaintiffs include GFF president and journalist Ulf Buermeyer, lawyer Seda Başay-Yıldız, who was affected by NSU2.0, and Peng! action artist and journalist Jean Peters.

Photos, videos, private messages and stored contacts. With the spying software known as the state trojan, secret services can read out the data of end devices such as smartphones or computers without being noticed. The amendment of the Federal Constitutional Protection Act and the Article 10 Act has been allowing all 19 secret services to use this measure since mid-2021 – without sufficient control and low-threshold.

The access to the end devices takes place secretly and is usually not disclosed afterwards, so that those affected cannot defend themselves against it. This clearly endangers the protection of the secrecy of telecommunications under Article 10 of the Basic Law. Since not only current communication is intercepted, but state trojans can also read out stored communication files, the so-called fundamental right of guaranteeing the confidentiality and integrity of information technology systems is also violated (Art. 2 para. 1 in conjunction with Art. 1 para. 1 GG).

However, not only the use of state trojans is problematic. The procurement and prerequisite for the use of state trojans in the first place also forces the government into a fundamental rights dilemma.

The government leaves security gaps open and risks cyber attacks

State trojans infiltrate end devices such as smartphones or computers through security vulnerabilities. These vulnerabilities exist due to flaws in the devices' software. In order to prevent foreign interference, the gaps would have to be reported to the manufacturers and then fixed. However, the government does not do this. Instead, it buys information about security vulnerabilities on the black market and uses it for its own surveillance purposes.

The Federal Constitutional Court has made it clear that the government has a duty to protect IT security. This means that the government is obliged to actively contribute to the protection of information technology systems, e.g. in the form of a statutory vulnerability management in dealing with known IT security gaps. If the government exploits these gaps, it endangers the integrity of these systems and does not fulfil its duty to protect IT security.

WannaCry – security vulnerabilities endanger society as a whole

The impact of security vulnerabilities that are abused by third parties is shown by the case of "WannaCry": The malware caused damage worldwide in May 2017 by crippling the information technology systems of public authorities and companies, in particular also of British hospitals. The hackers only released the systems again in exchange for a ransom payment. The security vulnerabilities through which the "WannaCry" hackers gained access to the systems had previously been captured by the American intelligence service NSA.

In April, the GFF won a major victory against the escalating surveillance practices of the intelligence services with the landmark ruling on the Bavarian Constitutional Protection Act. The constitutional complaint on G10 now follows on from this success. The requirements set by the Federal Constitutional Court must also be extended to the rest of the intelligence services law.

Grundrechte verteidigen.
Fördermitglied werden!