In June 2021, we achieved the first major victory for the privacy of refugees: The Berlin Administrative Court upheld our complaint and followed our assessment that the assessment of the 44-year-old plaintiff's mobile phone from Afghanistan was unlawful. According to the court, the legal requirements of conducting such an assessment were not fulfilled. The decision calls into question the entire practice of the BAMF's mobile phone data evaluations. The BAMF has filed an appeal with the Federal Administrative Court. Since the BAMF's practice affects the fundamental rights of thousands of refugees and the case is of fundamental importance, the Berlin Administrative Court, with the agreement of the BAMF and the GFF, allowed a direct appeal to the Federal Administrative Court.
Little was known about this unprecedented procedure granting the government the right to access sensitive data in this manner. In order to change that, GFF cooperated with journalist and computer scientist Anna Biselli and published a comprehensive study on the BAMF’s approach at the end of December 2019: ” Invading Refugees’ Phones: Digital Forms of Migration Control”. The Digital Freedom Fund provided support to the GFF on the pre-litigation research. In order to have the Migration Office’s procedure for the search and inspection of mobile phone data reviewed by the courts, we filed three lawsuits in May 2020. In February 2021, we also filed a complaint with the Federal Data Protection Commissioner. The Digital Freedom Fund supports this project.
Legal actions in Hanover, Berlin and Stuttgart
The GFF is taking action against the mobile phone data analysis together with three plaintiffs and their lawyers, Dr. Matthias Lehnert and Roland Meister. The plaintiffs fled to Germany, where the BAMF evaluated their mobile phones. One of them is 29-year-old Mohammad A, who is from Syria and was recognized as a refugee in Germany in 2015. In 2019, the BAMF reviewed old asylum decisions without a specific reason – including Mohammad A.’s recognition as a refugee. During this review, the BAMF carried out a routine evaluation of his smartphone.
"Suddenly the BAMF employee told me to hand over my mobile phone and unlock it. I didn’t know what was happening, nothing was explained to me. But I was afraid of being deported. So I gave him the mobile phone. It felt like I was handing over my whole life.”
– Mohammad A., plaintiff
The original positive decision on Mohammad A.’s application for asylum was maintained.
The case of Mohammad A. is pending before the administrative court of Hanover. In addition, GFF filed a complaint with an about 37-year-old woman from Afghanistan before the administrative court in Berlin and with a 25-year-old woman from Cameroon before the administrative court in Stuttgart. The Berlin Administrative Court upheld our complaint in June 2021 and allowed a direct appeal to the Federal Administrative Court. As a result, we have suspended the two other court cases. Our goal is to end the current practice of the BAMF - either through a strict and restrictive interpretation of the current law or by taking the legal basis for the analysis of mobile phone data to the Federal Constitutional Court.
FUNDAMENTAL RULING FOR REFUGEE'S RIGHT TO PRIVACY
In February 2023, the Federal Administrative Court upheld the complaint of the 44-year-old Afghan woman against the BAMF which we supported, and rejected the appeal of the other side. Like the Berlin Administrative Court in the first instance, the Federal Administrative Court ruled that the BAMF's analysis of the 44-year-old's mobile phone was unlawful. With its ruling, the Federal Administrative Court confirms that the evaluation of refugees' smartphones right at the beginning of the asylum procedure is illegal. The BAMF must first examine whether there are milder means of establishing identity and nationality. The court did not rule on the question of whether an analysis at a later point in time complies with fundamental rights.
Complaint to the Federal Data Protection Commissioner
In addition to the three administrative court actions, the GFF, together with Mohammad A., filed a complaint with the Federal Commissioner for Data Protection Ulrich Kelber in February 2021. The Federal Commissioner for Data Protection and Freedom of Information supervises compliance with data protection law at the BAMF, can demand access to official rooms and files and complain to the higher-level Federal Ministry of the Interior about any violations found. The predecessor of the current Federal Commissioner for Data Protection, Andrea Voßhoff, had already expressed considerable data protection concerns in a statement during the legislative procedure for the introduction of the legal basis for mobile phone data evaluations.
The phone searches are supposed to prevent “asylum abuse”, but hardly ever uncover false information
People whose identity cannot be established are not subject to deportation solely on this basis. Many of the people who arrive in Germany after fleeing their home countries cannot present a valid passport. In 2017, the Bundestag therefore established a legal basis permitting the search and inspection of mobile phones and other data devices, on the assumption that this would be the only way to ensure compliance with the legal obligation of many people to leave the country.
In practice, however, the results of a parliamentary inquiry show that, despite carrying out thousands of such mobile phone searches, only in very rare cases was information uncovered that contradicted the information regarding identity that the asylum seeker had already provided. In the period from January to October 2018, only about 30 percent of the mobile phone data evaluations carried out were subsequently consulted at all during the asylum procedure. Moreover, the result of these reports that were then used deviated from the information provided in only 2 per cent of the cases. There is no information for 2018, but in 2019 and 2020 combined there were 75 asylum applicants for whom the mobile phone data analyses revealed such a contradiction with information provided.
Severe invasion of privacy
In view of the extensive, often very intimate data stored on smartphones, the search and inspection of mobile phones represents a particularly serious and extensive encroachment on the privacy of those affected. Due to their separation from home, family, and friends, mobile phones often play a particularly central role in the lives of refugees.
This data is evaluated by the Migration Office in two steps: The data is first extracted and computer-assisted analyzed, and the results of the evaluation are saved in a report. In the second step, this report may be released by an appropriately credentialed lawyer for the Migration Office and used in the respective asylum procedure. The report comprises a variety of personal information, including the country code for incoming and outgoing calls, messages, contact information, and Web pages visited. The program used by the Migration Office also evaluates location data and displays it on a map. Login names that the person concerned uses for various apps are also listed. Finally, SMS and messenger messages are subjected to a speech analysis to determines the language used, for example, the specific Arabic dialect.
The Migration Office does not ensure that the core areas of the asylum seekers’ personal rights are protected, i.e., that access to particularly sensitive and private personal data is not granted. The Migration Office is legally obliged to use mobile phone reading only as a last resort. For instance, targeted questions about the country and place of origin in the asylum hearing can clarify doubts about identity with greater certainty, obviating the need for an invasive search of the person’s mobile phone. Nevertheless, the Migration Office normally carries out the mobile phone search long before the hearing takes place. Less drastic means used by the Migration Office prior to mobile phone search and analysis are unknown.
High error rate susceptibility of the investigations
The mobile phone readout is also extremely error-prone. Only about 35 percent of the results are usable. For new mobile phones, for example, the data set is too small. Older mobile phone models are not supported by the Migration Office program, and contradictory results occur when a mobile phone has been used by several people. The search and analysis of mobile phones also carries a risk of misuse. It is difficult for Migration Office staff to assess the usefulness of the results. Even unusable test results can influence the decision in the asylum procedure and erroneously create doubt or suspicion.
Lack of transparency in the process and few results generated
ProAsyl, the German Bar Association (DAV), the Federal Data Protection Commissioner, the GFF, and others have repeatedly criticized the lack of transparency of Migration Office’s actions. Despite several inquiries from the Bundestag as well as from citizens, little is known about how the software used to read and analyze the information obtained from mobile phone and other data devices actually functions. The same problems exists with respect to the algorithms used to read and analyze the data obtained.
Protection of fundamental rights – also for asylum seekers
The Migration Office’s procedure for searching asylum seekers’ data devices in its current form is subject to severe constitutional criticism. The Migration Office already engages in intrusive invasion of the rights of thousands of people in the absence of any concrete individualized suspicion. In reality, the individuals affected lack any means to prevent the use of these measures and to ensure the protection of their private and sensitive personal data. The Migration Office’s actions are thus highly disproportionate to the intended goal, given the fact that there are very few cases in which the Migration Office finds any evidence of a false identity through the use of these invasive measures. As a result, it is quite evident that the Migration Office’s blatantly violate the personal rights of a particularly vulnerable group of people through its actions.
The GFF therefore has the courts review the search and analysis of asylum seekers’ mobile phones. Together with computer scientist and data protection expert Anna Biselli, we prepared a pre-litigation study on the Migration Office’s procedure. We thank the Digital Freedom Fund for their support in this research.
Following a call by the United Nations Special Rapporteur on contemporary forms of racism, xenophobia and related intolerance, E. Tendayi Achiume, GFF submitted the study to the Office of the United Nations High Commissioner for Human Rights on May 15, 2020. The submission will inform the Rapporteur’s thematic report to the UN General Assembly examining digital technologies deployed in the context of border enforcement.
- Recording of the lecture on digitized migration control and mobile phone searches by Lea Beckmann and Anna Biselli at the 36C3 (27.12.2019)
- Race, Borders, and Digital Technology: Submission to the Office of the United Nations High Commissioner for Human Rights (15.05.2020)
- The website of Anna Biselli with further information on mobile phone reading by the Migration Office can be found here.
Photo credit: Close-up usb cable connect phone and laptop computer by Marco Verch (2017), Flickr (CC BY-SA 2.0)