Jump to content
Trojaner für den Verfassungsschutz, Big-Data-Werkzeuge für die Polizei
Überwachung von StockSnap, lizensiert unter Pixabay License
Freedom in the digital age
Art. 1, 2, 10

Trojans for the Office for the Protection of the Constitution, Big Data Tools for the Police

We are taking legal action against the Hamburg Police and Protection of the Constitution Act.

In November 2020, we filed a constitutional complaint against amendments to Hamburg's laws on the protection of the constitution and on data processing by the police - together with the German Journalists' Union, the Humanist Union Hamburg, the Critical Law Students Hamburg and the Association of Democratic Lawyers. The complaint is directed against the use of trojans by the State Office for the Protection of the Constitution and against the power of the police to create personality profiles of people by means of algorithms.

Our case is related to federal policy: In the summer of 2021, the Article 10 Act was amended in such a way that, after the police, all secret services in Germany are now also allowed to use the most severe surveillance tool available to the state: trojans. The reform of the Article 10 Act suffers from the same shortcomings as the Hamburg Act on the Protection of the Constitution. Our complaint against the Hamburg law is hence a model case for reform at the federal level.

After an amendment to the law in April 2020, the Hamburg Office for the Protection of the Constitution is allowed to hack into the devices of certain individuals without a court order or similar prior control (§ 8 para. 12 of the Hamburg Law on the Protection of the Constitution). This endangers the confidential communication of professional secrets such as lawyers and journalists and thus the freedom of the press, the secrecy of telecommunications and the so-called IT fundamental right (right to a guarantee of the integrity and confidentiality of information technology systems).

Trojans in the hands of secret services are unconstitutional if their use is not strictly limited, if it does not have to be approved by a court and where is not guaranteed that the state does not deliberately leave open security loopholes in IT systems that can become extremely dangerous even for completely innocent people (see our constitutional complaint against the use of state trojans under the Code of Criminal Procedure).

In our case against foreign surveillance by the Federal Intelligence Service before the Federal Constitutional Court, we successfully fought for a significant expansion of the control regime of secret surveillance measures. This can be applied all the more to the domestic intelligence services: their surveillance measures can have far more serious consequences for those affected, because there is a much more immediate threat of access by the state. If surveillance powers are now extended in Hamburg instead of first improving the control regime for the BND in accordance with the requirements of the Federal Constitutional Court, a violation of the constitution is pre-programmed.


Our complaint is also directed against section 49 of the new Hamburg law on police data processing. This paragraph allows the police to create automated personal profiles from an unspecified amount of data, including in any case the data from police databases and, if necessary, also publicly available data from social media, for example. It is unclear who can be profiled and what consequences any "by-catch" will have for those affected, i.e. the recording of persons who are not considered dangerous. It is also unclear exactly for what purposes software can be used and how long the profiles will be stored.

Such big data solutions, which the controversial US company Palantir has already successfully offered to the Hessian police, should be much better contained and controlled by the rule of law than by the completely undefined current regulation.


The plaintiffs in the case are an activist, the defence lawyer Britta Eder and several journalists, including Sebastian Friedrich (freelance journalist, e.g. NDR) and Katharina Schipkowski (taz). The complaint was written by Jun.-Prof. Dr. Sebastian Golla (Ruhr-Universität Bochum).