With about 26 million personal data sets, the Central Register of Foreigners is one of the most extensive automated registers of the public administration. Every person living in Germany without German citizenship is registered. More than 16,000 public authorities and organisations with more than 150,000 individual users have access to the Central Register of Foreigners, including not only the immigration authorities but also police and prosecution authorities, intelligence services, job centres, youth welfare offices and courts. In 2020 alone, authorities carried out an average of 260,000 data queries in the Central Register of Foreigners each working day.

Refugees are particularly affected, since their biometric data as well as information on health, education and family are stored in addition to basic personal data and information on residence status. With the Act on the Further Development of the Central Register of Foreigners of 9 July 2021, the Federal Government has expanded the database for the third time in five years. In the future, other documents such as decisions on asylum applications and court decisions on asylum and residence law will also be stored in full text. These decisions sometimes contain highly sensitive information, for example on political beliefs, sexual orientation or mental illness.

GFF Study: The Central Register of Foreigners - A Data Collection Out of Control

The GFF study "The Central Register of Foreigners - A Data Collection Out of Control" shows that the Central Register of Foreigners has developed into a huge and almost uncontrolled data monster in recent years. The rights of those affected have been neglected in the process. Mechanisms to protect particularly sensitive data hardly exist. The potential for abuse is enormous given that hundreds of thousands of government employees have access to that much data, some of which is highly sensitive. Not only is there a danger that authorities will make far too extensive use of data retrieval. In the worst case, data such as address, sexual orientation or political beliefs can end up in the hands of racist criminals or persecuting states, putting the lives of those affected in danger. It is very difficult for individuals to obtain insights into the data stored about them: the application procedure is characterised by high hurdles, the answers take a long time to arrive and the scope of the information does not correspond to legal requirements.

External Content from YouTube

Please see the privacy policy of YouTube if you are loading external content.

Load content

GFF legal opinion: Central Register of Foreigners Act violates constitutional and European data protection provisions

A legal opinion prepared by Prof. Dr. Matthias Bäcker on behalf of the GFF concludes that large parts of the Central Register of Foreigners Act violate the fundamental right to informational self-determination, the prohibition of discrimination and European data protection law. In particular, the collection of data is not limited to what is necessary and proportionate. Storing asylum decisions in full text violates the principle of proportionality in a particularly blatant manner. Generally, full text decisions are not necessary and regularly contain data of high sensitivity: they describe the psychological condition, sexual orientation or ideological and political beliefs of the individual concerned.

The principle that data may only under strict conditions be used for purposes other than those for which they were initially collected is also violated: public authorities access the data collection not only for migration administration, but also for numerous other purposes. For example, security authorities use it for danger prevention and the benefit administration for checking claims. Due to the exchange of data with security authorities, police authorities, public prosecutors' offices and secret services can access all data in the Central Register of Foreigners. The only requirement that needs to be satisfied is that the data access is necessary for the fulfilment of their tasks. Data retrieval is not limited to particularly high-ranking legal interests, but can also take place for the prosecution or prevention of petty offences. There is no need for the police to demonstrate a specific basis for their investigation or a concrete danger. Vague suspicions are therefore sufficient to retrieve extensive personal data on a person and their family and social environment.

The use of a central data collection for the purposes of danger prevention and fighting crime is also an unconstitutional unequal treatment on the basis of nationality, without there being an objective reason for it. Fighting crime and preventing danger - unlike migration administration - are not generally related to nationality. By the far-reaching information transmission powers, the legislature reinforces the widespread racist prejudice that there is a connection between criminality and national origin. In fact, the crime rate - for Germans and foreigners - is closely linked to economic and social conditions.

The GFF is planning strategic lawsuits

The federal government has massively expanded the Central Register of Foreigners in recent years and, in doing so, has completely disregarded fundamental data protection requirements, especially with regard to refugees. So far, the federal government has gotten away with these violations of fundamental rights because refugees rarely go to court. This is the case because refugees have other, existential worries, they lack the financial means for legal action, and judicial clarification will take so long that they will hardly benefit from it. The GFF wants to fill this legal protection gap. Building on the comprehensive legal opinion, the GFF is planning strategic lawsuits against the Central Register of Foreigners Act before the administrative courts and the Federal Constitutional Court together with affected individuals. There must not be second-class protection of data and fundamental rights in Germany.