Mobile phone search and analysis for asylum seekers
GFF is preparing to take legal action against the invasive search and inspection of asylum seekers’ mobile phones by the Federal Office for Migration and Refugees (BAMF). If refugees are unable to present a valid passport upon arrival in Germany, the BAMF routinely, in the absence of any concrete or individualized suspicion, examines data from their mobile phones in order to verify the information provided regarding identity. Little is known about this unprecedented procedure granting the government the right to access sensitive data in this manner. That must change. Together with journalist and computer scientist Anna Biselli, GFF is currently working on a comprehensive research project on the BAMF’s approach. GFF will publish the findings and plans to have the BAMF procedure for the search and inspection of mobile phone data reviewed by the courts. The Digital Freedom Fund is lending support to GFF on this project.
People whose identity cannot be established are not subject to deportation on the basis alone. Many of the people who arrive in Germany after fleeing their home countries cannot present a valid passport. In 2017, the Bundestag therefore established a legal basis permitting the search and inspection of mobile phones and other data devices on the assumption that this would be the only way to insure compliance with the legal obligation of many people to leave the country. In practice, however, the results of a parliamentary inquiry show that, despite carrying out thousands of such mobile phone searches, only in very rare cases was information uncovered that contradicted the information regarding identity that the asylum seeker had already provided. In the period from January to October 2018, only about 30 percent of the mobile phone data evaluations carried out were subsequently consulted at all during the asylum procedure. Moreover, the result of these reports that were then used deviated from the information provided in only 2 per cent of the cases.
No free consent for search and analysis, insufficient legal protections
The BAMF considers the mobile phone reading to be a “voluntary measure”. In practice, however, the situation is otherwise. Asylum seekers who cannot prove their identity with a passport or an appropriate document without question may refuse to surrender their mobile phone or other data carrier for search and inspection by the BAMF. However, they are legally obliged to cooperate with BAMF in establishing their identity. Furthermore, as the BAMF also points out to them, if they fail to fulfil this obligation, their application for asylum can be considered to be withdrawn.
Severe invasion of privacy
In view of the extensive, often very intimate data stored on smartphones, the search and inspection of mobile phones represents a particularly serious and extensive encroachment on the privacy of those affected. Due to their separation from home, family, and friends, mobile phones often play a particularly central role in the lives of refugees.
This data is evaluated by the BAMF in two steps: The data is first extracted and computer-aided analyzed, and the results of the evaluation are saved in a report. In the second step, this report may be released by an appropriately credentialed lawyer for the BAMF and used in the respective asylum procedure. The report comprises a variety of personal information, including the country code for incoming and outgoing calls, messages, contact information, and Web pages visited. The program used by the BAMF also evaluates location data and displays it on a map. Login names that the person concerned uses for various apps are also listed. Finally, SMS and messenger messages are subjected to a speech analysis to determines the language used, for example, the specific Arabic dialect.
The BAMF does not ensure that the core areas of the asylum seekers’ personal rights are protected, i.e., that access to particularly sensitive and private personal data is not granted. The BAMF is legally obliged to use mobile phone reading only as a last resort. For instance, targeted questions about the country and place of origin in the asylum hearing can clarify doubts about identity with greater certainty, obviating the need for an invasive search of the person’s mobile phone. Nevertheless, the BAMG normally carries out the mobile phone search long before the hearing takes place. Less drastic means used by the BAMF prior to mobile phone search and analysis are unknown.
High error rate susceptibility of the investigations
The mobile phone readout is also extremely error-prone. Only about 35 percent of the results are usable. For new mobile phones, for example, the data set is too small. Older mobile phone models are not supported by the BAMF program, and contradictory results occur when a mobile phone has been used by several people. The search and analysis of mobile phones also carries a risk of misuse. It is difficult for BAMF staff to assess the usefulness of the results. Even unusable test results can influence the decision in the asylum procedure and erroneously create doubt or suspicion.
Lack of transparency in the process and few results generated
ProAsyl, the German Bar Association (DAV), the Federal Data Protection Commissioner, GFF, and others have repeatedly criticized the lack of transparency of BAMF’s actions. Despite several inquiries from the Bundestag as well as from citizens, little is known about how the software used to read and analyze the information obtained from mobile phone and other data devices actually functions. The same problems exists with respect to the algorithms used to read and analyze the data obtained.
Protection of fundamental rights – also for asylum seekers
The BAMF’s procedure for searching asylum seekers’ data devices in its current form is subject to severe constitutional criticism. The BAMF already engages in intrusive invasion of the rights of thousands of people in the absence of any concrete individualized suspicion. In reality, the individuals affected lack any means to prevent the use of these measures and to ensure the protection of their private and sensitive personal data. The BAMF’s actions are thus highly disproportionate to the intended goal, given the fact that there are very few cases in which the BAMF finds any evidence of a false identity through the use of these invasive measures. As a result, it is quite evident that the BAMF’s blatantly violate the personal rights of a particularly vulnerable group of people through its actions.
GFF therefore wishes to have the courts review the search and analysis of asylum seekers’ mobile phones. The computer scientist and data protection expert Anna Biselli is currently preparing a pre-litigation study on the BAMF’s procedure. We thank the Digital Freedom Fund for their support in this research.
- The website of Anna Biselli with further information on mobile phone reading by the BAMF can be found here.
Photo credit: Close-up usb cable connect phone and laptop computer by Marco Verch (2017), Flickr (CC BY-SA 2.0)