Laudator: Alvar Freude
The BigBrotherAward 2008 in the category “Consumers” goes to the
Members of the
16th German Bundestag
(the Lower House in Germany’s Federal Parliament), represented by Dr. Norbert Lammert, President of the Bundestag
for waving through a number of laws which enforce the collection, long-term storing and sharing of detailed data of travellers.
Travellers nowadays are under constant observation. One could be led to think that travelling per se is sufficient to make one suspicious of terrorist or criminal acts. Not only the permanent video surveillance in train stations and airports, in underground trains and busses leaves a bad aftertaste. Also the German federal state’s laws on mass storing of car number plates — which have been scrapped by the Federal Constitutional Court (Bundesverfassungsgericht, the highest German court), for the time being — must give “respectable” citizens pause for thought. Even travelling on a train can hardly be done without being stored in a database. The German train company Deutsche Bahn received the BigBrotherAward for this last year. Soon there will be no means of travel left that could evade permanent surveillance. And the net is getting ever tighter.
Did you know for instance that in the future the data of of ferry or cruise ship passengers will be automatically forwarded to the marine authorities and the Federal Police, stored there, and even passed on to other authorities and enterprises? Your day trip to the East Frisian Islands will be registered in the future.
This is thanks to a law that was waved through by the Bundestag on 24 January 2008 with only a handful of “nays” and all but unnoticed by the public.1 It goes by a somewhat unwieldy name: Gesetz2 zur Änderung seeverkehrsrechtlicher, verkehrsrechtlicher und anderer Vorschriften mit Bezug zum Seerecht, approximately “Law on the Amendment of Directives on Seafaring and Traffic and other Directives Pertaining to Marine Legislation”, which in itself might indicate that our representatives didn’t occupy themselves all too much with it. A new section of article 9 of the Federal Maritime Responsibilities Act (Seeaufgabengesetz)3, for instance, has a list of data items that have to be stored for every passenger — for “danger prevention”, of course — among them name, passport number and the ports of departure and arrival. These data may be shared with unspecified “public bodies” — as well as, if necessary, port operators, ship registration offices, port services and other non-public bodies, i.e. private firms. Even data transfers to “foreign or supra- or crossnational bodies” are allowed, with a few vaguely formulated exceptions.
It follows that it is far from clear where your data might eventually land. And the law does not specify how long the data will be stored. There is only a short statement that the ministry for interior affairs and the ministry of transport will deal with this internally. A blank cheque for uncontrolled storage and processing of sea-travel data of 29 million passengers per year.
The reasons for the data collection sound familiar: according to its explanatory memorandum, the law is meant to ferret out alleged “risk persons”. The purpose of collecting passengers’ data used to be above all to find out who was on board at the time of an accident. Nowadays it is about filtering out unwanted people — at the price of another piece of anonymity and privacy of all sea passengers.
So much about seafaring. But the perspective from the air is no better: on 15 November 2007 the members of the Bundestag passed a law4 that ratifies the agreement on flight data5 between the EU and the USA. The negotiations for this agreement were masterminded during the German Presidency of the EU by, among others, the German Minister for the Interior, Dr. Wolfgang Schäuble — himself a well known data leech. The agreement regulates sharing of data from the airlines with the US Ministry of Homeland Security. It replaces a previous agreement of 2004 which had been scrapped by the European Court of Justice for its lack of legal foundation6. A pity, one could almost say in retrospect; for now the level of data protection was lowered even more. For instance, the US now give less guarantees with respect to European norms on data use, and also store them longer: for 15 years.
This is all about the so-called Passenger Name Records (PNR). They are transferred by the airlines to the US authorities even before take-off, and will be processed not only by the customs and the border police but will also be stored at the Ministry of Homeland Security. These PNR data comprise 19 items, among them name, address and credit card data, and also information about hotel reservations, seat number, even individual food preferences come under scrutiny. Even the price of the ticket and the name of the clerk in the travel agency who sold it are stored. For 15 years. Just once ordered the wrong meal on a flight? Been seated beside a suspicious passenger? Booked in the wrong travel agency? Stored for 15 years. A right of access to the data stored about you or towards court appeals is not provided.
Well may you ask: Why are the US authorities so interested in these details? But even more exciting is the question: Why have the members of the Bundestag voted in favour of such a comprehensive sharing of data?
Their own personal data are sacrosanct to many members of the German parliaments. Germans well remember the reactions of some of them when they were called upon to declare their financial interests. But for many members, the privacy of the citizens doesn’t seem to be all that worthy of protection.
By the way: Should you now decide not to travel, or at least not directly, to the US, in order to protect your privacy, this will not help you for long. The EU has similar plans for flights between other non-EU states and Europe. Again, they want to store the sensitive data for years, for whatever purpose. As yet, the Bundestag is opposed to this. We may ask: for how long?
The next data collection laws are imminent, therefore: think twice, dear Members of Parliament, about your decision and do not say “aye” lightly.
For the time being:
Congratulations for receiving the BigBrotherAward, dear members of the 16th German Bundestag!
Congratulations for receiving the BigBrotherAward, Herr Dr. Lammert!
1 Plenary protocol: http://dip21.bundestag.de/dip21/btp/16/16139.pdf
3 Full text of the Federal Maritime Responsibilities Act: http://www.gesetze-im-internet.de/bseeschg/BJNR208330965.html
4 Law on the agreement from 26 July 2007 between the European Union and the United States of America on the processing of flight passenger data (Passenger Name Records — PNR) and their transfer by the airlines to the United States Department of Homeland Security (DHS) (PNR-Abkommen 2007)
http://frei.bundesgesetzblatt.de/pdf/bgbl2/bgbl207s1978.pdf[Inhalt nicht mehr verfügbar]
5 Plenary protocol: http://dip21.bundestag.de/dip21/btp/16/16126.pdf