Politics (2018)

Parliamentary groups of the Christian Democrats (CDU) and the Greens in Hesse

The parliamentary groups for the Christian-Democratic and the Green parties in the state parliament of Hesse receive the BigBrotherAward 2018 in the Politics category for their plans for a new domestic intelligence law. The draft by the “black-green coalition” contains an accumulation of grave surveillance powers that facilitate severe interferences with fundamental rights: So-called state trojans are to be used to secretly infect and investigate “suspect” computers, employees of projects to further democratic society are to be screened by intelligence agencies and, in a legal novelty, criminal undercover agents are to be exempted from persecution. All in all, this is a severe attack on democracy, on the rule of law, and on fundamental rights.
Portraitaufnahme von Rolf Gössner.
Dr. Rolf Gössner, Internationale Liga für Menschenrechte (ILFM)

The BigBrotherAward 2018 in the “Politics” Category goes to the parliamentary groups of the Christian Democrats (CDU) and the Greens in the parliament of the Federal State of Hesse.

The two governing parliamentary parties receive this negative award for their plans for a new law on the state’s domestic intelligence agency and for their planned reform of the Hessian police law. Their legislative proposals contain a dangerous collection of grave surveillance powers. These will profoundly affect fundamental rights and threaten the rule of law. The worst measures in brief:

1. The domestic intelligence agency (“Verfassungsschutz” – literally translated, “Protection of the Constitution”) is to be allowed to recruit undercover agents even when these have previously been convicted, and to continue using agents after they are found to be criminals. Experience shows that the agency has been doing exactly that even today – what is new is that this practice is to be given a legal basis, and that it will be possible and perfectly legal for agents who committed crimes to be exempted from criminal investigation. A free pass for criminal activities on a state mission, in violation of the rule of law.

2. The agency will also be able to recruit holders of professional secrets such as doctors, lawyers or journalists as undercover agents, or to place such agents among these persons’ professional contacts. This violates the obligation to confidentiality and the vulnerable relationships of trust to clients, patients, or sources.

3. Even data on minors under the age of 14 – in other words, children – is to be legally collected and stored by the domestic intelligence agency. This kind of stigmatisation by secret services at such an early age can have fatal consequences in further life for the people affected – for career choices, in the search for further education or jobs.

4. The domestic intelligence agency is to be empowered to share personal surveillance findings with public bodies – in order to “vet persons who apply for civil service positions regarding their loyalty to the constitution”. That is a dark reminder of the earlier practice of conviction scrutiny and occupational bans that contravened human rights. Also threatened by regular and suspicionless secret service inspection are organisations and potential employees in state-sponsored democracy and prevention projects, for example against right extremism or salafism. This will portray them as overall security risks and place them under general suspicion.

5. Spy software, or State Trojans, are to be injected into suspects’ computers and smartphones using discovered or purchased security vulnerabilities. This will be used to investigate these suspects in “preventative” remote evidence collection or telecommunication surveillance.

6. And police forces are to be empowered to use electronic tags on so-called “endangerers” as a preventative measure, in order to monitor their movements and contacts over several weeks or months. These are people who may have not committed any crimes, it will suffice that the police have certain clues that they might commit crimes in the future.

Towards the preventative-authoritarian security state

With this legislative proposal, the black-green coalition in Hesse is making great strides towards a preventative-authoritarian security state. With its very precarious regulations, this is one of many new laws across Germany which legalise, among other measures, the use of State Trojans for on-device communication interception and remote evidence gathering as well as electronic tagging for “endangerers”.

The original motivation to reform the domestic intelligence laws at the state and federal level was that consequences were overdue from numerous defects, failings and scandals relating to the series of murders committed by the Neo-Nazi terrorist group NSU (“National Socialist Underground”) and the revelations of mass surveillance by the NSA. As prime objectives, the new law would therefore have to apply effective legal restraints on the domestic intelligence agency and its powers, and significantly strengthen its supervisory bodies. But instead, these secret authorities, which are almost beyond democratic control, are given an undeserved boost despite their history; they are being upgraded and made ready for mass surveillance, and no effective protections are implemented against these services’ scandals and schemes. As a result, the domestic intelligence agency is emerging with new strength from their disasters and record of scandals. And the police’s armament is being upgraded as well.

What does this mean for those immediately affected, and for us all? Two examples:

1 – Clandestine attacks on computers and smartphones with State Trojans

Under certain conditions and to avert threats, the Hessian domestic intelligence agency is to be allowed to carry out technological attacks on “IT systems” . In plain English: this domestic secret service is allowed to hack computer systems with spy software for the sake of clandestine information gathering. The software used is one of the notorious “State Trojans”, or as they are called in Hesse, the “Hessian Trojan”1. The video that you just saw is a compelling insight into the way this works and how critical infrastructures such as hospitals, transport systems or water supplies can be impacted. A daunting example is the ransomware Trojan “Wannacry” that in Mai 2017 paralysed not only private PCs but also automotive industries, railway operators and hospitals, causing billions of damage. The weakness it exploited had been known to the US foreign intelligence agency NSA for years.

You have to remember that the secretive use of State Trojans can never be effectively supervised, neither by parliament committees nor by courts, although it is among the gravest state interferences with basic rights that threatens the “core area” of a person’s life. It also impedes the confidentiality and integrity of IT systems, wide-opening doors to abuse and serious cyber attacks.

2 – Electronic tags for tracking “endangerers’” locations

Hessian police is to be allowed to use electronic tags on so-called “terrorist endangerers” as a preventative measure, like the Federal Criminal Police Office has been able to do since 2017, and to obligate registration with authorities, restrict movements, impose house arrests, and prohibit certain social contacts. On condition of a judicial order, these restrictions are to be continuously monitored via GPS, even inside homes. This is to be allowed, in the words of black-green draft law, “if certain facts justify the expectation” that the individual, “within an assessable period of time and in a way that can be substantiated at least in terms of its kind”, will commit a crime – “or if their individual behaviour constitutes a concrete potential that within an assessable period of time” they will commit a crime. You could hardly be more vague, could you?

This electronic surveillance measure that is to prevent, among others, terrorist offences, is to be time-limited to three months at most. But this limit can be extended by three months at a time – in effect, indefinitely. If the people affected refuse the surveillance, they can be placed under police custody for up to ten days, depending on a judicial order.

Such deeply impactful and behaviour-controlling police actions, which also yield movement profiles and allow inferences on the personal conduct of life, are to be used against so-called endangerers. In other words, they may target people that so far have not committed a criminal offence, where the police merely suspects that they may do so in the future based on nothing more than circumstantial evidence, assumptions or supposed intentions or convictions. Such projections of future behaviour can result from personality or contact profiles compiled by police or secret services, or on algorithmic risk assessments (such as a pre-crime program named “radar ITE”). But how should it be ensured that in such grave decisions the balance is not tipped simply by institutional racism and islamophobia?

Such grave infringements on fundamental rights based on vague conjecture are disproportionate, they violate the privacy and personality rights of the people affected and consequently their human dignity. Furthermore, electronic tags can often be quite easily removed or manipulated, so ultimately they are probably unsuitable to prevent terrorist crimes – in particular if the potential perpetrators are determined and ready for anything. One of the two culprits that cut a Catholic priest’s throat in Normandy in 2016 was wearing an electronic tag, and the attack on a Berlin Christmas market in late December 2016 would hardly have been prevented in this way either – while it turned out that other police measures that would have been effective were not used.

Civil society protests and Green inner-party conflict on the “Hessian Trojan”

Strong protest and resistance has stirred against the Hessian draft law. A broad alliance of democracy projects, human rights groups and privacy organisations is supporting a joint declaration that rejects the planned tightening of the law, saying that it damages democracy and fundamental rights2. In a hearing in the state parliament, a large majority of the expert opinions strongly criticised the plans and called for significant changes3.

The Green party base has also voted against the black-green plans, especially against the legalisation of the “Hessian Trojan”, refusing to support the position of the Green parliamentary group4. And rightly so, as the Green Party generally rejects State Trojans, and the Greens in Hesse had promised in their election campaign that no remote evidence gathering would be allowed as a preventative measure5. But the parliamentary group is stubbornly holding on, justifying the breach of the election promise by pointing to “terrorist threats” that supposedly require wider monitoring of digital communications. This lousy game with public fear of terrorism, played in order to restrict liberties for supposed gains in security, has up to now been avoided by the Greens and left to other players like the Christian Democrats or the “grand coalitions” between Christian and Social Democrats. But now the Green parliamentary group in Hesse is itself taking part in the surveillance poker, joining the race to outdo the competitors, and even brazenly claiming that a “Green handwriting” were discernible in the draft law.

In the light of such laws on police forces or secret services in Federal States, as planned in Hesse under a black-green government or in part already enacted in Baden-Württemberg with its green-black government, the Greens can begin to say farewell to their self-conception as a party of civil rights.

Commentator Heribert Prantl of the Süddeutsche Zeitung has written about a “digital inquisition” with State Trojans and voiced his surprise that most people seem to go along with this. This laudation is therefore now going to end with an appeal for strong mass support for constitutional complaints like the one lodged by Digitalcourage against the State Trojan. This is an act of civil self-defence. And there is still time before the Hessian draft law is to be passed by parliament. The wide-spread voices of disapproval should finally be heeded.

Congratulations to the parliamentary groups of the CDU and the Green Party in the parliament of Hesse on the BigBrotherAward 2018.


Updates to this awardee

Unfortunately, we do not have the capacity to translate our updates into English.


Portraitaufnahme von Rolf Gössner.
Dr. Rolf Gössner, Internationale Liga für Menschenrechte (ILFM)

1 These state trojans are developed for German security authorities by the “Central Facility for Information Technology in the field of Security” (Zentralstelle für Informationstechnik im Sicherheitsbereich, ZITiS), which was set up in Munich in 2017.

2 Joint declaration (Humanistische Union)

3 Expert opintion on the draft law on the Hessian domestic intelligence agency (Web-Archive-Link) and a report (Web-Archive-Link)

4 netzpolitik.org: „Streit um geplantes Hessentrojaner-Gesetz bei den Grünen“ (Web-Archive-Link) und gruene-hessen.de: „Digitale Gefahrenabwehr statt digitaler Gefahrenquellen“ (Web-Archive-Link)

5 Digitales Hessen – Netzpolitik ist Zukunftspolitik (PDF)

About BigBrotherAwards

In a compelling, entertaining and accessible format, we present these negative awards to companies, organisations, and politicians. The BigBrotherAwards highlight privacy and data protection offenders in business and politics, or as the French paper Le Monde once put it, they are the “Oscars for data leeches”.

Organised by (among others):

BigBrother Awards International (Logo)

BigBrotherAwards International

The BigBrotherAwards are an international project: Questionable practices have been decorated with these awards in 19 countries so far.