The BigBrotherAward 2020 in the “Digitalisation” Category goes to Susanne Eisenmann, Minister of Education, Youth and Sports of the federal state of Baden-Württemberg (and lead candidate of the conservative party, CDU, for the state parliamentary elections in 2021), for plans to have essential services of the state’s digital education platform run by Microsoft, thus delivering data and e‑mails of all teachers and pupils in Baden-Württemberg to that US company and to the US intelligence services.

Of course there are warnings and reservations against such a decision. But Dr. Eisenmann will not be stopped: The planned start is just a few weeks away, the ministry announced early in July during a session of the state parliament’s Education Committee.¹

How did we end up here?

Our awardee, Minister of Education Susanne Eisenmann, is under substantial pressure. In February 2018 she stopped the planned self-hosted e‑learning platform “Ella” because of serious technical deficiencies², three days before starting pilot operations in 100 schools. A string of reports about mishaps followed: expert reports revealed that the state-owned IT service provider tasked with the implementation had commissioned subcontractors without being authorised.³ There were no clear arrangements. The State Court of Audit found “substantial deficiencies in project management”.⁴ The minister removed the main service provider from the project.⁵ Everything was supposed to be restarted from scratch. Newspapers kept writing about “shambles” and “education platform about to be axed”, for two and a half years.

Ms. Eisenmann intends to run for prime minister in Baden-Württemberg next year, and the corona crisis has pressed the accelerator pedal hard to the floor concerning digitalisation in schools. So the digital education platform just has to work, before the critical phase of the election campaign. Reservations second! (Translator’s note: This is a quote from an election campaign slogan of the German Liberal Democrats, FDP: “Digitalisation first, reservations second!”)

There have been enough warnings about Microsoft.

Let us start with our own warning: After Microsoft received the BigBrotherAward in 2002 for their lifetime achievement,⁶ we awarded the prize in 2018 for Windows 10’s telemetry transmissions.⁷ The hunger for data is growing.The version “A3” of Microsoft 365, planned to be installed by the ministry, comprises a word processor, spreadsheet, file storage, video conferencing, mail server, etc.⁸ Everything is saved to Microsoft servers, and the software keeps precise logs, e.g. about which user has been working for how long on a document.⁹ “No problem”, the ministry says, “the A3 version has configurable privacy settings.”¹⁰ That may well be, Madam Minister, but not all settings are configurable. The so-called “essential services” cannot be deactivated.¹¹

The State Commissioner for Data Protection, Dr. Stefan Brink, is also very sceptical. In a statement he doubted that Microsoft 365 could legally be used in schools: “There seem to be structural features […] casting in doubt that use of the software can comply with data protection regulations without substantial modifications of the data processing by Microsoft.”¹² The data protection impact assessment commissioned by the minister from the company PwC, who, according to their own web site, co-operate with Microsoft¹³, is seen to have “methodological shortcomings” and should be extensively reworked “prior to a potential deployment of the product.”¹⁴

But that’s not all. Even an all-new ruling of the European Court of Justice could not shake the minister. On July 7, 2020 the court had declared the data protection agreement “Privacy Shield” between the EU and the US null and void.¹⁵ This confirms what really had been clear all along: Data from non-US citizens, collected by a US company, can be retrieved by US intelligence agencies on the basis of the CLOUD Act¹⁶ and FISA¹⁷.

Even twelve days after that, Ms. Eisenmann argued in a press release¹⁸ that a server located in the EU would solve that problem. No. Just no. Microsoft’s promise to store the data exclusively on EU-based servers is worthless. The US snooping agencies don’t care where the server is located.¹⁹ Experts – which you condescendingly called “self-styled data protectionists” in a press release – have been telling you exactly that for a long time.

But you have been committed to Microsoft.²⁰

This in disregard of the fact that many schools in Baden-Württemberg already use the secure messenger “Threema”, the free e-learning platform “Moodle” and the free and privacy-friendly video conferencing software “BigBlueButton”. And their experience has been a good one, you said so yourself.²¹ So why are you so keen on changing that? We don’t get it.

We also don’t understand why the data protection impact assessment you commissioned, and the response from your State Data Protection Commissioner²², concerning such an important decision, have not been been made transparent to teachers and parents.

For months, instead, we have been hearing from parents and teachers in Baden-Württemberg that they had been “muzzled by the ministry”, or “I am not allowed to talk about that”, or “I am not taken seriously.”²³

Finally it is supposed to start!

In autumn teachers at a few dozen schools will receive e‑mail addresses and a “personal workspace” with Office software and online storage, everything by Microsoft 365, storage location: Microsoft servers. But this is not just about data of all teachers, which the ministry surrenders to Microsoft (which in itself would be bad enough): minutes of school conferences, Excel spreadsheets or e‑mails exchanged between teachers will always contain sensitive information about individual children. It is impossible to separate that in any meaningful way.

And you intend to just rubber-stamp this without a sufficient data protection impact assessment? The devastating criticism of the State Data Protection Commissioner has not yet been conclusively disproven. We doubt that this could be achieved before the start of the project. Even more doubtful is Microsoft’s ability to implement the required changes before October. But you, Ms. Eisenmann, are hell-bent.

What a coup for Microsoft!

Allowing Microsoft to deploy a school platform means opening the floodgates. If Baden-Württemberg is going to be the first education ministry to make itself dependent in this way, other federal states will follow.

Of course, e‑mails and teacher workspaces are just the first step. “Medium term”, according to ministry’s plans, children will also be using the central file storage.²⁴ After that, they will also get access to the Office software packages – anything else would be nonsense from an educational-politics point of view.

This means that from an early age, children are getting accustomed to Microsoft products, and will be reluctant to change to a different software later. The corporation rejoices. This means they will be able to circumvent the prohibition for advertising in schools because they will be the officially authorised service provider for the ministry. This vendor lock-in effect, combined with data protection risks, is an epic pedagogical error.

This is not how we envisioned digital sovereignty²⁵.

One more thing: A Microsoft school platform is a ticking bomb

Initially, only teachers will be connected. Maybe they won’t object at first – it is their employer’s decision, after all. But a few months later, the parents will become involved.

We know that a lot of parents and teachers have objections against data-collecting software. What happens if they seize their fundamental rights and wisely refuse to agree to Microsoft’s data protection agreement? Are you going to enforce their “yes”? Or perhaps exclude children from class? The agreement to data processing must be voluntary – there is a conflict between the GDPR and compulsory schooling, don’t you think, Madam Minister? (Translator’s note: schooling is compulsory in Germany.)

Dear Ms. Eisenmann, would you want a big company and US intelligence agencies to know what you wrote in your youth in school essays about common themes? About euthanasia? Abortion? Homosexuality? Or the death penalty? This is a question other schools and ministries flirting with Microsoft should also think about. We are also talking to them in this laudation, when we say:

Turn back, Ms. Eisenmann!

Stop your plans for introducing Microsoft 365 as part of the education platform before it is too late! Before parents’ and teachers’ associations drown you in a wave of lawsuits.

Continue on the way you had already started, using Threema, BigBlueButton and Moodle: continue to rely on free software, open formats, decentralised architectures and on Nextcloud (a software which, incidentally, is being developed right at your doorstep, in Stuttgart). From a financial standpoint it is the best solution anyway. The State Court of Audit agrees.²⁶

24 million euros have been earmarked for the educational platform for Baden-Württemberg. Invest this in the adaptation of free software to your needs! Create know-how! Upgrade servers and storage, as you already did during the deployment of Moodle at the beginning of the corona crisis.²⁷ Public money invested like that will also benefit others. (“Public Money? Public Code!”)

Well, all that won’t be quite ready before the parliamentary elections. But parents and teachers will be grateful. And so will our liberal and democratic educational ideals – and those are certainly worth preserving.

Congratulations for winning the BigBrotherAward 2020 in the category “Digitalisation”, Dr. Susanne Eisenmann.

Awardee Adsress:

Ministerin Dr. Susanne Eisenmann
Ministerium für Kultus, Jugend und Sport
Thouretstraße 6
70173 Stuttgart
0711 279-0
0711 279-2810
poststelle@km.kv.bwl.de

Authors: Claudia Fischer, Jessica Wawrzyniak, Leena Simon

The BigBrotherAward 2020 in the Category “Politics” goes to The German Federal Government (supported by the coalition of the parties CDU/CSU and SPD), represented by the Chancellor, Angela Merkel (CDU), for its joint legal and political responsibility for the US drone war, which violates international law and is conducted via the satellite and data relay facility at the US airbase at Ramstein (in the German region of the Palatinate). This is the largest US air base outside US territory, with just under ten thousand military and civil personnel. It is here, on German soil, where weaponised drone operations in the Middle and Greater Middle East and on the African continent are controlled.

These “unmanned” aerial vehicles are used both to spy on target subjects and for arbitrary executions of “terror suspects”, ordered by the President of the day without due legal process. These attacks, to which innocent civilians regularly fall victim, are in violation of human rights, humanitarian international law as well as the prohibition of indiscriminate killings. This is because they mostly occur outside of armed international conflicts, and can only rarely be justified by an imminent threat to life and limb and by the right to self-defence.

This ultimately amounts to a policy of murder, started by President George W. Bush after 9/11 and considerably extended under Presidents Barack Obama and Donald Trump. Such state-sponsored manhunts that put the general public at risk are clearly insidious and cruel. But, one might ask, what is the connection to Big Brother and the negative award of the same name?

To answer this question, we need a little more background. In the last years and decades, numerous attacks on alleged “terror suspects” have taken place in Iraq, Afghanistan, Syria, Pakistan, Yemen, Libya, and Somalia. Thousands of people have been killed, or more precisely: murdered, many have been injured and maimed.

In summer 2012 three members of the Bin Ali Jaber family were killed in Yemen. A year later, in December 2013, as many as 17 members of a wedding convoi were killed from the air, in Yemen. This has continued into this year in Yemen, in the Middle and Greater Middle East, in Africa and Pakistan. In January this year, the notorious Iranian General Qasem Soleimani was hit during a stay in Iraq – in a drone strike that also claimed the lives of Soleimani’s travelling party and of innocent bystanders, and which led to a dangerous escalation in the Middle and Greater Middle East.

Such drone murderings should potentially put the drone warriors and their accomplices into the dock at the International Criminal Court, for multiple murder and suspected war crimes. Today we will make do with presenting a BigBrotherAward, hoping to put considerations into the spotlight that many may not immediately be aware of.

1. Such drone strikes are always preceded by a more or less prolonged period of spying out and investigating potentially suspicious targets, their patterns of behaviour, social surroundings and local circumstances. Before attacking, the military will create secret rulesets and process communications from mobile phones and computers in order to identify “terror suspects” or “endangerers”, and turn them into potential death candidates. Coordinates, location data, photos and videos that are gained in the process are forwarded to the US via the military base at Ramstein, where they are processed and interconnected with satellite images, telephone surveillance data and intelligence information – including German intelligence – and condensed into profiles of people, contacts, behaviour and threats. These constitute the data that supports the subsequent attack.

It is therefore appropriate to speak of a “cyber war” that makes the drone war possible. A certain degree of suspicion – due perhaps to the supposed membership of a terrorist group and an alleged threat to the US – is all that is needed for someone to end up on the secret “kill list” of the US administration.¹

The button to fire the deadly rockets is pressed by the “drone pilot” – almost in the style of a computer game – via a joystick in the US, thousands of miles away. Communication to control the drone and trigger the firing are relayed via the data and satellite relay in Ramstein and via a trans-atlantic fibre-optic cable. The world-wide US drone war is therefore logistically supported and remote-controlled from Ramstein.² Why Ramstein, of all places? Because the curvature of the earth makes direct control from the US impossible. That is why the US airbase in the German region of the Palatinate is regarded as the indispensable “central nervous system”³ of the US drone campaign.

2. The consequence is: Germany has long become an integral part of the US-led so-called war against terror, which is in violation of international law and entangled in all the other US and NATO wars and war crimes, which are just as illegal. This in spite of Article 26 of the German Constitution, which says that “acts tending to and undertaken with intent to disturb the peaceful relations between nations, especially to prepare for a war of aggression” are unconstitutional and a punishable offence.

That is why the German government is in the focus of a “BigBrotherAward”: It shares legal and political responsibility because it won’t take action against these murderous activities on German territory. The US airbase in Ramstein is not an extraterritorial area, it is part of the realm where the German Constitution applies – even though in practice, the Constitution and international law lose their significance behind the gates of Ramstein. The German government has a legal obligation to act on behalf of the (potentially) affected people – in legal terms, a “guarantor's obligation”.

That is also the view of the Higher Administrative Court of the German state of North Rhine Westphalia: This court rebuked the Federal Government in early 2019 and ordered it to meet its obligation to protect, and to actively investigate whether combat drone operations via Ramstein violate international law.⁴ Humanitarian international law, which prohibits indiscriminate killings of civilians, is binding to governments, administration and the judiciary of Germany according to Article 25 of the German Constitution. The court found that the government had not yet met its obligation to protect. In fact, the government has so far denied any responsibility and thus tacitly accepted killings that originate from German soil.

The case was brought by three members of the Bin Ali Jaber family from Yemen, who had lost close relatives to an attack with rockets launched from drones and had themselves been severely traumatised. Without the US base in Ramstein, they argued, their relatives would still be alive. The continuing drone strikes left them living in constant anxiety and fearing for their own lives and their families. They called on the German government to take appropriate measures to stop US drone operations from Ramstein. Instead, the German government has lodged an appeal to overturn the ruling.

3. The demands by the complainants in this court case are justified and have our support. These arbitrary killings at the click of a joystick from a safe distance, made possible by the processing and relaying of data in Ramstein, are a form of state terror for which the German government shares responsibility. It could submit US military bases on their territory to the scrutiny of German security authorities – these are obliged to investigate criminal behaviour as a principle of law. Following the drone strike against General Soleimani, members of the German parliament from the Left Party pressed for criminal charges against government members for aiding and abetting murder by failing to take action – but this was unsuccessful: The Federal Prosecutor General refused to start an investigation since German officials had no “obligation to avert the effect” of such actions, and they were not criminally liable for other states’ violations of international law.⁵

Still, German state institutions are obliged, according to jurisdiction from the Federal Constitutional Court, “to enforce international law within the scope of their responsibilities, when third states violate it”.⁶ The German government could terminate the agreement on the presence of US forces. After all, the Trump administration is already planning to withdraw part of their troops from Germany – but this does not affect the Ramstein base. It is incomprehensible that the responsible state actors are doggedly refraining from action, and this probably borders on a breach of the German Constitution.

As long as no radical change of course can be seen, protests and interventions from the peace movement against Ramstein as a central data and operations hub of US war policies and against illegal drone wars remain urgently necessary. The drone war against terror is an act of terror in itself, and it continues to produce ever more terror, as former drone pilots have stated in an open letter to then US president Barack Obama in late 2015. The US drone war, they wrote, “is one of the most devastating driving forces for terrorism and destabilization around the world”.⁷ And this is tolerated by the German government.

Congratulations on the BigBrotherAward 2020 to Chancellor Angela Merkel and the governing “grand coalition” in Berlin.

The BigBrotherAward 2020 in the “Education” category is shared by the BrainCo company and the Science Campus (Wissenschaftscampus) Tübingen.

Do you remember what it was like to be in school? What you learned? Calculations using the rule of proportion or percentages, Latin grammar, the countries of the Earth, photosynthesis …

Were you always alert and attentive? Well?

Didn’t you also learn some rather different lessons, such as spontaneous improvisation when you hadn’t done your homework, composing a poem instead of recapitulating French vocabulary, feigning interest while your thoughts were far away …

Thoughts are free, who can guess them? They fly by like nocturnal shadows. No person can know them, no hunter can shoot them with powder and lead: Thoughts are free! (Original: Die Gedanken sind frei, a well-known German song, lyrics from ca. 1780 or earlier)

Those times are over now! Finally we have means to instantly check whether students in the classroom are paying attention: The FocusEdu headband! It measures students’ brainwaves via EEG, in real time. Finally we can see whether students are concentrating or not, it is literally written on their foreheads. An LED on the headband lights up and shows: blue means relaxed (therefore not attentive), yellow is attentive, red is highly focused. At the same time, attention data is radioed to the teacher’s computer. So even after the class has finished, the teacher can check who was attentive or otherwise. Of course the school management and the parents can take a peek too. Everything is recorded.

That is not science fiction. It is not a joke.
That is our awardee in the “Education” category for the BigBrotherAwards 2020!

It is: the BrainCo company.

BrainCo is a tech startup from the orbit of Harvard University and the MIT¹ in the United States. BrainCo makes EEG headbands and the related software and promotes the use of these headbands in the classroom. In their own words:

BrainCo's FocusEDU provides the world's first technology that can quantify real-time student engagement in the classroom.

EEG – electroencephalography – is a technology to register brainwaves. The standard process involves “wet” electrodes that are slapped on one’s scalp using a contact gel. These days there are “dry” measurement methods using polymer electrodes. These won’t mess up the hair and they can easily be integrated into a slick headband. And thus the market has opened.

In Germany so far, BrainCo’s headbands are mostly promoted as a tool for self-optimisation via bio-feedback. But the mass market that is created by the digitalisation of education is what this is really about.² The claim is that brain analysis can show how attentive someone is. The plan is to introduce this technology to the classroom to drive students towards higher learning performance.

You might be thinking now: Okay, but if a student is not solving a maths problem but working hard on a new rhyme for their hip-hop track, they are fully focused all the same – only on something else. Think again. Because BrainCo does not only register the attention level of an individual, this level is also compared to find whether it rises and falls in sync with everyone else in the class. If not, we will know: This person is thinking about something else. And soon the teacher will appear next to that student – “to help them”.

No escape for young songwriters.
No more chance for thought criminals.

Dear George Orwell, an update for “Thought Crime” is available. Would you like to install it?

How reliably attention measurement using EEG works is actually questionable. It is known from medical uses of EEG that even small movements of facial muscles or eyes can cause artifacts that might distort the results. What will surely work, though, is the conditioning of the students: “I must concentrate really hard, or else I will be caught because everything is recorded.”

This is not learning – that is dressage.
We say that it is digital violence.

Sadly, this surveillance technology is not just a curiosity in the BrainCo research lab, it is being tested in US classrooms already – in a field trial, so to speak. The same thing is happening in China. BrainCo founder Bicheng Han has excellent relations to the People’s Republic. The largest BrainCo investor is China Electronics Corporation, the largest state-owned IT company,³ with branches in Beijing, Shenzhen and Hangzhou. Photos and videos⁴ from schools in the US and China where the headbands are in use are more than disturbing.

All this would seem just monstrous to us – but far away as well. This could never happen in Germany.

Wrong!

A group of scientists at the University of Tübingen, a traditional university town in South-West Germany, is actively researching this very technology.

And that is our second BigBrotherAwards winner in the “Education” category: The “Leibniz” Science Campus at the University of Tübingen.

Their research project is called “A Cognitive Interface for Educational Improvement: Assessing Students’ Attentional Focus in the Classroom” and it, too, uses EEG.⁵ Again, the researchers are confident that they will be able to measure attention via EEG.

The Tübingen group takes this one step further: In another project they analyse students for typical patterns of brain activity, which are then fed back to a computer-based learning program. The system recognises overload from tiny changes in brain activity and in the pupils. If a student is overstressed, the program automatically switches back to an easier level.⁶

For optimal learning, tasks should be demanding, but neither overtaxing nor undertaxing”, [research team leader Peter] Gerjets explains. Our idea is to present learning tasks in such a way that difficulty always stays at an intermediate level.”⁷

Great. So the dim students can share a room with the mediocre ones and the high-flyers – but no longer interact in a way where they can learn from each other, as everyone is in solitary confinement in front of their computers.

Next to EEG, the researchers in Tübingen utilise another technology: eye tracking, following the eyes’ movements with an infrared camera. This way they can determine what a student has read and what they have overlooked. As the students turn to the next page of the lesson material, they might receive a message: “Hold on – you haven’t read the text in this grey box yet.”

Dear researchers of the Leibniz Science Campus Tübingen: Do you seriously believe that you can raise students to become free and responsible in this way?

This is harrassment. Patronising. It is confining people in mediocrity.

Yes, playing around with technology is fun. Great if you can even secure research grants for it. But it is your duty to consider the wider implications to society.

Why all this focus on focus, anyway? Because it can, at least seemingly, be measured, verified, and controlled. Because you can build rankings from it. Perhaps because conglomerates like Bertelsmann regard learning platforms as the next cash cow with huge potentials for growth.⁸

Are we about to sacrifice the most important goals of education – learning to learn and growing one’s personality – to an automatically verifiable notion of “performance”?

Thinking back to my school days, I ask myself: What was really important? The answer is: Not the actual subject matter – even though that did give me a good start – it was the personality of those teachers that had passion, courage, and engagement:

Our class teacher, Mr Dedering, who decided on his own that one of his five weekly German lessons would be turned over to Politics. Because he was convinced that young citizens should know how democracy, legislation and the rule of law work. And that opinions must be substantiated and political debate practised. Mr Halle, whose social activism was belittled by us adolescents and earned him the nickname “Cake Dieter” due to the many bazars he organised for schools in Africa. And still he gave many of us the impulse to work for a better world. A big “thank you” for that to my former school, where there was room for personalities – there were the weird and mean, against which we had to learn to assert ourselves, and there were role models for life.

Education is that which remains after one has forgotten everything.

Finally, there is a trend that should make us all think:

Of all people, it is the managers and developers in Silicon Valley companies such as Google, Apple, Microsoft, Facebook et al. who are now sending their children to Montessori and Waldorf schools⁹ without computers, tablets or smartphones¹⁰. In their job, these people work to make people spend as much of their lifetime as possible in front of the computer. For their own children they would prefer for that not to happen.

No, this award speech is not a plea to ban all computers from schools. That is not what we as Digitalcourage want – we love technology! But this speech is a stand against digitalisation as an educational imperative and a panacea. A plea against datafication and permanent surveillance of students, against a dressage using learning software and learning analytics, against degrading the value of the teacher as a human counterpart and against commercialised education.

Will students of the future still come up with something as revolutionary as the theory of relativity, or write powerfully eloquent literature, if they can’t even look out of the window and let their minds wander? Humans need dreamful, creative and erratic thinking in order to come up with something new. We need the independent, the resistant mind, and we need to learn solidarity. We need this as individuals – and our society needs it as well.

Once again, for those taking notes: Habituation of constant surveillance must not become the secret curriculum in schools and universities. The use of EEG and eye tracking in schools is a violation of human dignity.

Don’t do that.

Dear awardees – I hope you were listening attentively, and we say

congratulations on the BigBrotherAward, BrainCo company and Leibniz Science Campus Tübingen!

The BigBrotherAward 2020 in the “Authorities & Administration” Category goes to the Interior Minister of the Federal State of Brandenburg, Michael Stübgen, and his predecessor Karl-Heinz Schröter, for permanently storing vehicle number plates.

In Brandenburg, details on more than 40 million vehicles have been permanently stored for many years in the computer system for automatic number plate recognition, which is called “KESY”.

We only learned this through sheer coincidence. How did that come about?

In February 2019, a young girl from Berlin called Rebecca went missing, and she has not been found to this day. The nationwide reporting on this case brought to light a juicy detail of Brandenburg police practices: Police officers from Berlin reported quite frankly about the automatic checkpoints for vehicle number plates on the A12 motorway, which runs from the capital through Brandenburg towards Poland. There, the car of Rebecca’s brother-in-law, who was initially a suspect in this case, was registered by the KESY number plate recognition system immediately after the time of the crime.

However, the actual investigation only began much later, and data on this car was retrieved from KESY as part of that investigation. The brother-in-law’s car was found in the records. And the police in Berlin presented the fact that the vehicle was registered shortly after the crime as an important finding.

Much to the regret of police colleagues from neighbouring Brandenburg. Because the investigators there were not at all enthusiastic about the talkativeness of their Berlin colleagues. Attentive observers quickly wondered how it is possible that the passage of a car was registered and stored before it was even advertised for search. It soon became clear that the Brandenburg system stores and retains its data on number plates of all vehicles that have passed through in a very extensive way (and possibly for a very long time) without any concrete reason. 40 million data records, from which movement profiles can be deduced, were stored in reserve. A data retention for movement data of cars.

However, this is not permitted:

Paragraph 36a of the Brandenburg Police Act regulates “searches by automatic licence plate recognition for specific occasions”. As the title already says, this should not be a permanent surveillance, but related to “specific occasions” – i.e. only if Police are actually looking for someone who could be found with this method. This is probably how the Federal Constitutional Court read it when it praised the Brandenburg regulation as exemplary in its ruling on automatic number plate recognition¹.

But the reality is different, unfortunately.

It has been known for some time that the implementation of the law in Brandenburg is dubious. As early as 2015, the state commissioner for data protection in Brandenburg stated in her annual report that the devices are not operated in “search mode” – as the law mandates – but in “recording mode”. This means that instead of immediately comparing each recognised number plate against a wanted list and then deleting it, in Brandenburg each number plate captured by the device is stored on a central server with time stamp, location and direction of travel. The police have thus been able to create a slowly growing movement profile of vehicles that regularly drive on the A12, e.g. to work and back.

In order to circumvent the limitation of purpose that is stipulated for KESY in the Brandenburg police law, those responsible have come up with a special trick: They made sure that there was always a judicial order against some person that provided justification for such surveillance. In doing so, they used paragraphs of the Code of Criminal Procedure, which by their very nature are only directed against specific suspects – extensive data retention is by no means permitted. Nevertheless, the police in Brandenburg interpreted this as a justification to simply keep all data permanently. Judges dealing with preliminary investigations have therefore issued orders effecting in comprehensive surveillance, probably without questioning how this is actually implemented. Because otherwise they would have had to suspect much earlier that such measures could not be implemented without comprehensive data retention.

The police are apparently not interested in deletion deadlines, so that by the beginning of 2020, some 40 million data records had accumulated. “Surely you can use everything somehow at some point.”

And that was not all: as it turned out, an unfathomable number of government employees also had access to the stored data.

Right from the start, KESY was sold to the public as an indispensable tool in the fight against crime (and terrorism – of course!). The police tried to placate the critics by arguing that the devices only sound the alarm when a car matches an entry on the wanted list.

It is completely incomprehensible why the Brandenburg data protection authority did not pull the emergency brake much earlier, even though it had already noticed in 2015 that the devices were running in recording mode practically all the time.

At least the data protection commissioner did check at all. Surprisingly, however, she then found in her “partial examination under data protection law” of 28 July 2016 that the legal regulation (§ 36a BbgPolG) was sufficiently defined, clear in standards and proportionate, did not suffer from a lack of necessity and “the current implementation practice of preventive identification searches complies with data protection law”. Does it now …

When political pressure from the opposition increased after the extensive data retention became known, the data protection commissioner back-pedaled, issued an objection² and instructed the police to ensure more data protection. As a consequence, the number of people authorised to access the “live data” was reduced from more than 50 to less than 20, and the old stored data was to be deleted – if it was not still needed.

In any case, the industrious data capture and storage continues.³

The Constitutional Court of Brandenburg is expected to decide how to proceed with KESY and the retention of data for number plates. There, a motorist (Marko Tittel of the German Pirate Party) is suing against the recording mode, while the Interior Minister and current BigBrotherAward winner Michael Stübgen reproaches critics by saying that a change in practice “would only please criminals”.⁴

You are wrong, dear Mr Stübgen: we would be very pleased if our fundamental rights were respected in Brandenburg, too, and all people who use the A12 motorway from time to time would certainly be pleased as well.

Our congratulations on the BigBrotherAward 2020 go to Brandenburg, to the acting Interior Minister Michael Stübgen and the former Interior Minister Karl-Heinz Schröter.

The BigBrotherAward 2020 in the “Mobility” Category goes to Tesla Inc., represented by Tesla Germany GmbH in Munich, not for the logging of a Brandenburg forestry to build their new plant, and not for the accidents caused by inattentive drivers who overtrusted Tesla’s assistance systems.

Tesla receives this award for marketing cars that extensively and perpetually surveil their passengers and car surroundings. The data obtained is constantly analysed and can be used for any purpose.

The car manufacturer Tesla has received a lot of praise for their electric cars. Among rich and eco-conscious people these cars have developed a cult following. The fact that they are surveillance systems on wheels does not seem to be of any concern to them. The hip cars from California are equipped with sensors for practically everything happening in and around the car.

The privacy statement

To justify this surveillance orgy, Tesla’s terms and conditions refer to consent, to the sales contract, and to legitimate interest, without giving further details.¹

The terms and conditions inform customers what data the company – and I quote – “may collect in a variety of ways”, which include their “digital services”, “other sources”, the “Tesla account”, “offline”, “through your browser or device”.

When collecting data “about your Tesla vehicle”, the company lays claim to the recording of “telematics log data”, “remote analysis data”, “safety analysis data”, “service history”, “charging information”, “navigation data” as a part of “advanced features”, as well as “short video clips using the car’s external cameras”.²

What remains unclear is which sensor data is transferred to and stored by Tesla and which stays with the car and is overwritten. Elon Musk’s company grants itself virtually unlimited rights in its terms and conditions. From a consumer protection standpoint one has to assume that everything that is stated, the company eventually intends to do. Quote:

“By using our products or services … you consent to the transfer of information from or about you or your use ... to countries outside of your country of residence, including the United States.”

Those who disapprove of so much data processing can object online, via e‑mail or by post to an address – in the U.S. However, in the next breath Tesla go on to advise against taking such measures. The company writes:

“This may result in your vehicle suffering from reduced functionality, serious damage, or inoperability.”³

Hurray for voluntariness!

Surveillance all around

One central function of Tesla vehicles is their video and ultrasound surveillance, in driving mode as well as parking mode:

“Eight surround cameras provide 360 degrees of visibility around the car at up to 250 meters of range. Twelve updated ultrasonic sensors complement this vision.”⁴

These sensors facilitate the driver assistance and autopilot function, that is to say semiautonomous driving. They also complement the dashcam, where information can be read out retrospectively in case of accidents. Irrespective of an accident the last 10 minutes can be saved at the push of a button. Via the USB interface the incoming data can be read and analysed continuously.

When the cameras are put into “sentry mode”, a function that has been available since 2019, they capture their surroundings non-stop. As soon as the camera senses a noteworthy movement, a red light flashes on screen and it starts recording. For that to be triggered it suffices that a person walks closely to the car or a car passes close to it. Youtube boasts a host of these clips. A tremor or forced entry into the vehicle triggers an alarm on a smart phone, and if desired the stereo can blast automatically.⁵

Registration plate capture and face recognition – it’s all possible

To demonstrate the potential that this technology holds, the security researcher Truman Kain has built, with little effort, a “Surveillance Detection Scout”, a mini computer that he connected to the USB interface of Tesla vehicles. With it he was able to analyse all cameras in use, capture registration plate information and even conduct face recognition. If, for example, the scout detects the same registration plate several times in a row, it sends an automatic message to the owner’s smart phone and to the car screen: “You’re being followed.”⁶

Musk’s Surveillance Phantasies

Yet another camera is present in the interior of the Tesla Models 3 and Y, right above the central rear-view mirror. It is pointed at the vehicle’s passengers. In a video, Tesla boss Elon Musk justifies its use by explaining that his vehicles can be employed as ridesharing services and self-driving taxis. Via the interior camera, third parties could be held liable for any damages or soiling that occured during a ride.⁷

But that is not the end of Musk’s surveillance phantasies by any stretch of the imagination. Through Twitter he announced, accentuated by music, that his company was working on a feature that would let Tesla vehicles talk to passers-by. In a video a Model 3 can be seen talking at a pedestrian: “Don’t just stand there staring – hop in.” Musk explains: “Teslas will soon talk to people if you want. This is real.”⁸

Soon, parked vehicles will be able to intervene in our discussions, unprompted, while we are out and about looking to have a peaceful conversation.

Tesla and the GDPR

Tesla makes no mention of the GDPR, which is in effect since May 2018. The terms and conditions are only available in full through several clicks, they do not contain a date signature, and they can be unilaterally changed at any time, an option that has been exercised. Regarding information transmission to the U.S. they also invoke the Privacy Shield⁹, a treaty that was recently declared void by the European Court of Justice.¹⁰

Consequently, even normal operation of a Tesla is in violation of the GDPR. The condition of “concise, transparent, intelligible and easily accessible form, using clear and plain language”¹¹ is by no means fulfilled.

Another important critique: this pseudo-consent is only being solicited from the car’s owner. Data collection mainly concerns the driver and/or passengers, who are not necessarily the same person.

A definite no-go in light of the GDPR is the continuous monitoring of the vehicle’s surroundings, i.e. the public sphere. Videotaping and recording people who walk by a car, without acting suspiciously in any way, constitutes a classic case of data retention. In the public space near a Tesla vehicle, we are being recorded, followed, possibly identified, depending on which technology is active. We do not know which of these functions the car is exercising at any given time. Similarly, the hidden video recordings of the interior that are available in some of the models are inadmissable.¹²

Conclusion

To us the case is clear: Tesla vehicles are legally inadmissable, plain and simple. Anyone who purchases a Tesla – in 2019 alone 10,000 new vehicles were registered in Germany – would have to deactivate many services to be in compliance with the GDPR.¹³ They would not be allowed to let anyone enter or drive their car without an instruction on privacy issues. Tesla is a case for the – undoubtably already overwhelmed – data protection authorities. We do not have issues with car assistance systems, nor are we against semiautomated driving. These systems do require sensors and even artificial intelligence. But, from a data protection standpoint, the data collected has to stay largely in the vehicle itself. The transmission and external retention of data has to be restricted to clearly defined situations, such as the triggering of an airbag. However, Teslas continuously gush data and have a long memory.

Our giving this award to Tesla today should not be understood by other German or European manufacturers as a carte blanche for full automation of their line. On the contrary: Their product range, too, stinks to high heaven in many data protection respects. More on that maybe later.

At any rate, at Tesla the stench is excessively foul. That is why:

Congratulations on the BigBrotherAward 2020 in the “Mobility” Category, Tesla Germany.

By introducing this new procedure there is an obvious question: did the two groups (paper ballots in the theatre – online vote) differ in their voting behaviour? It turned that it indeed was. In the online vote, the “Technology” award came second with about a quarter of the online votes, some way ahead of the three following categories. In the paper ballots there was a more even mid field consisting of the “Biotechnology”, “Communication” and “Technology” categories.

In both of these groups, however, there was a clear leader with half of the submitted respective votes: The award in the “Authorities & Administration” category, which had gone to the Interior Minister in the State of Hesse, Pether Beuth. “Congratulations”!

Update: Jochen Wegner accepted the BigBrotherAward to Zeit Online in person, and he received long and respectful applause. It is true that we only investigated the publicly accessible front-end of mycountrytalks.org (where all trackers have since been disabled). Zeit Online insists that the critical remarks we had communicated earlier had already been heard and that the newly developed application, where snippets are embedded into partner media websites, takes extreme care to minimise data. His statements seem plausible. We will continue to observe developments in our continuing dialogue with Zeit Online. The inclusion of the snippets on partner websites that are contaminated with trackers is likely to be a particular challenge. The core message in my award speech remains unchanged. // padeluun, 9 June 2019

The BigBrotherAward 2019 in the “Consumer Protection” Category goes to the online news service “Zeit Online”, represented by its editor-in-chief, and editor for the newspaper “Die Zeit”, Jochen Wegner, for

1) their massive use of ad trackers, including the Facebook Pixel, on their websites zeit.de and mycountrytalks.org

2) having used, during their 2017 project “Germany Talks”, Google servers to store and process all personal data including political opinion and

3) not only accepting sponsorship for the follow-up project “My Country Talks” from Google, the insatiable advertising company with world-domination fantasies, but for also using tracking tools that can forward information to third parties.

Preliminary Remark

This is the first time that I am giving this award to someone whom Rena Tangens and I have been friends with for many years. It is especially hard to criticise friends. This is why this laudation is in the form of a personal open letter.

And I would like to add a second preliminary remark: We highly value “Die Zeit”, as well as “Zeit Online”. We also appreciate their project “Germany Talks” (“Deutschland spricht”), which has now been internationalised as “My Country Talks”. We know that this BigBrotherAward pertains to at least three quarters of all media houses in Germany, which should also be standing here to receive this award. As is often the case, this BigBrotherAward is intended to make things better: in the media industry, but also in organisations, companies and government institutions.

Dear Jochen,

You have always liked to humorously refer to me as a “long-haired bomb thrower”, and in contrast, in an article you wrote about us in the daily “taz” in May 1995 (when we were still called “FoeBuD”) you were quite impressed by our clean offices and our determined reliability.

When we skated from Bielefeld to Bonn on inline skates in 1998, to receive an award called “Sinnformation” (“Sense-Information”), we slept in your living room.

Forward to 2017, the year of a federal election campaign. You were planning a project that was to bring you admiration and honour. It is called “Germany Talks”. People with preferably contrary opinions are to talk to each other, in private and in person, face-to-face. Interested people could apply on a website. 28 000 people answered your questionnaire with nine questions about political points of view. Then two people with contrary opinions, living not too far from each other, would be put into contact so they could talk on neutral ground. You accompanied some of these meetings and wrote about them. You, Jochen, editor-in-chief and co-inventor of the project, took part yourself. Your article about your meeting with “Neighbour Mirko” is a brilliant piece of journalism.

The project “Germany Talks” was given — and entirely deserved — a Grimme Online Award last year.

One thing, however, was really daft: as always, everything had to be done quickly and cheaply. So you stored and processed the entire data of all participants including their political opinions in the cloud tools of Google’s Office Suite. Zeit employees, including yourself, told us that you used these tools for other parts of distributed editorial work (whistleblowers will now have their hair standing on end).

It is so tempting for businesses: I can easily use this professional cloud service to process my customer data, my mails and my calendars. To make it appear compliant with data protection regulations, one has to sign a lengthy agreement. While a friendly “google.com” smiles on from the address bar, you click “accept” and enter into a contract with a Google company, allegedly headquartered in Ireland.

I checked: the evidence I can find on the location of these cloud services points to Mountain View, California, and these services are operated by “Google LLC”.

What’s so bad about processing editorial content and political opinions of people on the computers of a big company striving for a global monopoly? After all, you signed a mutual contract, which stipulates that the data is completely secure, and there is also the EU–US Privacy Shield agreement.

But Privacy Shield is just window dressing. I can read that in at least 40 search results on Zeit Online. A further 160 results on the Zeit Online websites tell me that there is a thing called FISA.¹ The “Foreign Intelligence Surveillance Act”. According to this act, US intelligence agencies have unlimited access to data about non-US citizens stored at US companies, whenever they like and regardless of server location. And as we have learned from Edward Snowden, US government agencies had a dedicated line to Google.

Wouldn’t it be a bit naïve to assume that your data, the data of all “Germany Talks” participants, and your informants’ data, etc. has not found its way onto the NSA’s computers quite early on?

And you should know better. I can find the name “Edward Snowden” on your website 1 600 times. You have published grand articles about the Snowden case, outstanding analyses, FAQs and comments. Have you pushed all that aside? It is not all that bad?

And there is this: If I read correctly, the Zeit Online websites are delivered via a Content Delivery Network called “Fastly”. The IP addresses I tested point to Paris, but Fastly is a US company, headquartered in San Francisco, California. As I said before: FISA applies even if the servers of a US company are located in Europe. This law supersedes any contract you may have with a company.

Back to “Germany Talks”. Observant readers already nominated you for a BigBrotherAward in 2017. We advised you early on that what you were doing on Google infrastructure was a total no-go. And now you have developed the project further. It is now called “My Country Talks”. You had software developed, and you have partners in fifty countries using it. And in all these countries you help people get together and talk to each other. (I have to emphasise this again: This project is great, please, by all means, continue!)

The quick realisation of the 2017 project was done in “digitalisation first, concerns second”² style. Anyway, the new software is no longer hosted with Google in the USA but in Frankfurt, Germany.

In the Amazon cloud.

…

Of course I cannot audit your service provider’s software from outside; privately you assured me that data were no longer processed on Google computers. And of course I looked at the privacy statement, which is identical to the one at Zeit Online.

I even printed it out. It is seventy-nine (79) pages long. Some of the phrases I had to have translated with the help of IT security expert Mike Kuketz’s blog:

You utilise tracking technology from DoubleClick, and go on to explain in the privacy statement that you don’t know exactly what Google does with the data they collect. And there is the “DoubleClick Bid Manager” – hang on, they are now the “Google Marketing Platform”, where everything is interlocked even more and where Google Analytics (mentioned two pages on) is integrated even more deeply. And people can log in with their Facebook account. And there is the Facebook Pixel: you betray to Facebook who your readers are. All of them! Even those who deliberately do not have an account with the data criminals at Facebook. Now what Facebook does with that data, you don’t know either, as you note in the privacy statement. At least that’s honest, but legally that means that you are not allowed to use this technology. At least that is my understanding of the General Data Protection Regulation. And even more Google, Facebook, Google, Facebook, Google, Google. AdSense, AdWords, Google Publisher Tags, Tag Manager (where new trackers can be activated day by day!) and so on and so forth. Oh, Google Fonts, these fonts downloaded from Google, they are not even mentioned. Roughly 30 trackers and services are mentioned in your privacy statement; when I “surf by” Zeit Online I retrieve content from about 140 different locations. You, distinguished audience, can try this yourself using the two easy tools called “WebKoll”³ and PrivacyScore.⁴ By the way: The privacy statement of “My Country Talks” mentions using an insane number of trackers and third-party sites: in reality there are “only” a few. But these few are among the worst: DoubleClick, Google Analytics, Google Fonts and the Google Tag Manager, for example.

I dream of “Die Zeit” publishing a comprehensive edition that explains all trackers and shows (with fancy graphics and ingenious data journalism) what flows where and what kind of reader tracking systems you have created. And don’t just always say “marketing and optimisation purposes”, as if the brutal truth was not simply to make money.

Apropos of money …

As I said numerous times before: other editorial offices and publishing companies work the same way you do. Three quarters of all news sites use trackers, as shown very clearly by a blog post on rufposten.de.⁵ Everywhere journalists are desperate to make money in ways other than selling out and betraying their readers’ data. And the big wigs in the publishing companies and editorial offices always look down upon us “long-haired bomb throwers”, who are idealistic, and who simply don’t understand that one has to earn money in this world, and that concerns simply are “second”. And I hear again and again that “everybody’s doing it”. Sometimes that can sound a tad arrogant.

So how can I say it without sounding arrogant myself? “Everybody’s doing it” is not a good way to explain why someone leaves ethics and morals behind. And we are familiar with this challenge: Us idealists also have to raise money to fund our work for another year, and also to pay for the BigBrotherAwards.

To this end we sell things like subscriptions (supporting memberships) and single issues (donations). Digitalcourage pays monthly wages. But we do not use Google software. We do not pour our membership database into the cloud. We think FIRST about protecting those who entrust our data to us. We carefully select free software, build networks so they can be developed and adapted for Germany. Hey, there would be unbelievable opportunities for start-ups, markets and technical innovation, better business models and enjoyable jobs. The only thing missing is that you (and to all those publishers, organisations, government agencies to whom this applies as well) start collaborating, instead of throwing money and souls across the pond and trading a free future without surveillance capitalism for one or two (biblical) lentil dishes.

But Google is one of the most greedy companies, which strives for a data monopoly, spreads itself far and wide with friendly insignia, offers table-top football in their offices, where MEP assistants like to stop by and have a Mate and chill out, which holds web design competitions, co-funds a conference here and two professorships there, which (just like Facebook) sponsors trips to the “Valley” for journalists and offers full journalism fellowships. In other words: Google, Facebook and the like engage in textbook lobby-“landscaping”. What could be better than to fund a software for Zeit Online for a friendly, unifying project?

And while us “long-haired bomb throwers” warn of the data leech Google, Google looks, to people who consider themselves completely normal, completely normal. These people take Google’s web tools, integrate them into small projects, and collect data for Google (which they usually don’t notice). Editors come up with the idea of using Google Office for editorial work without their inner watchdog, which every journalist must have, barking. Thus it erodes away, the soul.

The journalist Alexander Fanta wrote in an opinion on netzpolitik.org⁶ how ashamed he feels for having accepted both his journalism fellowships from Google, and why he wouldn’t do it again. In 2018 he and netzpolitik.org colleague Ingo Dachwitz investigated⁷ much money Google spends on media projects.

Almost everyone accepts money: FAZ received 500 000, Der Spiegel 700 000, taz 109 000, Funke media group 500 000, Wirtschaftswoche 600 000, the Berlin Tagesspiegel several 100 000 €, Rheinische Post 300 000. “In fact”, Fanta and Dachwitz write, “it is easier to list the large publishers who have not been supported: remarkably, Axel Springer, Hubert Burda and Süddeutsche Zeitung are missing.”

I remember an image that sent shivers down my spine in 2013: German chief editors travel to Silicon Valley. They visit all the nice data leeches, take photos at some conference table or in a visiting lounge. But one image shows a complete lack of instinct: The group of chief editors present themselves in front of the Facebook banner in the Facebook headquarters. That is a statement about “concerns never”. Of course it is useful to keep oneself informed about new digital media and look at them oneself. But one should never pose in front of the banner of the enemy, who is stealing your jobs and your advertising money, and take a PR photo.

It fits into the story of corruption that just the other day a board member of the German Journalists’ association (Deutscher Journalistenverband, DJV) published the following statement, with “Gimme the Dough!” (original: Her mit der Kohle) in the caption, and I quote verbatim:

“Facebook funds a ‘Digital Journalism Fellowship’ for the Hamburg Media School, including a class trip to the US. Whoever thinks of large-scale interference has failed to understand two fundamental things: First, Google, Facebook and others have long been financing journalism by offering specific education opportunities, at the Hamburg Media School, and also in the DJV. Second, experienced journalists have enough media competency to know exactly what they are getting themselves into.”

This article makes us doubt precisely that.

Therefore, dear Jochen, here is what I would wish for: Abandon the path of advancing surveillance capitalism and bartering away your readers’ data as a prize for your journalistic work. Give the money back to Google. Persevere in searching for other ways of conducting and financing journalism in dignity. Demand the same from your publishers! That would be an innovation!

If this wish were to come true, if this BigBrotherAward could help, then I will say gladly and from the bottom of my heart:

Congratulations, dear Zeit Online, dear Jochen, for the BigBrotherAward 2019 in the “Consumer Protection” category.

There is a German transcription of this interview or you can watch the video with English interpretation.

Mood Trackers

The number of people diagnosed with depression is continually rising. Several reasons can be identified. Depression is no longer such a strong taboo, for once. But for many the issue is still a cause for embarrassment: they regard it as a weakness to feel sad, lack drive, or be in despair. Which is why some people seek assistance from so-called Mood Tracker apps: these help to reflect one’s own frame of mind and assess whether one is suffering from depression.

It might seem enticing at first to only share such vulnerabilities with my smartphone, which is only seen by myself, in confidence and anonymity. Unfortunately, sometimes it is not an anonymous experience at all: Companies such as Google or Facebook won’t stop looking even at sensitive health data.

One popular mood tracker is Mood Path¹. According to its website the app “accompanies you on your way out of depression” and is CE certified. The site also claims that use of the app is anonymous: no registration via e‑mail or Facebook is required. The latter claim is correct, but there is no anonymity.

Tech blogger Mike Kuketz has given the app a closer look² and found out which data is still shared with no other data leech but – wait for it – Facebook:

• IP address

• Google ad ID (82bbc559-8c1d-4202-a9f0-deb029f62a45)

• App package name (de.moodpath.android)

• App version number (1.0.5)

• Android version (6.0.1)

• Device (Nexus 5)

• display resolution (1080, 1800)

• […]

That is enough to identify you – yes, you personally – as a user of this app.

The picture is similar for the online service Selfapy³. The platform is advertised as a way of bridging the gap until a therapist is found who can take on the new client, or to support an ongoing therapy. The offer includes counselling and online trainings with qualified psychotherapists. The problem is: the website is infested with Google trackers.

Various data scandals have shown that even the largest companies cannot be trusted with data security. Only in April 2019 it became known that passwords of millions of Instagram users had gone astray, in May a security gap in WhatsApp was announced that facilitates installation of spyware – both these services are owned by Facebook⁴.

And even if our own data might not get stolen – do we really want to share information about our psychological health and illness with a company that won’t even shy away from offering psychologically insecure teens as a target group to advertising customers⁵?

Berlin’s Public Transport Company, BVG

There is a particular lie that has been around for so long and so prevalent in everyday life that people have started to believe it: “This area is under video surveillance for your protection”. All studies suggest that video surveillance is no effective protection from violence and terror⁶. And there is grave collateral damage: People who feel that they are being watched change their behaviour. This surveillance pressure and self-censorship affects everyone who moves around in an inner city area. There is hardly a place where we are not being goggled at and filmed by cameras.

There is no transparency: nobody tells me whether a camera’s images are stored or not. I do not know when stored footage will be deleted. I do not know if the camera is on a network and where the data is sent. We are exposed to this whenever we are in a public space, and we can’t do anything but hope that the people operating the surveillance equipment will adhere to the law and know how IT security is done.

Berlin’s Public Transport Company (Berliner Verkehrsgesellschaft, BVG) ups the ante: A question to the State government of Berlin (the Senate) revealed that new cameras in BVG trains and stations can record and transfer sound as well as images⁷.

While BVG assures us that the microphones are disabled, no passenger is able to verify this. And experience shows that where surveillance technology is installed, it will get used at some point in time. Surveillance equipment, once it is acquired, is never written off as a failure and removed. Normally it gets extended and used for more and more purposes.

To ask so much trust from one’s passengers seems absurd. In particular if the company in question apparently distrust its passengers so much that it monitors them at all times using cameras from various angles.

It should have been clear for long that security requires neither cameras nor microphones. People who look out for each other and have the courage to step in if a situation calls for it are more effective.

“Smart Cart” – Edeka supermarket in Porta Westfalica

“The most modern shopping trolley in the world!” This slogan from a data-collecting start-up together with the Edeka-Center in Porta Westfalica seems a bit forced. It refers to the so-called “EASY Shopper”, a shopping trolley that promises ultimate comfort to customers: self-scanning will avoid long queues at the check-out. Enter the product into a built-in tablet and be guided towards it via GPS. Great discount campaigns, and: submit your shopping list at home and all you need to do in the shop is push the trolley where it tells you to go.

How the trolley knows your shopping list? Exactly, that is the catch: Via a connected app, or using the “DeutschlandCard” – a loyalty card just like Payback, which is only worthwhile to the involved companies via trading the data that is stored, that is, the shoppers’ preferences: coffee or tea, cheap sausages or vegan sandwich spread, menstrual cup or sanitary pads, toilet paper from recycled tissue or extra soft …

To register these data and then store and sell it is shameless – to even advertise such practices using superlatives of the word “modern” even more so.

We have said it before – back then it was with regard to face recognition and personalised advertising⁸: Dear retailers, we prefer to do our shopping without monitoring and surveillance. Unfortunately this is almost impossible online, but you can do it in offline shops – so far! We want it to stay that way. Please don’t wreck this unique selling point through your own misguided actions!

Commendation: physicians’ association “Freie Ärzteschaft” and Jens Ernst

An infrastructure named telematics to exchange health data between surgeries, health insurances and pharmacies is under development in Germany. This is related to the switch to the electronic health card, or eCard. Tasked with the implementation is a company called Gematik, “„Gesellschaft für Telematikanwendungen der Gesundheitskarte” (company for telematics applications of the health card).

Exchanging health data via the Internet is a problem in itself. We only mention this general issue in passing.

Our main point here is due diligence regarding IT security. To be linked to the telematics infrastructure. surgeries and hospitals must purchase certified connectors and have them installed. Unfortunately this has gone badly wrong.

As the connectors were installed, a misconfiguration caused the firewall and antivirus software to be deactivated in hundreds of surgeries. All patients’ data was exposed to the net without strong protections. Gematik wants to shift the responsibility for the error onto the implementing service providers and the individual doctors. These are under enormous pressure because they are facing fines if they are not linked to the infrastructure until the end of June 2019 – the end of this month.

This grave error only became known where competent IT employees in surgeries double-checked what the telematics admins were doing. Above all, Jens Ernst: he maintains IT in several surgeries and made these sloppy practices known. That is courage! Praise is due to Jens Ernst and all other people in independent surgeries who observe reckless practices and go to the trouble of informing the public as well as resolving the individual issues.

The BigBrotherAward 2019 in the “Technology” Category goes to the “Technical Committee CYBER” of the European Telecommunications Standards Institute (ETSI), represented by the Chairman Alex Leadbeater, for its effort to mandate the “Enterprise Transport Security” protocol (ETS)¹ as part of a new technical standard for encryption on the Internet in order to establish a predetermined breaking point in secure connections.

But let’s start from the beginning:

Encrypted connections, e.g. during online banking or shopping, have become standard practice. We can tell that we are using them by two signs: First, a padlock symbol is shown in the browser’s address bar. Second, the web address starts with “https”. The communication channel between browser and server is now secured by means of “Transport Layer Security”, or TLS for short. The currently used version 1.2 of the TLS protocol is more than ten years old, and since then, attack vectors have been discovered that can be used by criminals or government agencies to break the encryption. A new standard is required.

For more than two years, international committees such as the “Internet Engineering Task Force”, or IETF, have met with expert cryptographers to design an encryption standard than can be considered secure for the years to come. The result of this is version 1.3 of Transport Layer Security, or TLS. Most browsers have already implemented a preliminary version of it. So far, so good, so secure. If it wasn’t for ETSI.

Because while the consultation on TLS 1.3 was still ongoing, representatives of the financial industry and others took the floor and argued that they had strict compliance requirements that made it necessary to log the content even of encrypted communication such as exchanges between financial advisers and customers, e.g. to prove that they act lawfully. They claimed that they need key escrow – a duplicate key in order to be able to read everything, even if it was encrypted for third parties. Actually, they could read the clear text on their own servers, but for an IT department it is easier to tap into the data in one central location.

Naturally, European secret services were delighted with the idea of key escrow. First and foremost the British GCHQ who is represented via members of the National Cyber Security Centre in the “Technical Committee CYBER” of the European Telecommunications Standards Institute (ETSI), our awardee.

The IETF, however, had expressly decided against including key escrow in their standard TLS 1.3. Nevertheless, the ETSI wanted to have its own way and developed a special version of TLS, the so-called Enterprise TLS, or ETS.

ETS comes with key escrow. It is encryption with a predetermined breaking point. When using the stronger TLS 1.3, a browser and a server negotiate new keys regularly. When using ETS however, a fixed key is deposited with the server operator. This might be legitimate for banks as they are usually dealing with their “own” communication content.

The catch with the ETS standard is that government agencies can oblige server operators to configure such a fixed key and to hand it over so that officials can decrypt all communications with a website at a later date. This would include messages sent. Should this duplicate key fall into the hands of criminals, they could intercept passwords and other sensitive information.

There is another special nastiness: Browsers and hence users have no way of telling this “broken” encryption standard from the real thing. The key symbol is displayed in either case, and for the browser it is very difficult to find out if a fixed key has been escrowed.

Despite all the warnings from the IETF and other experts, the members of our awardee, the “Technical Committee CYBER” have created a second standard that is likely to be used in practice. Whoever uses it will put users at a grave risk of being spied on while they are assuming that their communication is secured.

For these reasons we advise all developers and technical decision-makers to avoid ETS like the plague and to use the much more secure TLS 1.3 protocol. Sadly, non-technical users have almost no way to influence this decision. This second, insecure encryption standard called ETS wreaks havoc on online security. All we can say is an ironic “thanks for nothing”.

Congratulations, Technical Committee CYBER of ETSI, on the BigBrotherAward 2019!