Jan Philipp Albrecht is the EU politician thanks to whom we now have a real chance for data protection in Europe. As rapporteur for the EU’s General Data Protection Regulation, his work has been seminal. Through his and his team’s efforts, a harmonised approach to data protection in Europe is now within reach.

Strong data protection in Europe

Many of our goals have actually been implemented in the regulation – but unfortunately, many are still missing. The new data protection regulation is a good start. Now we must keep a careful eye on the way the EU member states will put the regulation into practice. There are many decisions that will be taken at this step, for example in the field of employee data protection. So things are still on edge.

Without Jan Philipp Albrecht, his assistant Ralf Bendrath and the whole team, we would not have the General Data Protection Regulation in the form it has today. Perhaps there would be no new regulation at all. Jan Philipp Albrecht has enduringly fought off manipulative interventions from lobbyists over four years. With patience and competence, he managed to even convince political opponents or at least negotiate acceptable compromises.

Hard work for freedom and fundamental rights

Jan Philipp Albrecht has lived up to his MEP’s mandate and worked in the interests of European citizens. He has shown hat engaging for freedom and fundamental rights is worth the effort. There is a documentary movie, “Democracy”, that impressively shows this work. To watch these people working is a real appetizer to join the political debate.

Trailer „Democracy“

The BigBrotherAward 2016 in the “Technology” Category goes to Berlin’s Public Transport Company (Berliner Verkehrsbetriebe, BVG). It has been in use in Berlin and environs since 2013 – the VBB “Fahrcard” (literally “ride card”), a contactless chip card, also referred to as “(((eTicket”. With it everything was supposed to be better, faster, more modern. It was not really faster – its introduction did not take quite as long as the completion of the new Berlin Airport, but indeed several years. Nor have the boarding process or ticket inspection become faster. Because the reading devices are terribly slow.

Perhaps that is because these are by no means just reading devices – actually they also write on the card each time. Namely: date, time, bus route and bus stop. And these log entries occur not only with the BVG, but also with other members of the Berlin-Brandenburg Transport Association (Verkehrsverbund Berlin-Brandenburg, VBB), namely: the Oberhavel Transport Company (Oberhavel-Verkehrsgesellschaft, OVG) and the regional East German Railway (Ostdeutsche Eisenbahn, ODEG). So their passengers carry a little data leech in their pockets. (Incidentally: The e-ticket in Hong Kong bears the rather fitting name “Octopus Card”. Although the Hong Kong card – in contrast to the Berlin variety – can be used anonymously.)

The passengers were unsuspecting. And they probably still would be, if it were not for the Berliner Fahrgastverband IGEB (a Berlin passenger association) and the online magazine golem.de. The passenger association deserves credit for having exposed this data leak. In December 2015 it discovered that BVG buses stored movement points on the contactless chip card with NFC technology (Near Field Communication, a form of RFID radio technology) – in particular, at which bus stop and at what time the passenger entered the bus on a certain route. Even though this is a monthly ticket, for which individual journeys are not relevant in any way!

Using the stored starting points, a movement profile can be generated. Ten entries can be stored on the card. And this logbook could actually be accessed by anybody with easily affordable equipment – a smartphone with NFC capability and the app Mytrack is all that was needed. And then, for example, someone might read-out his partner's card and ask her “Why did you start out so late yesterday to pick the kids up at the day-care centre?” or “What were you doing last weekend at the trade-fair premises?”

The BVG really went awry in this matter with their information policy. They lied to their customers for years. They claimed that it was technically impossible to store movement profiles on the tickets. But that is false, and if it were not for the passenger association IGEB and the technical research done by the online magazine golem.de, we would not have known what really went on. For there is a technical standard for e-tickets – the so-called VDV Standard. VDV stands for “Verband Deutscher Verkehrsunternehmen” (association of German transport companies). And from the start, this VDV Standard provided for the storage of data in a so-called transaction log – including movement data.

Then the Berlin-Brandenburg Transport Association VBB confirmed – but only upon repeated enquiry -- that the cards could do this in principle. The BVG made the excuse that they did not order this function from the manufacturer, but that the manufacturer simply implemented the (((eTicket Germany specifications. And so the BVG casually passes the buck to the card manufacturer. Still the BVG is to be blamed for negligence, since they are of course responsible for verifying the software they use. The problem existed since at least April 2015, but probably for several years previously. Subsequently the BVG informed the public that there was no question of a “data leak”.

Why does the official BVG advertisement with the rapping ticket inspector come to mind:

“Doesn't matter to me – doesn't matter to me – doesn't matter to me”

This show of haughtiness, irresponsibility, coolness and ignorance obviously is what many Berliners consider to be insignia of urbanity.

I do not. Some things do matter. I remember the New York bus driver on the bus I rode for an hour though Brooklyn on the way to Prospect Park. He had a friendly greeting for each passenger, helped those boarding and warned when starting off “Hold on, we're moving”. He was the host on this bus – he felt responsible and wanted everyone to have a good ride. The passengers rewarded this with an exhilarating, friendly atmosphere on board. This is exceptional for New York too, but it shows the difference between a passenger and just an instance of transport.

Yes, it does matter whether the BVG collects movement data on the cards. At the end of December 2015 they had to deactivate all reading devices in the buses. Now they offer to erase the data already stored on the cards. To have that done, the customers must visit the BVG customer centre. For a while scissors were the only means of removing the data – by cutting up the cards. Since mid-February the necessary software seems to be working.

This BigBrotherAward does not just apply to the BVG and the others in the VBB transport association, it is also meant as a warning to all the public transportation companies around the country, who are preparing to or have already put electronic tickets into service, for example the HVV in Hamburg, the VGF in Frankfurt and the RMV in the Rhine-Main area.

And the BigBrotherAward points out a number of other concerns:

1. The technology behind the FahrCard / e-tickets is obscure to the customers. The normal stamp on my paper ticket is legible and I can carry it with me. Electronically collected data are mostly out of my reach.

2. The BVG and the VBB transport association have gambled away customer confidence through their incompetent actions and by playing down the privacy issues. They have proved that it is best not to trust them.

3. We question the very principle: why is it necessary at all to record the journey from A to B on the ticket?

In order to answer these questions, let us get off the BVG bus and direct our attention to transportation as a whole. We need to broaden our view and have the courage to think big.

Public transportation nearly everywhere in Germany is already by about 70% financed from public funds and not by the passenger. And that is appropriate, since environmentally friendly mobility, accessible to everyone, is a public concern and serves the common good. Besides, individual traffic by motor car is also heavily subsidised.

In order to reduce car traffic in towns and elsewhere, many places are considering eliminating tickets and fares altogether. Then each and every person can travel anywhere at no charge. Thus public transportation expands its ridership, saves the cost of selling and checking tickets, and the environment profits as well. Internationally, many examples prove that it works.

The Belgian city of Hasselt for example: In 1997 – as the car traffic in town had become unbearable – the new mayor, Steve Stevaert, suggested to forgo building a bypass road and instead make the town’s bus service free of charge. The bus routes were expanded, 15-minute bus intervals established, and parking fees in town raised. The plan bore fruit – the gratis buses are a hit and the quality of life in town has greatly improved for everyone. Several other towns around the world have followed this example, among them are Tallinn in Estonia, Aubagne (a suburb of Marseille) in France, Manchester in Great Britain and Calgary in Canada. There is a whole line-up of cities worldwide in which we would not need a ticket for trains and buses. And in Germany towns and municipalities have taken interest in gratis public transportation, for example Tübingen. In Berlin the parliamentary group of the Pirate Party carried out a feasibility study which showed that a ticketless system would work there.

The semester tickets offered by many universities, where the student ID becomes a season ticket, are an important achievement because young people become accustomed to travelling by bus and train and refrain from acquiring a car.

There is a good reason to examine this topic right now. Predictions indicate that when self-driving vehicles come onto the market, traffic will increase enormously. Then mum won't have to go on that time-consuming tour to three schools, but rather the self-driving car will deliver the offspring individually to their lessons. And the businesswoman, who doesn’t like the stress of driving herself, may in future switch from the Intercity Express train to her own car with auto-pilot. Therefore transport companies and politicians should take countermeasures now and offer attractive short and long distance public transport as an alternative.

Back to Berlin and the legal basics:

We recommend that the BVG read the Federal Data Protection Act (Bundesdatenschutzgesetz, BDSG), paragraph 6c for “mobile personal data storage and processing media”. Section 1: “The authority issuing a mobile personal data storage and processing medium (…) must inform the parties concerned, in a generally comprehensible form about the manner in which the medium functions, including the nature of the personal data being processed” and in section 3: “Communications that trigger data processing must be distinctly recognisable for the parties concerned.” Well, that didn't quite work in Berlin. And while you're at it, those responsible at the BVG, go on and read, for future developments, paragraph 3a about data minimisation.

Alexander Dix, the former data protection officer for Berlin, demanded appropriately: Passengers must be given the option to use the program and make payment without leaving a trace. The ticket vendor must provide customers with a way to purchase pre-paid tickets using a pseudonym and pay by cash. Keep that in mind, dear transport services, if you want to offer e-tickets. Otherwise …

Final Stop: Total Surveillance – please disembark

We demand: In addition to all the other important aspects such as environmental protection, climate protection and attractive mobility at fair prices, data protection must be included in any considerations for future short and long distance transport services. The registration of all passengers and routes travelled by bus or train may seem by some to be a trifle. But it is an important jigsaw piece in the overall picture of total surveillance. As the decision of the Federal Constitutional Court (Bundesverfassungsgericht) on telecommunications data retention remarked: A single measure might somehow seem acceptable – but if it tilts the surveillance “balance sheet” such that citizens feel they are being watched each step of the way, then it is not compatible with our basic free and democratic order. The constitution gives us the right to move about freely – and its first article regarding personal dignity stipulates that we can do this without being constantly monitored, registered and recorded.

And that does indeed matter.

Congratulations on your BigBrotherAward and may you always enjoy boundless mobility, dear BVG.

Prostitutes Protection Act (Prostituiertenschutzgesetz)

The German government is about to finalise its draft of the “Prostitutes Protection Act”. This is mainly intended to be used against forced prostitution. Unfortunately, this law will also make life difficult for those women that are entirely happy with their chosen profession, even though sex work is being discriminated against in Germany even today. From our point of view as the BigBrotherAwards, the law must be reprimanded mostly for two reasons:

Compulsory registration: Via an obligation for sex workers to register and receive medical counselling, there is the hope of obtaining a better overview of the situation. But this amounts to an enforced outing, because there is no reason to trust that these data will be handled with sensitivity. As a result, those (mostly) women who, for example, have children or who also work in another job will not register, to spare their children from bullying or avoid a threat to their other job. But this will expose them to additional threats because they will lose legal protection and be vulnerable to blackmailing. Whether a better picture of forced prostitution will actually emerge from these measures is doubted by many experts.

Inviolability of the home curtailed for all women: Police or local public order authorities will be able to enter a home without the requirement for a judicial decree, if a suspicion is raised that prostitution is taking place there. But a suspicion can easily be raised, be it from a prudish neighbour or a scorned admirer. With the Prostitutes “Protection” Act, a new legal means is created that can unhinge fundamental rights without clear procedural rules. If a suspicion is enough to overrule the inviolability of the home, every woman – sex worker or not – loses the security from arbitrary encroachments by the state in her home.

Google Impact Challenge

With the impact challenge, Google wants to bring the work done by volunteer organisations or associations up to the digital state of the art. In truth though, with the Impact Challenge the corporation can tap into a new data source: civil society. The aim is that organisations use Google products for their internal and external communications, for their topical and administrative work and for their social media campaigns. But that means that the organisations deliver information on themselves, their work and their supporters to Google. Further, they make themselves dependant on Google”s terms of service and privacy conditions. Google is using its power as a de facto monopoly. For its data business we gave Google a BigBrotherAward in 2013. Elsewhere, Google was repeatedly reprimanded for insufficient privacy protections in 2015. In short: Google is the wrong mentor for civil society, which is why it receives a BigBrotherAwards reprimand in 2016.

Cashless Festivals

Visitors of the “Berlin Festival”, “Lollapalooza” and others in 2015 were equipped with an RFID wristband. The alleged intention was to improve crowd control and introduce cashless payment at food and drink stalls. At the Hurricane festival in Scheeßel in Lower Saxony, the introduction of the technology in 2015 meant that on the first day it was simply impossible to buy anything. Still, the operator is waxing lyrical about the incredible advertising opportunities that partners will encounter through these wristbands. And now he knows exactly which people prefer pizza and whether women prefer falafel. The pop critic and deputy head of culture at the daily paper Berliner Zeitung, Jens Balzer, described a “depressing picture of long, silent queues in front of chip charging stations” and concluded: “There is hardly a better illustration for the entanglement of consumption and control in a digital capitalism that has become total.” As he added, talking to public broadcaster Deutschlandfunk: “And I don’t want to spend time with people who just don’t care if anyone has their data.”

The BigBrotherAward 2016 in the Newspeak category goes to “Datenreichtum” (data opulence / data maximisation).

The concept of data avoidance and minimisation has been propagated by privacy advocates for a long time, because not creating or collecting data is of course the best data protection¹. So it was just a matter of time for the opposite of data minimisation to be derived – the antonym, as it is called in linguistics. The English language already had big data, which lacked a German translation. The new German equivalent “Datenreichtum” (literally: “data opulence”) sounds even more positive – who would not want to be rich? After all, data is now considered the raw material of the “digital economy”. The fact that this business practice damages privacy is often ignored. To warn about such dubious business models, it would be better use the term “data obesity”.

Remarks by Digitalcourage on the term’s history

“Datenreichtum” as an alternative concept to data minimisation was first put forward by Germany's minister of transport, Alexander Dobrindt (of the CSU, the Bavarian “sister party” of Germany’s main conservative party, CDU). In a speech during a national IT summit organised by IT industry association Bitkom on 19 November 2015, he demanded that by 2020 we should “finally overcome this rather flawed super-principle of data minimisation, and speak of data opulence instead”. In Germany, politicians still like to brand the Internet as the “information superhighway” (or “data autobahn”), which might explain why the transport minister feels responsible for IT infrastructure. The German website of KPMG immediately celebrated the new expression in a blog post and summarised: “Data minimisation must come to an end.”

The BigBrotherAward 2016 in the category “consumer protection” goes to The Generali insurance company, represented by its chairman of the board, Giovanni Liverani, because the company promises bonuses to the insured, if they in turn agree to be put under surveillance.

When I was working on the speech for this awardee I thought to myself, this sentence is really all that needs to be said:

“The BigBrotherAward 2016 in the category ‘consumer protection’ goes to the Generali insurance company¹, represented by its chairman of the board, Giovanni Liverani, because his company promises bonuses to the insured, if they in turn agree to be put under surveillance.”

Congratulations. Next candidate, please … Mr. Liebold, your turn again …

But wait! It’s not that easy.

In 2007, we already awarded a prize to a company that was planning to introduce so-called “pay-as-you-drive” premiums onto the market. Do you remember? You would have a kind of “black box” in your car, telling tales about your driving style to the insurance company, but if you drive very considerately and observe all speed limits, your premiums will go down. Back then, people were shaking their heads at the idea, but now, 10 years later, it is here, targeting novice drivers in particular.

Extending the idea to health insurance would mean: analyse data from fitness wristbands, and permanently keep the customers on a very short leash. Whoever gets enough, but not excessive exercise, does sports without overdoing it, whoever has a good heart (in a mechanical, not an emotional sense), whose pulse is regular and whose blood pressure is in the perfect range “of mediocrity”, will get a cheaper insurance. Period. We will put you and your bodily functions under surveillance – and you will pay less. Period. Questions? None. Period. We read about ideas like these every day. The “Techniker Krankenkasse” (technicians’ health insurance company) (who have been jokingly called “Krakenkasse” – German pun meaning “Leech Insurance”) has recently been making the news with them.

But it’s not quite that easy.

Our awardee, Generali, does not yet care about driving (they leave that to their competitors for the time being) but about health insurance – in particular about occupational disability coverage and life insurance. And it is not about making the insurance cheaper.

Because here is how insurance works: Everybody pays, so that those in need can get something out of it. Generali knows this. That is why there are no lower premiums for surrendering your data about blood pressure, pulse, etc., but … points.

Data from my fitness bracelet is thus not queried directly, but I’m asked to use an app which awards me with points for being good and completing my training in a licensed fitness centre. We will recall that we have shown in 2000 with the Payback awardee that the sole purpose of credit-point schemes like this is to bind and control one’s customers.

You cannot get cheaper insurance with Generali points. Instead, you can get discounts for your points in shops which have signed up for the Generali programme. But, of course, only if you buy especially healthy products. Something which has “organic” in its label. And you have to buy it exclusively in certain – few – brand shops. This will probably not include cucumbers or strawberries from your local street market.

Asterix aficionados will probably think of Unhygienix, the fishmonger. He always gets his merchandise, which usually has a slightly pungent scent, from far, far away, from Lutece, instead of catching the fish in the sea, which is very close to the village: “I will not sell fish coming directly out of the water without any guarantee of quality!”

So we are supposed to surrender our most sensitive health data to a company, in order to buy things from other, affiliated companies later. And who exactly gets the data?

Here is what Generali says in a press release:

The media have incorrectly reported that a “Vitality Fitness App” is putting customers under surveillance. But customers do not need to worry at all: the “Vitality” programme and the insurance product proper are legally and administratively separated. The only information received by the insurer is the customer’s status level. Moreover, it is the customer’s own decision whether or not to participate in the “Vitality” programme and which pieces of data they want transferred within the programme.

So who gets the data? Generali does not say clearly, but only states ‘Don’t worry, we do not get your data.’ Well, that’s reassuring … But we know that data, wherever it is, is never left to rot. It will normally be used for some purpose.

Other points to be investigated: For the “Vitality” programme Generali has teamed up with a South African financial company, which came up with a programme called “Discovery”. This is where the data is collected, coming from the fitness centres where people are sweating to collect a few points. We have little information about South African data protection and security laws. But we do know at least that there is no data protection agreement between Germany and South Africa. Does that mean that this data transfer is legal? Well Idoubt it.

The technical term for what is done to the insured in this case is “gamification”. There may be applications where gamification makes some sense. But here everything becomes a game, even the alleged health training. Another silly and obscure point system – in this case not just for surrendering just personal, but most intimate data. And moreover, quasi-compulsory: whoever wants to be motivated to live a healthier lifestyle, and also believes that money can be saved, is almost forced to take part. Who is rich enough – or has the confidence – to resist the siren song of this supposed bargain?

According to a study of the market research company YouGov², one in three people in Germany would sign up for this. Because you can save money! Unless you think about it, at least. And thus you enter the treadmill of self-quantification, self-renunciation and the money-saving craze. With fatal side-effects: surveillance pressure and loss of solidarity.

We consider this a disastrous development.

To reiterate, because apparently it cannot be repeated often enough: Everyone pays their dues in an insurance, including those blessed with rugged health. This in turn pays for all people who are not so lucky to have eternal health – or who were involved in an accident. This is what insurance is about. This is solidarity.

We all suffer, the entire society, if more and more people strive to seek their own apparent advantage by allowing themselves to get engaged in useless stuff. It is disastrous, if more and more people say goodbye to a society based on empathy and solidarity and are only interested in their own advantage and personal gain. Obviously it is a good idea to motivate people occasionally to overcome their inertia and not take the car to drive the one hundred paces to the nearest cigarette machine. So it is fine when the insurance sends me their biannual magazine and lets me decide which appeals I will heed, and which I choose to ignore.

My dignity is inviolable – sometimes I wish that at least the most elementary articles of our constitution could be applied directly to insurance companies and other enterprises. Paternalistic encroachment on people, i.e. treating them like immature little children may eventually lead to them behaving like little children. It is outright malicious to make them believe they actively shape their life and their health – and do so by giving up control to a customer loyalty system, which will use the additional money the customers spend to line other pockets tied to this company.

We must detect and expose gamified offers such as this. We must resist them. We must ostracise them. Because this nonsense puts our social peace at risk. And it puts at risk the inner peace of everyone engaging in this daily act of self-quantification.

In this spirit: congratulations on the BigBrotherAward 2016, Generali Insurance company.

The BigBrotherAward 2016 in the “Lifetime” Category goes to The domestic intelligence agency, “Verfassungsschutz” (“Protection of the Constitution”) – or more precisely, to the Federal Office for the Protection of the Constitution (Bundesamt für Verfassungsschutz, BfV), represented by its president Dr Hans-Georg Maaßen, and to the Offices for the Protection of the Constitution in the Federal States of Germany and their chief officers.

A question: How often, do you think, have we recognised the “Office for the Protection of the Constitution” with a BigBrotherAward in the 16 years of our existence? Must have been two or three times at least, surely? Not true: surprisingly, this secret service has got away complete unscathed until now. We could hardly believe it ourselves – after all, there is more than enough that they have perpetrated, botched, and covered up in their time. Therefore, finally and just as it reaches the statutory age of retirement, a Lifetime award is due for a 65-year history that has featured manifold instances of scandal, power abuse, violations of privacy and civil rights – always, of course, in the name of security and freedom, constitution and democracy.

Any positive activities and accomplishments we will unfortunately have to leave out today, to safeguard secrecy of course but also due to a lack of verifiability. This also applies to the fact that there are indeed qualitative differences between the various Offices and also some “protectors of the Constitution” that are genuinely making an effort. But today we focus on what’s towering above everything else, namely, the prize-worthy negative achievements of our awardee. These can be summarised as follows:

• the “Office for the Protection of the Constitution” is a domestic intelligence service that is a product of the Cold War, it is anti-communist, scandal-prone, and intransparent;

• it has for much too long denied the “old-Nazi” past that has been its defining and lasting characteristic;

• perhaps for precisely that reason, it has largely failed to combat neo-Nazism and racism;

• with its uncontrollable system of embedded informers, it has become hopelessly entangled in criminal machinations and neo-Nazi circles;

• for years it has culpably neglected protecting the population, businesses and the government from espionage, e.g. from the US intelligence agency NSA, despite this being one of its legal duties;

• it engages in systematic, unscrupulous concealment, it has shredded important evidence and sensitive files, and thus undermined any form of parliamentary scrutiny;

• it is tainted by an interminable history of scandals and keeps violating civil, personal and privacy rights;

• ultimately, instead of protecting, as it is tasked to do, it actually threatens and harms the Constitution, the democracy and the rule of law.

Just reading this summary will surely beg the question: which PR agency actually came up with the glorious idea to call this institution, of all names, “Protection of the Constitution”? What is actually behind this nice-sounding name? Parts of the answer, my dear audience, would only unsettle you.¹ But in contrast to what Interior minister de Maiziére did in a different context, I will spill the beans today: Hiding behind the misleading moniker of “Protection of the Constitution” is a government secret service that is marked by ideology, uses covert means and methods such as informers, undercover investigators, agents provocateurs, eavesdropping and spying, and operates with a licence to infiltrate, deceive, and misinform – means and methods that would generally be regarded as immoral and that mostly escape scrutiny of the law. Ultimately, this is where the democratic sector ends – and that is what makes it so evil.

How the secret services deal with private data

To exemplify what secret service actions can lead to, let’s just remember Murat Kurnaz, who had to endure a true martyrdom in the US torture camp Guantánamo over four years, partly because due to “Protection of the Constitution” information he was deemed a security risk. For a different example, let me quote from some files that emanated from secret service security checks:² “It should be mentioned that a particular hobby of his was to read Karl May’s adventure stories.” – “She smokes a lot (even Tiparillos).” – “He is a thoroughly solid, almost boring person, rather the prototype of a civil servant.” – “Has two children, including an unwanted daughter.” – “Physically somewhat weak with a tendency for self-pity. The younger daughter was born out of wedlock. The father is a good-for-nothing. Clothing style is with a lot of contrast, sometimes too young, but he always buys cheap clothes.”

What reads like extracts from perfidious Stasi informer reports is actually taken from personal dossiers of the “Protection of the Constitution” office of the state of Lower Saxony from the 1990s. They were written during security clearance checks of staff in Lower Saxony companies. What would seem like private oddities was of such interest to the secret service because it might perhaps point to unreliabilities and opportunities for blackmailing – such as evidence of extravagance, debt, amorous affairs, sexual deviancies or perhaps “doubts regarding commitment to the liberal-democratic system”. Such stigmatising details from the private or even intimate sphere were enough for someone to potentially be declared a “security risk” within the workforce. Even “security-relevant information” concerning partners could be enough to make the person being checked a security risk³. Not getting employed or even being made redundant would be the consequences.

On the biography of the “Protection of the Constitution”

Since we are presenting a Lifetime award, we cannot avoid reviewing (briefly, at least) the history of our awardee: founded in 1950, established and shaped by several old Nazis, it played a key role in excessive communist hunts in the 1950s and 60s, and in the policy of intimidating professional bans in the 70s and 80s, it was indirectly involved in weapons acquisitions for militant groups. Its CV also contains: secret investigation of political-social movements, of groups and individuals critical of the state and society, systematic collection of personal data on politically “suspect” trade union members and nuclear power opponents, on members of parliament and journalists, lawyers and civil rights activists – without much regard for the freedom of speech, of the press, and of choice of profession. We should also mention scandalous security checks, illegal telephone eavesdropping (in the Traube case, for example), manipulation and cover-ups in the Schmücker murder case, and even the fake bomb attack that entered history books under the name of the “Celle hole [blasted into a prison wall in the town of Celle]”. We are looking at an endless chronicle that found an only temporary climax in the informers affair that scuppered the 2003 case to ban the neo-Nazi party NPD. The case collapsed because too many informers in leading party positions had had an influence on the party’s policies and racist character. The NPD executive in Berlin is said to have been infiltrated so much that through its informers, the “Protection of the Constitution” office could have carried through a resolution to dissolve the NPD branch in the Federal State of Berlin. That would have been easier than the complicated procedure required for a party ban, which has just been initiated at the Federal Constitutional Court for a second time.

Hopelessly mixed up in neo-Nazi circles

But it gets much worse:

• Since the early 1990s the “Protection of the Constitution” has installed an outright network of paid informers – which led the political satirist Jürgen Becker into the rather bitter quip that seeing Nazi rallies often made him wonder whether he was seeing real Nazis or “The ‘Protection of the Constitution’ on their office outing”.

• The “Protection of the Constitution” was actively involved in establishing and operating the extreme right “Thule” network in the 1990s. Thule was used for networking, communicating and coordinating between neo-Nazis all over Germany. One of the main operators was a paid informer of the “Protection of the Constitution” of Bavaria, who was inserted into neo-Nazi circles just for that purpose. He is said to have received a monthly salary of 800 DM plus expenses for technology and operations. Overall, more than 150,000 DM of taxpayers’ money is said to have been poured into this Nazi development and Nazi networking project.⁴

• In the last few years we had to take note how hopelessly “Protection of the Constition” offices, particularly in the Federal State of Thuringia, had let their informers system get involved in murderous neo-Nazi circles. Despite of – or should we say due to? – the presence of numerous informers close to the Nazi terrorist organisation NSU (National-Socialist Underground), the series of racist murders committed by this group could neither be prevented nor investigated for several years.

• It is shocking to see how the “Protection of the Constitution” too often protects its criminal informers or suspect informer handlers against police investigations, in order to prevent them being uncovered (“protecting sources”) and continue to “harvest” them – instead of withdrawing them immediately. That is obstruction of justice by government officials, or psychological support and aiding and abetting criminal acts – but those responsible have never been called to account, even when uninvolved, innocent persons were gravely harmed in the process.

• When parliament committees of enquiry made attempts to throw light on such cases, they had to deal with massive information blockades and suppression of documents – we only need to remember how files were shredded at the Federal “Protection of the Constitution” shortly after the NSU murders became known, or at the Berlin office. Investigators had a glimpse at an incredible abyss of organised irresponsibility, and the cross-party verdict was appropriately damning: “an unprecedented failure of the state and government”.

• In summary, it can be said that the “Protection of the Constitution” has co-financed neo-Nazi circles through paid and sometimes criminally active informers, it has shaped these groups’ racist views, fairly often protected them against police investigations, and strengthened instead of weakened them. In this way it has itself become a part of the neo-Nazi problem.⁵ In the current NSU case at the Higher Regional Court of Munich, there should be far more people in the dock than the well-known actors Zschäpe, Wohlleben et al.: missing are several involved informers and their handlers, and all those responsible for failures and cover-ups in the security executive and in politics.

The laudator’s “bias” and the awardee’s system of secrecy and cover-ups

It is high time to mention that I as the laudator might be “biased” towards our awardee. Why? Because it has put me under continuous secret observation and investigation over four decades, precisely because of my vocal critique of the “Protection of the Constitution” – I was observed like an enemy of the state and the constitution, in all my professional activities as a lawyer, publicist and civil rights activist, with no regard to client and source secrecy. One of the absurd allegations is this: with my public criticism of the security apparatus and security policies, I would defame German security agencies and make the state defenceless against its enemies. I took court action against this inquisitorial snooping on my convictions, on the grounds of massive violation of my fundamental rights to freedom of speech, publication, profession, and to informational self-determination. After a five-year process, in early 2011, the Administrative Court of Cologne indeed declared the potentially record-breaking permanent surveillance to have been unconstitutional from the start.⁶ After almost five further years, in late 2015, the Higher Administrative Court of the state of North Rhine-Westphalia allowed the Federal government’s appeal against this ruling.⁷ So after almost 40 years of surveillance and 10 years of court proceedings, we are going into the next round – with neither the end nor the outcome in sight. It should really be investigated by the Federal Court of Auditors, as a case of wasted public money.

Today’s laudation is probably capable of enriching my sin list at the Federal Office for the Protection of the Constitution yet again. Although my personal file that the office has collected in all those decades is already 2,000 pages strong. This file had to be presented in court – but lo and behold, due to a comprehensive blocking order from the Interior ministry in order to maintain secrecy, 80 percent of it were made unreadable. Removed or blacked out pages dominate the file – a very odd take on data protection. I started parallel legal proceedings at the Federal Administrative Court against this refusal to disclose the file, called “in camera” proceedings, a kind of secret trial where I as the plaintiff had no influence, while the defending Federal Office did. Not surprising, then, what the verdict said: all blocked items in the file had to remain blocked – for “the good of the state”, due to “threat of scrutiny” and for “source protection”.⁸ If it became known who had put me under scrutiny and denounced me, these people’s well-being and life would be threatened, as the caring argument goes.

And that is exactly why I do not feel “biased” as a laudator for the “Protection of the Constitution”, but rather acquainted with the subject quite intimately. Because I know from personal experience, insight and pertinent research how this secret service thinks and operates.

This is what the rule of law turns into when applied to this secret service: the system of secrecy of the “Protection of the Constitution” that is there to protect its contacts, informers and practices is put above everything else – possibly even above preventing and clarifying criminal acts, as the case of Andreas Temme a.k.a. “Little Adolf” showed. This agent handler of the Hessian “Protection of the Constitution” was present at the scene of one of the NSU murders in Kassel, and subsequently he was rigorously shielded against police investigations. This system of obfuscation has extended far into the judiciary and parliaments, whose supposed role of supervising secret services mostly ends in failure. The process of parliamentary supervision is itself secret – and therefore not very democratic. And court cases in which e.g. informers are involved become secret cases in which files are manipulated and witnesses are barred or only given restrictive permissions to testify.

It has to be said clearly and unequivocally: the secrecy of this secret service is what makes it alien to democracy. Why? Because it contradicts fundamental concepts of democracy and therefore, even within a democracy, tends towards developing a life of its own and abusing its powers – ultimately, becoming a state within the state. Taken strictly, it becomes a case for the “Protection of the Constitution”, which would have to monitor itself due to a deficit in democracy.

Hardened after the disaster – and no serious consequences

Rather than undergoing serious legal and structural consequences after this career of scandals and manifold disasters, our anti-awardee is even being upgraded in terms of staff, finance and technology, through budget grants and legal changes, it is increasingly being centralised and interconnected with police forces. Legally, it is now completely free to use criminal informers, and it is set to be given powers to investigate social networks like Facebook, Twitter & co. without concrete suspicion.

The technical capability for this exists because the “Protection of the Constitution” received a test version of the infamous spying software XKeyScore from the US agency NSA as early as 2013. This facilitates monitoring and processing of phone, email and internet communications at a large scale. In return, the service promised to provide the “big brother” NSA with German meta data and surveillance data evaluated by XKeyScore – data that could be distilled into movement, contact, and behavioural profiles of the users affected. This deal of data against software was contrived and executed outside any parliamentary control.⁹

The secret plans to systematically monitor social networks, which are gradually being implemented, were revealed by the Internet publication “netzpolitik.org” in 2015.¹⁰ The Federal Prosecutor General reacted by subjecting the journalists behind the leak to an investigation for alleged treason – initiated by a criminal complaint from the president of the Federal “Protection of the Constitution” office, Hans-Georg Maaßen, who was piqued that his precarious armament plans were now known to democratic society. After severe protests against this attack on press freedom, the criminal investigation had to be squashed and the Federal Prosecutor General, Harald Range had to resign.¹¹ But the person that incited it all, Mr Maaßen, is not facing any consequences.

Socially responsible dissolution in the interests of democracy and civil rights

These plans for upgrading the “Protection of the Constitution”’s capabilities in no way solve the problems posed by secret services in a democracy. With the wider technological capabilities in the digital age, such anti-democratic systems have the means to pervade and undermine society and democracy in increasingly aggressive ways. Since no reform of the “Protection of the Constitution” can solve the problem of secret services in a democracy if it leaves the substance of secrecy and the mess of uncontrollable informers untouched, all that is left to achieve functioning democratic scrutiny of secret services is to put a stop to these clandestine, intransparent and intrusive surveillance and data leeches.

Notable civil rights organisations such as the Humanist Union and the International League for Human Rights have consequently called for the “Protection of the Constitution” as a secret service to be dissolved in a socially responsible way. This call goes not against the Constitution itself, because the law does in no way require that the “Protection of the Constitution” need to take the shape of a secret service. Cases of violent orientations, concrete threats or crimes need to be handled by the police and the judiciary anyway.

We will finish with a revealing quote that shows what seedy promises the Federal Office for the Protection of the Constitution makes to lure new recruits, which it needs to cope with the requirements of its upgrade: When working for the “Protection of the Constitution”, people can do “what you always wanted to do – and get off scot-free”. This is how the self-styled “service provider for the democracy”, Hans-Georg Maaßen, tried to win new personnel of the more unscrupulous kind in a radio interview on MDR (the public broadcaster for the Federal States of Saxony Anhalt, Thuringia, and Saxony).¹² As an example he named “telecommunications surveillance” – or, as one could elaborate: snitching, infiltrating, deceiving, and cover-ups, and all of these without fear of punishment or control of any kind.

Instead of that, our recommendation for the “Protection of the Constitution” is to take an undeserved retirement, in the interest of civil rights, democracy and the Constitution. Meanwhile, our congratulations for the BigBrotherAward 2016.

The BigBrotherAward 2016 in the “Economy” category goes to the campaign platform change.org, represented by the Berlin branch of the US company of the same name, because it uses personally identifiable information of people who signed petitions for the company’s own business purposes in varied and non-transparent ways. Based on information about the petitions somebody signed, this company creates profiles e.g. on political opinion, position in society, social situation – and it uses these for its own profit. As a matter of fact, change.org is not a non-profit social movement in digital form, it is a commercial enterprise whose business model focuses on the use and exploitation of sensitive personal information as well as on trading e-mail addresses.

You know these e-mails: A close or not-so-close acquaintance sends us information about some issue or scandal and asks us to go to change.org and sign an online petition for or against it. These days, it could be about the right to education for Syrian children, about creating humane conditions for refugees waiting in front of the Berlin State Office for Health and Social Welfare (Landesamt für Gesundheit und Soziales, LAGeSo), or about secret lobbying in the German Bundestag (the lower house of parliament).

Sure, as a critical political person I sympathise with these causes and will be happy to support them with my electronic signature! Online, it’s super easy! At change.org, I just need to register once with my last name, first name, and e-mail address, and immediately I can have my say. The fact that details about my signature will be stored permanently is something I’ll put up with for the good cause. I would not know what else happens to my data because as always, I agreed to the terms of use and to the privacy policy without reading them. What could happen anyway on a site that boasts such positive things on its About page as

Our mission is to empower people everywhere to create the change they want to see, and we believe the best way to achieve that mission is by combining the vision of a non-profit with the flexibility and innovation of a tech startup.

To empower people and create change I want to see is just what I want. We all want change, don’t we? And it’s important to me that I can use change.org to further my causes and interests without cost.

Contrary to the progressive and social self-description on their website, change.org is not really an altruistic or non-profit organisation. As a case in point, take the funding model, which is “venture capital backed” even though the management stresses that investors have no influence on the operative business. Investors include powerful and famous industry greats such as Twitter co-founder Evan Williams, LinkedIn CEO Jeff Weiner, Ebay founder Pierre Omidyar, Bill Gates of Microsoft and the British entrepreneur Richard Branson.

Indeed, at first sight, the services of change.org are free for normal users. change.org does however make money with sponsored petitions whose initiators pay for the opportunity to display advertisements to users. And the price list for using all those e‑mail addresses goes to up to a bracket of US$ 250,000–500,000. The list of those who use change.org reads like a “Who is Who” of charitable organisations, from Médecins Sans Frontières via Oxfam up to Unicef. Greenpeace Germany attach importance to the statement that they have no business relationship with change.org. Change CEO Ben Rattray told major German news magazine “Spiegel” a few years ago that he wants to turn change.org into a world-wide brand for online activists, just like Amazon has become for book purchases.

All right, so change.org is a for-profit enterprise. But I don’t mind receiving petitions about similar issues after I have signed one. On the contrary, the more I learn more about the issue, the better.

Change.org’s handling of signatories’ data is problematic. Besides name, address and e-mail address, the corporation collects information about the petitions a person supported. Change.org grants itself permission to do so in its privacy policy.

The details collected allow change.org to gain insights about each individual’s political or societal affiliation or social situation, among other things. These insights enable change.org to offer targeted advertisements for other petitions, and thereby influence opinion-forming processes. Moreover, it can not be ruled out that change.org uses its knowledge about opinions and positions to give specific support to paid-for petitions.

Processing and using such sensitive personal data, especially information about political opinions, is forbidden by German and European data protection laws. This cannot be overridden by the declaration of consent used by change.org, which reads,

By signing, you accept Change.org’s terms of service and privacy policy, and agree to receive occasional emails about Change.org campaigns (you can unsubscribe at any time).

The same is true for people who create an account and are simply shown this note at the bottom of the login window:

By joining, or logging in via Facebook, you accept Change.org’s terms of service and privacy policy.

Neither declaration constitutes an effective basis in data protection law for processing and using sensitive personal information. This means for instance that by German and European data protection laws, change.org must immediately delete all information it holds about political opinions of petition supporters.

Similar considerations apply to the handling of personally identifiable information from “social networks” such as Facebook. From people who have an account there, change.org collects,

(…) your social media account ID and information shared with us via your social media account

In connection with social networks, change.org turns into a full-blown data leech that sucks up and holds on to any bit of information it can get.

Incidentally, signatories don’t even need to have entered their addresses themselves, because these are not verified with a confirmation link. So everyone could enter email addresses of anybody else, and these people would never even know.

Given so much disregard of applicable data protection law, it comes as no surprise that the current privacy policy of change.org does not meet legal requirements. On 6 October, 2015, the Court of Justice of the European Union (CJEU) ruled that the Safe Harbour Framework is ineffective – the so-called Facebook ruling (‘Europe v Facebook’). Ever since, data transmissions to the USA require new and stricter regulations, but change.org still refers to the invalid “Safe Harbor” Framework.

In other words: change.org did not even care to adapt its privacy policy to current jurisdiction in Germany and Europe. Instead, the corporation affords itself data processing practices with no basis in data protection law. A simple change of its terms would not do the trick anyway: even the new EU–US “Privacy Shield” does not offer sufficient protections against the low privacy standards in the US.

In terms of data protection law, nothing is going well at change.org.

The corporation’s website used to mention a Berlin office, but this text was removed. But the company still has directors and managers working in Berlin, and lately it advertised a “full-time” job in “Sales and Business Development”, “in close collaboration with Business Dev colleagues in Berlin”.

Well, but at least they use these addresses for a worthy cause. More justice, better protection of the environment – that’s not evil.

Careful there: change.org neither has a “human rights” or “environmental” agenda itself, nor is this corporation a “grassroots movement for a better world”. The personally identifiable information it stores primarily serves as a cash cow. To be honest, change.org should rename itself to change.com.

The services of change.org are open for all social and political tendencies. For example, in Germany this corporation has no qualms whatsoever about  simultaneously promoting, under the keyword “refugees”, a demand to open the Balkans route and a call for the resignation of Chancellor Angela Merkel because of her welcoming policy. Anybody can pursue an agenda using change.org, and search for supporters. Oxfam just as well as Pegida (“Patriotic Europeans Against the Islamisation of the Occident”, a far-right anti-islamic movement in Germany) – as long as it generates lots of clicks. In contrast to other petition platforms, change.org does not have its own political agenda.

Change.org also allows petitions for conservative parties and organisations, such Sarkozy’s Republicans in France. Not necessarily because change.org shares these views – the explanation might quite simply be that the to right of the centre, the corporation’s address collection has not yet grown large enough. In the US, change.org placed job ads for a campaigner who was supposed to help expand the address collection on the political right by launching petitions or making contacts in those circles.

But all of these arguments don’t taint the positive and world-improving petitions running at change.org. Is it not even a truly and radically democratic approach to accept all causes and let the people vote with their signatures? Shouldn’t we emphasise this aspect instead of shaming this company with a BigBrotherAward?

Not at all. No matter what objective a change.org campaign may have – because of the corporation’s data collection mania there is always a risk that personal details of its signatories will be processed unlawfully and used for a totally different purpose. If you launch a petition, your name will be used to write to other users – that is, your will be held accountable for the corporation's business purposes, and your friends and acquaintances will be drawn into the reach of the data leech.

If you would like to launch an online campaign, you should choose a different platform. One that values data protection and will never use sensitive personal information for its own purposes.

Heartfelt congratulations on the BigBrotherAward 2016, change.org.

The BigBrotherAward 2016 in the “Workplace” Category goes to IBM Deutschland GmbH for their software “Social Dashboard”. “Social Dashboard” analyses data from the in-house social network system “Connections”: Every participant is assigned a score for his or her “social reputation”. The analysis takes into account the connections to colleagues, who is reading and recommending whose memos in the intranet and who is connected to other departments and colleagues to which degree. This way, the employer can gain new insights into the social status that individual employees have among their colleagues.

Having employees share knowledge and experience in-house is vital for most enterprises. Moreover, the word has spread by now – at least among the big companies – that they shouldn’t use Facebook or WhatsApp for this kind of communication, because the knowledge at stake ought to be well guarded. But the basic concept of social networks is simply too attractive – consequently enterprises just develop their own in-house networks, such as Microsoft’s “Yammer” or “Connections” in case of IBM. These platforms can be imagined as internal lookalikes of Facebook, Twitter, Dropbox or Wikipedia.

IBM Connections is a cloud-based platform aimed at enabling and encouraging knowledge transfer and networking within the company. So far, so good.

When individuals connect to each other or someone “shares” a piece of information, these activities contribute to generating a so-called “social graph” – a network of connecting lines between persons. Whenever the recipient of a message votes for it with a “like” or shares it with others, there has to be interesting information in it – or at least it is funny … IBM’s Social Dashboard transforms this data into a score representing the social reputation of the employee.

We assume the IBM research team has been reading the book “The Circle” by Dave Eggers without realising that it is a dystopia, and not an instruction manual. The book tells the story of a worker at a customer service centre who is pressured by her boss into increasing her so-called participation ranking (“PartiRank”), meaning she is supposed to bolster her degree of connectedness within the team – in addition to her already enormous workload.

Just as the social pressure arising from Facebook and the like leads users to reveal more personal data than they actually want to disclose, "The Circle" unfolds towards total transparency and control in the end. The pressure to further raise the score leads to excessive labour. Novelist Dave Eggers invented the story – IBM is working on making it real.

At this point, one might argue that with the "social score", a new, better, qualitative scale of evaluation is created for enterprises and employees. Introducing the "social score" means that it's no longer just about who has done his or her time in the office, but work performance can be assessed in a new and different way. This way it will, for example, be possible to break up encrusted hierarchies, because the skills within the team are allegedly evaluated in a more objective fashion. And after all, it is fun as well! Fueled by "likes", it's like a game to achieve a good score with a couple of mouse clicks. "Gamification" is the magic word of our day. Everything is turned into a competition, a "challenge". At the workplace, too.

But that's not true. Even "Social Scores" don't evaluate how meaningful and effective a person's work is – but only, how much "social dust" the person raises. The "Social Score" is creating wrong incentives: trivial "Likes" add to the score, pointless forwardings clog mailboxes that are already cluttered with messages, and popular links distract from the actual task. And who will prevent my colleagues from conspiring against me not to grant me any likes? "Social Scores" open the door to new ways of bullying and create a new source of stress in the workplace: in addition to performing your tasks, you must now also be careful to avoid a sudden slip in the social ranking.

With this award, we want to remind ourselves that an analysis of communication structures and social graphs is profoundly sensitive and questionable according to labour law. IBM has tested the "Social Dashboard" in-house with volunteers. Should there indeed be a company considering to introduce anything like that in this country, their workers' committee will hopefully bark loudly. Even if the software is not called "IBM Social Dashboard" but "Microsoft Delve", or is created by a completely different company: in the end it will always be the same: more pressure on employees without producing meaningful insights into the quality of their work.

"Social scores" are just another attempt – just like facial and movement pattern recognition in video surveillance – to translate human behaviour into numbers and thus to give more and more power over the analysis of our behaviour to machines.

Social developments like this have to be exposed – in our opinion, the very attempt is worth a BigBrotherAward. Congratulations, IBM.

At the top of the field was the “Politics” award (the Federal Chancellery with its entanglement in the NSA affair), closely followed by the “Business” category (CSC, which is involved in many government projects in Germany and close to intelligence agencies in the US). Also close to the leaders was the “Consumer Protection” award (LG with their surveillance of domestic media consumption).

Here are some of the comments that our guests made to explain their choice:

Technology

“This affects all area: private, public, transport, technology – freedom of travel.”

Workplace

“In this category, it will be especially hard for people affected to take action, because they depend on their jobs.”

“I find it impossible to accept that people are exploited at their workplace.”

Business

“This amalgamation of civil and military projects, the intransparent connection between CSC Germany and CSC USA make these business relationships highly dangerous.”

“It’s intolerable if violating human rights is turned into a business model and the German government even supports this.”

“What I found shocking, among other things, is the involvement in developing the new German identity card.”

“The extent of linkages is unfathomable and frightens me.”

Consumer Protection

“Because if affects everybody!”

“Close to the highest possible level of surveillance.”

Politics

“The German government’s attitude towards the NSA affair must be given stronger focus. The Federal Republic of Germany is not a US colony.”

“To raise the pressure to disclose all schemings and entanglements of the secret service, including the German ones.”

“If politics – the chancellor – were to secure the requirements of the German constitution, § 10 secrecy of tele- / postal communication, then many data leeches’ games would be stopped.”

“The German government is irresponsibly abandoning their duty of protecting the citizens’ freedoms, and it is actively undermining them.”