Tech

Bundestrojaner now also peeks out WhatsApp, Signal and Telegram

The Federal Office of Criminal Investigation also spies on encrypted communication with smartphones, which takes place via messengers such as WhatsApp, Signal or Telegram. As WDR, NDR and the Süddeutsche Zeitung learned from security circles , a Trojan software for the monitoring of mobile phones is already in use. The BKA did not deny the presence of the spyware - but refused for "tactical tactical reasons" information on whether and how often it was secretly transferred to the devices of users.

For the year 2017, the BKA requested from the federal budget 50 million euros for the improvement of its "operational IT systems". The smartphone Trojan was named as the "third product line" after the product lines for notebooks and desktop PCs. Since mid-2017, a change in the law has allowed investigators, in addition to ongoing communication such as phone calls, chats and e-mails, to collect previously stored data on the device. This will also allow an online search on mobile devices and could be done much more often than before.

In 2008, the Federal Constitutional Court basically declared online searches of computers to be lawful, but at the same time defined strict conditions. In order for the use of espionage programs to be compatible with the Basic Law, investigators are likely to spy on PCs of suspects only if "there is a real danger for a vital legal asset" such as a human life or the existence of the state. In addition, they generally needed a court order.

The police authorities are now talking not about a Trojan for smartphones, but about source telecommunications monitoring (Source TKÜ or QTKÜ). The software used for this purpose exploits security gaps in order to access the data before encryption. To do this, the exploited vulnerabilities must continue to be kept secret instead of reporting them to the manufacturers of devices and operating systems and taking care of them.

As a result, these security holes remain open to criminal attackers. "In order for some criminals to have no security, we all have to do without it by law," commented Linus Neumann of the Chaos Computer Club (CCC). In the end, the federal government puts its own safety on the line. According to Saskia Esken (SPD), the 2017 Law on the use of the State Trojan is "in stark contrast to the state responsibility for IT security, the confidentiality of our communications and the security of our IT systems and infrastructure." As one of a few MPs of the SPD she voted against the law.

Heribert Prantl describes the use of the new state trojan in a comment by the Süddeutsche Zeitung as a digital inquisition . Not only current communication, but also all stored content could be spied out - including diary-like recordings, film and sound documents. This was done on the basis of a questionable law, which came into force in August after a hasty legislative procedure. "With the installation of the state trojans by the BKA now also the possibility begins to complain in Karlsruhe - for anyone who could potentially be affected," he writes. The civil rights organization Society for Freedom Rights has already announced a constitutional complaint against the law.

WHAT’S HOT