Criminal prosecutors should in principle also be allowed to use state Trojans to hunt down criminals. The federal executive of the Greens is campaigning for this with its draft for the program for the federal election published on Friday. Eri wants to enable the police to “infiltrate technical devices in a targeted manner using a source TKÜ based on the rule of law”.
With source telecommunication monitoring (“Quellen-TKÜ”), ongoing communication from messengers or VoiP telephone calls is tapped directly on the end device before it has been encrypted or after it has been decrypted. At the moment, investigators already have broad powers: The extensive catalog of criminal offenses anchored by the Bundestag with the coalition majority in Section 100a of the Code of Criminal Procedure (StPO) for this purpose begins with murder and manslaughter, but extends through tax offenses, computer fraud and stolen goods to everyday crime.
Obligation to report security gaps
The Greens do not want to completely knock the police out of the instrument, for which security loopholes are exploited and in so far few cases state Trojans have been used, but at least restrict it. According to the Programmingwurf “An obligation to report security vulnerabilities will be introduced”. The party refers to the debate on comprehensive vulnerability management.
The federal government is also working on a “responsible” solution, but the formation of opinions on this is not yet complete. She does not advocate state trading with security loopholes. According to the federal government, the Federal Office for Information Security (BSI) is already working towards “closing immediately and in a trusting exchange with the technology manufacturers” all the weak points it has discovered.
Regulate State Trojans
State Trojans would have to be clearly regulated, otherwise they would be “disproportionate”, the Greens had already emphasized in their draft for their new basic program in the summer. They now see the targeted source TKÜ as the milder means compared to “blanket, unreasonable data retention and general backdoors for security authorities”. The party rejects this as well as “state Trojans for secret services”, which Black-Red is likely to intend to introduce.
From circles of the Bundestag faction of the Greens it was heard that it was a matter of clearly sealing the barn door that is open today for the source TKÜ and online searches. The barriers to intervention should be raised significantly, the strict requirements of the Federal Constitutional Court for online searches should finally be implemented. This was already part of the agreements for a black-yellow-green coalition in the federal government, which did not come about because the FDP left the country. Thousands of amendments to the draft can also be expected.
The Green parliamentary group deputy Konstantin von Notz is suing the Federal Constitutional Court, supported by the Society for Freedom Rights (GFF) and the German Bar Association (DAV), against the existing law for state Trojans for the police. The complainants criticize that this would allow investigators to “intervene” in IT systems. For this it is necessary to apply software to the affected system. Infecting a target computer by exploiting security holes is dangerous, as the authorities could “hoard” vulnerabilities.
With a “state-secured ID wallet that meets the highest data protection and IT security standards,” according to the draft, citizens should be able to “keep their identity card, driver’s license or health insurance card, but also payment details and memberships safe on their smartphones”. The Greens want to prevent that users are “dependent on private providers” for such services. The Greens reject an obligation to use upload filters. You want to introduce a digital euro to complement cash.