In the ongoing reform of the Telecommunications Act (TKG), Federal Interior Minister Horst Seehofer is pushing for extensive changes that would involve deep encroachments on fundamental rights. The CSU politician has sent a long wish list as “formulation aid” to the government factions of the CDU / CSU and SPD, which are supposed to incorporate it into the draft over the last few meters of the amendment. One of 15 points contains an identification requirement, especially for messenger and e-mail services.
Telecommunications providers should therefore be obliged to “collect identification features, verify them and, in individual cases, make them available to the security authorities”. The Federal Ministry of the Interior (BMI) writes in the email provider Posteo that “in order to investigate criminal offenses in individual cases, anonymity can be removed” published paper.
Number-dependent interpersonal services
The regulation is primarily aimed at “number-independent interpersonal” services, explains the Ministry of the Interior and specifically mentions WhatsApp and Facebook Messenger. E-mail services such as Gmail, Apple’s iMessage and Facetime, Signal, Threema, Telegram and video call services such as Skype or Zoom would also be affected. Even if this would cause the service providers costs “in the high double-digit million range”, the Federal Ministry of the Interior considers the approach to be proportionate, since it would be offset by “a significant improvement in criminal prosecution”.
Previously, the Federal and State Interior Ministers’ Conference (IMK) in the summer called for a broad identification requirement in social networks. The Interior Minister of Lower Saxony, Boris Pistorius (SPD) stated at the time: Someone who is on the Internet under a pseudonym “should in future have to store his or her identity with the respective provider” in order to facilitate prosecution. The IMK did not require a compulsory use of real names on platforms; pseudonyms should still be possible.
SPD likes that
The SPD has taken up the appeal. According to the draft for its program for the Bundestag election, it wants “to oblige the platform operators to create the conditions for fundamental identifiability”. Anonymous and pseudonymous online use is still possible in principle, say the Social Democrats, even if investigators, for example, could query the correct names of the users stored during registration. The SPD parliamentary group should therefore have an open ear for Seehofer’s proposal
The citizens’ data should “only be saved across the board for the purpose of possible future criminal prosecution,” says Posteo. “That would be nothing more than personal data retention.” The identification requirement would fundamentally change the way people in this country use online services. Users would always first have to carry out an identification process or show their ID. You would be forced to deposit your verified data with numerous companies. Often it concerns advertising-financed services to which the confirmed information “would be delivered on a silver platter”.
“That would be an unprecedented attack on European values and the free internet. Things that we normally use to differentiate ourselves from China,” criticized Linus Neumann, Spokesman for the Chaos Computer Club, explained the approach to Netzpolitik.org. “This attack on the freedom of communication for all and the freedom of expression of minorities is unparalleled and would be an immoderate attempt to restrict fundamental rights.”
The Seehofer catalog goes much further: Providers who “offer Internet access or signal transmission services” are to be obliged to “provide information and provide assistance” in the context of source telecommunications monitoring and clandestine online searches. In other words: You would have to support security authorities in getting state Trojans onto a suspect’s device.
The grand coalition has already created broad legal powers for the use of such monitoring software, but it has so far been difficult to enforce in practice. Seehofer has already written the required obligation to cooperate in his draft for state Trojans for all secret services, whereas the eco-Association of the Internet Industry is in a storm.
The Federal Ministry of the Interior wants to expand the vague term of “contributors” to telecommunications services, which includes internet cafes, hospitals and hotels, to include contract data processors. You should also be obliged to collect and store data for requests for information from the security authorities. The department wants to take the definitions of inventory, connection and location information much broader, take them out of their data protection context and stipulate a more precise location of mobile phone users.
Further points on the list: Providers should deliver a “coherent and complete surveillance copy” to security authorities, export data unencrypted when roaming and enable “undiscovered” use of the IMSI catcher. These devices transmit with a stronger signal than the base stations of the official network operators, so that cell phones can dial in there and be monitored. In addition, there should also be an obligation to report to the Federal Criminal Police Office in “data leak cases” such as Doxxing. Seehofer had already incorporated this requirement into an early draft for the planned IT Security Act 2.0.
Since the catalog is not part of the government draft for the TKG reform, experts at the four-hour parliamentary hearing not comment on Monday either. Should the coalition adopt parts of the proposal, this would take place virtually unchecked. The proposed law has been heavily controversial for months, with other aspects such as the right to fast internet, the elimination of the privilege for additional costs and the retention of data retention.