German Federal Intelligence Service violates laws, dodges supervision

The German Federal Intelligence Service (BND) has been illegally collecting data through mass surveillance tools, storing it in databases that should not exist, and has repeatedly prevented the Federal Commissioner for Data Protection and Freedom of Information (BfDI) from supervising their actions.

German Federal Intelligence Service

A summary and analysis of a classified report, filed after former Commissioner for Data Protection Peter Schaar sent his representatives to inspect the joint BND/NSA-station in Bad Aibling (southern Germany) in the wake of Edward Snowden’s revelations, has been compiled by the current Commissioner Andrea Voßhoff, and published last week by German digital rights blog Netzpolitik.

The report shows that the BND, which is directly subordinated to the German Chancellor’s Office, regularly ignores laws and the German constitution.

Among the things that has been discovered is that:

  • The Bad Aibling station was used not only for satellite interception from crisis regions, as previously claimed, but also for cable interception in non-European countries.
  • Seven databases were unlawfully created, filled with extensive personal data, and used. One of these was filled with the help of XKeyscore, the NSA tool for collecting public and private communications from Internet traffic around the world.
  • Some of this data belongs to persons the BND should not be permitted to target, i.e. German citizens that are not suspected of anything, and it was all shared with the NSA.
  • The Commissioner was denied access to the list of selectors (over 14 million) the NSA provides to the BND, and which the latter users to single out information from mass surveillance streams that is then sent to the NSA.
  • Another database contains all metadata of entire communication lines, collected indiscriminately. There are no logs so that the Data Protection Commissioner can check how that data is used, and the BND repeatedly deleted data from it that they should not have (when awaiting examination by the Data Protection Commissioner).
  • The Commissioner was forbidden to enter the Special US Liaison Activity Germany (SUSLAG) building where the mass surveillance data is exchanged between the BND and NSA, and BND refused to tell her how many people work for US authorities in the Bad Aibling Station.

Commissioner Voßhoff concluded by advising that BND must made to respect the law. The analysis and the complaint was sent to the Chancellery in early 2016 and, according to Netzpolitik’s Andre Meister, the German government has drafted since then a reform bill that would legalize BND’s actions so far, and widen their prowers.

“This legislative package is scheduled to be adopted this year and will presumably come into effect at the beginning of next year,” he added.

Unfortunately, governments around the world use the same tactic to lull citizens into complacency about mass surveillance. At the beginning, it’s all about “we have adequate oversight over the intelligence agency’s actions.”

But later, when this control proves to be imperfect, governments change laws to make previous illegal actions legal, and thus easily sneak in laws that citizens would likely protest against if they were introduced more directly.

Don't miss