Icon: enlarge
There were only twelve online searches in 2019
Photo: DANIEL ROLAND / AP
Germany's police authorities used the so-called state trojan in 357 cases in 2019 to hack suspects' devices and monitor their ongoing communication.
Quellen-Telekommunikation is the name of the process regulated in Section 100a of the Code of Criminal Procedure (StPO) since 2017, or Quellen-TKÜ for short.
The more stringent version was used twelve times that year, the online search according to Paragraph 100b of the Code of Criminal Procedure.
It also allows the evaluation of data that is stored on the hacked device, i.e. not part of an ongoing conversation.
For the first time this year, the Federal Office of Justice published figures showing how often the two surveillance measures were used.
What are state trojans?
State espionage software Up arrow Down arrow
Surveillance programs that law enforcement officers secretly install on suspects' devices are colloquially known as state trojans.
A distinction is made between the goal of only monitoring an ongoing communication or searching the entire target device.
Source TKÜ Up arrow Down arrow
According to Section 100a of the Code of Criminal Procedure, German criminal prosecutors are allowed to monitor ongoing communication between suspects directly at the source (source telecommunications monitoring, in short: Quellen-TKÜ) - i.e. on their computer or smartphone, using secretly smuggled software.
This can be necessary if the communication is encrypted, for example via WhatsApp.
Without access to the device from the sender or recipient, it would not be possible to monitor it, unlike with classic SMS.
On-Line Search Up Arrow Down Arrow
Section 100b of the Code of Criminal Procedure regulates online searches.
Here, the police can secretly and remotely view all files, programs and messages on a device with the help of special monitoring software.
The intervention is therefore more serious than a source TKÜ.
Equipment of the Federal Criminal Police Office (BKA) arrow up arrow down
The BKA has developed appropriate software for the Quellen-TKÜ itself.
It is called "Remote Communication Interception Software" (RCIS).
The development cost almost six million euros.
The first version could only record Skype calls and only worked on Windows computers.
The second version can do more.
In addition, the agency bought a license for the FinFisher / FinSpy software from the German-British company Elaman / Gamma back in 2013.
According to “Welt”, however, it has only been used since the beginning of the year.
The BKA is still working on its own development for the online search.
Equipment of the State Criminal Police Offices Arrow up Arrow down
As of January 2018, the state criminal investigation offices do not have their own Trojans.
The BKA may provide administrative assistance.
But at least until May 2018, according to the federal government, this did not happen, at least not in closed proceedings.
Offensive skills and the question of IT security Arrow up Arrow down
In order for the monitoring software to land on the target device and work there unnoticed, it must exploit security gaps in the hardware, the operating system or individual application programs.
The developers use known, but not fixed, or newly discovered vulnerabilities aggressively instead of reporting them to the manufacturers and thus strengthening the IT security of all users.
According to statistics, there were 578 orders for the source TKÜ, of which 368 were actually carried out.
However, the press release mentions 484 orders, 357 of which were carried out.
Upon request, the Federal Office has not yet explained the discrepancy.
In addition, a total of 33 online searches were ordered in 20 proceedings, but only twelve were actually carried out.
Mostly it concerned cases of blackmail or violations of the Narcotics Act.
The latter is also the most frequently mentioned reason for the total of 18,225 ordered telecommunications surveillance measures in 2019. This also includes, for example, investigations in which e-mails were read without a state Trojan.
A certain blurring of the numbers remains: A judicial surveillance order, which is a prerequisite for the use of state Trojans, can affect several devices, "so that the number of orders shown is not identical to the number of monitored phone numbers or other identifiers," as it is in statistics means.
Just over a year ago it was said that source TKÜ and online searches were rarely used because of technical difficulties.
The challenges are "still so great that routine use of the software is not possible," reported the WDR at the time, citing security groups.
The federal government would like to make the sources TKÜ available to all 19 intelligence services in Germany.
The corresponding draft law to adapt the constitutional protection law would oblige cell phone and Internet providers, commercial WLAN operators and other companies to help the authorities to install the surveillance software secretly.
The Bundestag has not yet discussed it.
Icon: The mirror
pbe