Deutsch (Active: English)


Open letter: Together against state-sponsored hacking

2021-06-02 05:06:53, erdgeist

In an open letter, an overwhelmingly broad alliance opposes the German government's legislative plans, which would greatly expand the permission to infect computers and devices with state sponsored trojans and at the same time weaken encryption measures.

There are only a few legislative proposals where everyone simply agrees that these are really bad ideas. The coalition of the CDU, CSU and SPD managed to come up with even two of such on its wish list for the end of the legislative period:

With the Gesetz zur Anpassung des Verfassungsschutzrechts (Law on the Adaptation of the Protection of the Constitution), all German intelligence services are to be given a right to hack devices at will.

The update to the Bundespolizeigesetz (Federal Police Act) is intended not only to allow the agency to use so-called "state trojans" – a state-sponsored backdoor –, but also to allow it to hack people who have not committed or are suspected of committing a crime.

However, even the excessive extension of trojan horse deployments is not enough: Internet service providers are to be obliged to cooperate in the infection of their customers' devices. Apparently, end-to-end encrypted messengers in particular are to be actively weakened.

"That would deal the death blow to any trust relationship between users and providers," said Linus Neumann, spokesperson for the CCC. In order to break end-to-end encryption, the integrity of the devices must be interfered with in any case – a fundamental right interference with far-reaching consequences. "In the meantime, one wonders how stubborn a government already has to be to simply no longer take note of all criticism and on top of that even turn private companies into henchmen of their secret services."

The proposals are so absurd that all the experts invited to the committee hearing in the Bundestag sharply criticized the ideas, even those invited by the factions of the Grand Coalition. However, not only the Chaos Computer Club and all of the appointed experts are sharply critical of the proposal: even Facebook and Google – not previously suspected to be privacy activists – vehemently oppose the plan. In the open letter, the CCC joins Facebook, Google, as well as associations, privacy-conscious service providers and NGOs in opposing these plans. We demand: Protecting security and trust online – Against an unlimited expansion of surveillance and for the protection of encryption.

If zero advocates with expertise as well as respect for fundamental rights and national security are willing to support a plan, it probably should be abandoned immediately.

The open letter

The signatories of this joint letter call on the German government and the Bundestag to advocate for strong encryption, the protection of private communication and to promote them in all areas of society and economy. This means:

  • Not taking any further legal measures that would weaken or break encryption.
  • In particular, to waive the obligation for companies to cooperate in the reform, which would turn companies into the extended arm of the intelligence services and significantly jeopardize IT security.
  • Not to rush the adaptation but to involve companies and civil society.

In addition, the signatories call on the German government and the Bundestag to strengthen encryption to protect personal and professional communication:

  • Encryption protects the sources of journalists and is thus an indispensable component of media work in a liberal, democratic and resilient society.
  • Millions of people take it for granted that they can use encryption to communicate securely.
  • Secure encryption is also a significant economic factor.