Germany’s New Citizen Monitoring Spyware May Be Creepier Than NSA’s ...

Sputnik
February 27, 2016

The new spyware Trojan virus recently approved by Germany’s Interior Ministry may actually steal personal photos and notes stored on Germans’ phones and laptops.

The German government’s new computer virus intended for spying in criminal cases has drawn scrutiny because of its potentially unlimited abilities.


While privacy-invading measures imposed by the United States’ National Security Agency have been at the forefront of news coverage, Germany’s new “open” approach to secretly spreading malware has also attracted scrutiny among privacy advocates.

“But we don’t know whether this program can intercept saved data, photographs we never share and make for ourselves, personal diaries, things that should be as secure as if they were stored at home,” Schleswig-Holstein regional lawmaker Patrick Breyer told Sputnik.

Breyer is a member of the Pirate Party, which he said believes that the government should stay out of people’s computers and smartphones. The government should work to fix security vulnerabilities instead of intruding in the lives of citizens.


The decision to compromise people’s computers without their knowledge was political, according to Breyer, rather than a move by the country’s court.A 2008 German top court judgment said that hacking computers is allowed in case of life-threatening danger or suspicion of crimes against the German state, such as terrorism.


“The Constitutional Court did not say that the government should infiltrate operating systems. It simply defined the boundaries. Whether we want to do this at all is a completely political decision,” Breyer told Sputnik.


Unlimited Access?


The decisive factor, however, is whether the new virus conforms to the Constitutional Court’s allowance for the use of spying technology, Breyer says.


While the German government said that the program can track keystrokes, phone calls, communications and record audio and video from the device. However, an earlier version of the virus released in 2011 also had the ability to receive third-party updates which allowed it virtually unlimited spying abilities.


A hacker and computer security conference called the Chaos Computer Club found many of the vulnerabilities. This included the Trojan’s ability to be compromised and receive updates from third parties outside the government.

“In the case of the so-called Bavarian Trojan, Chaos Computer Club examined it and found that it is capable of doing much more than is legally allowed. For example, it had the ability to download another code and program in completely different functions,” Breyer told Sputnik.

The major issue is privacy, says Breyer, as people would lose control of personal data, which the German government itself has promised to protect.”Right now it’s like this: if an apartment is being searched, [the government] can’t conceal that. But if the spyware was installed, it’s completely unnoticeable. You may notice it, but only years later, and this is too deep of a meddling in our personal and often even intimate life,” Breyer told Sputnik.


While the new virus has already been in Germany’s court, as privacy advocates say that it should be examined by the German government’s data privacy commisioner for its abilities and potential vulnerabilities. Germany’s Federal Criminal Police has so far refused to disclose the virus source code to the privacy commissioner.