SafeUM
Home Blog Services Download Help About Recharge
EN
RU

Axarhöfði 14, 110 Reykjavik, Iceland

Iceland - 2015
SafeUM
Blog
Services
Download
Help
About
Recharge
Menu
EN
Lang
EN
RU
Archive
TOP Security!
28 Aug 2015

Germany hands over citizens’ metadata in return for NSA’s top spy software

In order to obtain a copy of the NSA's main XKeyscore software, whose existence was first revealed by Edward Snowden in 2013, Germany's domestic intelligence agency agreed to hand over metadata of German citizens it spies on.

According to documents, after 18 months of negotiations, the US and Germany signed an agreement in April 2013 that would allow the Federal Office for the Protection of the Constitution (Bundesamtes für Verfassungsschutz—BfV) to obtain a copy of the NSA's most important program and to adopt it for the analysis of data gathered in Germany.

This was a lower level of access compared to the non-US "Five Eyes" nations — the UK, Australia, Canada, and New Zealand — which had direct access to the main XKeyscore system. In return for the software, the BfV would "to the maximum extent possible share all data relevant to NSA's mission." Interestingly, there is no indication that the latest leak comes from Snowden, which suggests that someone else has made the BfV's "internal documents" available.

Unlike Germany's foreign intelligence service, the Bundesnachrichtendienst (BND), the domestic-oriented BfV does not employ bulk surveillance of the kind also deployed on a vast scale by the NSA and GCHQ. Instead, it is only allowed to monitor individual suspects in Germany and, even to do that, must obtain the approval of a special parliamentary commission.

Because of this targeted approach, BfV surveillance is mainly intended to gather the content of specific conversations, whether in the form of e-mails, telephone exchanges, or even faxes, if anyone still uses them. Inevitably, though, metadata is also gathered, but "whether the collection of this [meta]data is consistent with the restrictions outlined in Germany's surveillance laws is a question that divides legal experts."

The BfV had no problems convincing itself that it was consistent with Germany's laws to collect metadata, but rarely bothered since — remarkably — all analysis was done by hand before 2013, even though metadata by its very nature lends itself to large-scale automated processing. This explains the eagerness of the BfV to obtain the NSA's XKeyscore software after German security agents had seen its powerful metadata analysis capabilities in demonstrations.

It may also explain the massive expansion of the BfV that the leaked document published by Netzpolitik had revealed earlier this year. The classified budget plans "included the information that the BfV intended to create 75 new positions for the 'mass data analysis of Internet content.' Seventy-five new positions is a significant amount for any government agency."

The BfV may have been keen to deploy XKeyscore widely, but it wasn't so keen to inform the German authorities about the deal with the NSA. Peter Schaar, who was data protection commissioner at the time, told: "I knew nothing about such an exchange deal [of German metadata for US software]."

He says that he only discovered that the BfV was using XKeyscore when he asked the surveillance service explicitly after reading about the program in Snowden's 2013 revelations. The same is true for another key oversight body: "The Parliamentary Control Panel learned that the BfV had received XKeyscore software and had begun using it. But even this very general briefing was only made after the panel had explicitly asked following the Snowden revelations," according to Die Zeit.

Tags:
Germany NSA surveillance XKeyscore
Source:
Ars Technica
2363
Other NEWS
3 Jul 2020 safeum news imgage An encrypted messaging service has been infiltrated by police
4 May 2020 safeum news imgage Two-Factor Authentication ​What Is It and Why You Should Use It
12 Dec 2019 safeum news imgage Encryption is under threat - this is how it affects you
4 Nov 2019 safeum news imgage Should Big Decisions Be Based on Data or Your Intuition?
7 Jun 2018 safeum news imgage VPNFilter malware infecting 500,000 devices is worse than we thought
4 Jun 2018 safeum news imgage Hackers target Booking.com in criminal bid to steal hundreds of thousands from customers
1 Jun 2018 safeum news imgage Operator of World's Top Internet Hub Sues German Spy Agency
30 May 2018 safeum news imgage US says North Korea behind malware attacks
29 May 2018 safeum news imgage Facebook and Google targeted as first GDPR complaints filed
25 May 2018 safeum news imgage A new reason to not buy these cheap Android devices
24 May 2018 safeum news imgage Flaws in smart pet devices, apps could come back to bite owners
23 May 2018 safeum news imgage Google sued for 'clandestine tracking' of 4.4m UK iPhone users' browsing data
21 May 2018 safeum news imgage LocationSmart reportedly leaked phone location data onto the web
18 May 2018 safeum news imgage The SEC created its own scammy ICO to teach investors a lesson
17 May 2018 safeum news imgage Thieves suck millions out of Mexican banks in transfer heist
All news
SafeUM
Confidential Terms of Use Our technologies Company
Follow us
Download
SafeUM © Safe Universal Messenger

Axarhöfði 14,
110 Reykjavik, Iceland

Iceland - 2015