Slashdot Mirror
Germany Implements Sweeping Data Retention Policies
G'Quann writes "Starting next year, all communication providers in Germany will have to store all connection data for six months. This includes not only phone calls but also IP addresses and e-mail headers. There had been a lot of protest against the new law, but it was ignored by the government. Quoting: 'The content of the communications is not stored. The bill had been heavily criticized. Privacy [advocates] had organized demonstrations against the bill in all major German cities at the beginning of this week. In October there had already been a large demonstration with thousands of participants in Germany's capital Berlin. All opposition parties voted against the bill. Several members of the opposition and several hundred private protesters announced a constitutional complaint.'"
Before we in the U.S. get to patting ourselves on the back for not being this bad, consider the story just two posts down that discusses how this is probably already being done here with no one's knowledge or consent. I say "probably" because no one really knows. No laws passed, no protests staged (hard to protest something you don't even know about), just government silently doing whatever it wants after slapping a "national security" label on it.
It's not right in Germany, and it's not right here. The difference is that at least in Germany, this type of gross invasion of privacy happened on the public record and they can react and do something about it now.
Of course, we in the U.S. can do something about it too, but most people won't get worked up over what government might be doing without it being proven true, and our government is mercilessly exploiting that fact right now by keeping everything secret and implying that anyone who thinks otherwise is some kind of kooky conspiracy theorist (while they spy on them to make sure they don't get too far out of line).
This is fascism.
 :
One Word:
Crapflood.
"A microprocessor... is a terrible thing to waste." --
GeneralEmergency
Flood the internet with grabage
Oh, wait, spammers, worms and bots are already doing this.
A feeling of having made the same mistake before: Deja Foobar
What if you use an exploit that takes only 1 packet, and spoof the IP addresses? If they try and trace the "hacking" back to one of these IPs, do they get into serious trouble since "of course it is you"?
If I have nothing to hide, don't search me
... of countries to escape to when things continue to get worse here in the US!
Maybe somewhere in the Swiss Alps?
Sometimes the best solution is to stop wasting time looking for an easy solution.
Places like HavenCo are looking better all the time...
but it seemed marginally more appropriate here:
In Germany, they came first for the Communists, And I didn't speak up because I wasn't a Communist;
And then they came for the trade unionists, And I didn't speak up because I wasn't a trade unionist;
And then they came for the Jews, And I didn't speak up because I wasn't a Jew;
And then . . . they came for me . . . And by that time there was no one left to speak up."
- Pastor Martin Niemöller (1892-1984)
Yeah, sure. Whatever. If you're on a P2P network, or even just downloading a linux distro you're probably connected to hundreds of ips which have absolutely nothing with you to do. Good luck on mining that unmanagable mess.
Live today, because you never know what tomorrow brings
Just wondering ...
On the Internet, they came first for Zimmerman and PGP, and I didn't speak up because nobody could figure out how to integrate it into an email client anyway; .torrents;
And then they came for the warez d00dz, and I didn't speak up because I wasn't a pirate;
And then they came for Napster, and I didn't speak up because I had
And then they came for my traffic, and by that time Request timed out.
As of now most people in Germany dont even know what happened today.
The Mainstream Media totally scrapped that Subject and whats best, alot of the Politicans dont know it either.
But at least there is a bit hope, nearly 10000 people fined a complaint of unconstitutionality.
You would think that the German people would look back on their own history and say "Never again!"
I prefer Flambe as apposed flamebait.
In the early days (first 30 years) of the FBI J. Edgar Hoover made heavy use of his "special investigators" to gather dirt on members of congress, the President, and probably parts of the judiciary. This blackmail material was carefully saved for use to protect both himself and advance his power. He also used this against other such noteable figures as Martin Luther King whom he blackmailed with secretly recorded audio of his marital infidelity. Ironically some people regard this as King's fault not Hoover's. It also set the precedent for branches of the government spying on one-another.
The simple fact of the matter is that once you give someone the ability to spy on you they will use it, for themselves. This story and the one two posts down about the NSA make perfect sense. The best way to keep yourself and your party on top is to have all the information, all the secrets that you can about your opponents. That way anyone who might challenge your power could be cowed by threats to expose their, or their childrens' embarrassing secrets.
Quite some time ago Gonzales announced that the Justice Department would begin extensive investigations into the world of Pornography, legal pornography. He candidly admitted that they were not breaking the law nor did he expect to find that Playboy was in violation of some statute. He only said that he wanted to keep track of 'them'.
Forget finding criminals, the Mafia isn't real. It's all always about power. You think Bin Laden and Mullah Muhammed Omar are dumb enough to be googling "Bomb" no they're using trusted couriers and decentralized structures that don't rely on the use of easily traced e-mails. It's all of us and our elected representatives who are the target here.
2007...
Step 1. Encrypt all outbound traffic (hushmail, https, sftp, ssh, etc).
Step 2. Use TOR to anonymize all your source/destinations
Step 3. Simultaneously run encrypted torrent traffic (say 25% of all your bandwidth) to increase volumes of crap they have to sort through, making their costs increase.
Step 4. Where possible borrow your neighbours unencrypted WiFi/WiMax connections to do your real encrypted/anonymous surfing.
2009... 100Gigabit Ethernet is standardized & sold to carrier backbones. 10G Ethernet becomes cheap & FTTH becomes more affordable. The crappiest computer you can buy now is a quad core with a combined core speed of 10Gigahertz speed.
------------
2010... Their retort: Use Quantum computing to break your encryption. Buy kilometers of underground bases and install thousands of rows of racks filled with multi-terabyte hard drives to store it all.
------------
2011... You upgrade your computer with a quantum chip and use unbreakable encryption.
----------
2012... They are *$(*#ed and you WIN! All Internet is now encrypted and unbreakable and everyone has multi-terabyte hard drives and multi-hundred Megabit or gigabit speeds to home.
No trees were killed in the making of this post; however, many trillions of electrons were horribly inconvenienced.
The dark night of fascism is always falling in America, but it always manages to actually land in Europe.
You vote some party into power, and they ignore you for 4 years and do whatever they please.
Read radical news here
So. Like. They have a law? That admits what they expect? And defines what they're allowed to do? And there's a limit to what they can do? And it can help identify evildoers? But after 6 months, the data goes away? And we're thinking that's scary? Sounds like goddamned paradise to me. Here, they just drag you off and you disappear and *no carrier*
If you read the article, it seems like they are required to save the IP you are assigned, and when. Not the IPs you connect to, but the one you got via DHCP.
So, a few orders of magnitudes less data.
If I have nothing to hide, don't search me
What about UDP packets? Do ISPs have to track every single one of them or are they ignored? Better make sure they have to record every single update packet my online games cause just so dem terrists cannot hide their communications in UDP!
Justice is the sheep getting arrested while an impartial judge declares the vote void.
Nazi Fascist Thinking - Bug Everybody.
Silly, that just means anybody who would cause trouble resorts to off-line communication.
Remember that place called 'Reality' - ya, people can talk there too.
They are required to save every location of every cell phone call made for six months.
Investigator: "You can't deny it. I know exactly whom you met in the forest 3 months ago."
Thats scary.
Meme of the day: I browse "Disable Sigs: Checked". So should you.
At least German Govmnt is (i hope) being upfront about it, it looks like they are. Much better then the ISP's just voluntarily keeping all traffic including content and handing it over to the government no questions asked. But in the US carnivore has been around doing something similar with Email header info's etc... for along time and in and out of the courts etc.
They see the United States slowing turning to a Nazi-like state and they're determined to defend their intellectual property by returning to Nazism first.
Why is it so hard for some otherwise reasonable people to understand that in a society where everything and everyone is tracable, sooner or later those in power can spank down a few annoying people and everyone will get the idea that if they speak out, they could be next?
i doubt that. seriously, we have many sheeple here in germany who will vote for CSU, CDU, SPD (grand colation parties in charge of the country and responsible for this law) again over some issue like speed limit on german highways. ppl demonstrated against it, but mainstream media widely ignores them. the only thing one can do now to abolish this law is go to the german surpreme court and several thousand germans have chosen to do so. but today, it's a fact: the law is there.
if it will ever be to bad, german constitution has a rather odd article in it: 20 (4) says that as ultima ratio resistance against ppl who try to abolish the constitution is justified. catch-22 here: ppl who will do that are in currently charge of the country.
posting anonymous b/c of being german, obviousy. also, captcha is "against".
Just to be clear on one point: the IP address tracking mentioned in articles on this subject is the IP address allocated by your ISP, not the IP addresses you connect to. Which is bad enough, and on the basis of existing laws there was a ruling that ISPs aren't allowed to retain your IP connection history for privacy reasons.
Personally I've alway assumed IP addresses are inherently traceable, so in a practical sense this doesn't make any difference to me (except that no doubt I'll end up paying for the extra costs incurred by my ISP). It's the other stuff I find more worrying - and completely asinine at the same time, because anyone with anything to hide (including teh terrorists) will know how to work round them anyway.
Hey Germany! How does that gaping hole in your left podal extremity feel?
The higher the technology, the sharper that two-edged sword.
Otherwise you're complicit, and that means you're to blame.
Every sysadmin in the country, just stop working. A couple dozen do it, and that's just 12 sysadmins without a job. Several thousand do it, and the government will realise that it exists to serve the people, not vice versa.
None of this, "Oh oh but I have commitments to my family," bullcrap. We're all unemployed from time to time. Hopefully none of us would do jobs that more obviously involve the destruction of our freedoms, even if that means temporary hardship - so let's not allow us to be indirectly responsible either.
N.B. Yes, I've put my personal progress above everything in the past. I have since grown, and gone on to quit jobs over moral concerns. Yes, I enjoy my life more as a moral man than as a rich man. It's easy to make money; it's much harder to express love for the freedom of one's fellow man, and to prepare to act on that love.
Or at least of making your ISP talk...
"There are laws that enslave men, and laws that set them free. " - Sean Connery as King Arthur
It's funny how policies like this which are presumably trying to stop neo-nazi groups and terrorists ends up making the German government act like the nazis. Ends justify the means?
"During My Service In The United States Congress, I Took The Initiative In Creating The Internet." -Al Gore
is to use Freenet at http://freenetproject.org/. It's an anonymous p2p application.
I used to think that Freenet really wasn't that useful, but it's becoming clear that it's necessary as an insurance policy against censorship.
If you think about any law that has been created with regard to the internet, was it to protect and promote it or was it to try to censor and control? What's nice is Freenet was lacking in 'useful' content since the Internet was free enough for the 'wierd' things to be readily available. However, with a crackdown in many countries (http://news.bbc.co.uk/2/hi/in_depth/7047336.stm), including Italy (http://yro.slashdot.org/article.pl?sid=07/10/27/1137253) there will likely me more and more people who have use and need of Freenet, and thus increasingly more things to do and see.
for several years, as a solution to an account of mine being marked as spam by my university because a colleague got his pc infected, I've used movie quotes in every email header.
Its been successful, everyone I mail expects this, and on the rare occasions that they have received emails from me not using this format I've got confirmation mails asking if it was really me.
Possibly this wouldn't work for eveyone, but I suggest it, since it works for me.
Now some enterprising German company is going to implement secure validated email and break away from SMTP/POP3 thus rendering the legislation useless.
.de
Email headers. How does one enshrine what a header is in law ([^: ]+): ?(.*)
Go
There are places where the networks are not touching,and there are places where they are-Boeing's Lori Gunter
I'd also add 'Freenet', since it's a one stop shop for anonymous information. The thing is a lot of people go there looking for stuff, but if you're hosting a bandwidth heavy website (such as one of the many *chan image boards, music, books, etc.) why not also host it there for free?
That this law was passed so anti-democraticly and in public, probably helped us long-term. Many of my friends are now asking for support with hard disk and communication encryption. I even expect commercials to supply easy to use crypto devices in result. (something like PGPphone..)
It was ruled long ago by the American courts, that the information on the envelope of a letter is not subject to privacy expectations and can be examined by the police without a warrant.
Germany's surveilance of the e-mail headers and connection's IPs is no different — fair game, as long as the contents is not looked at.
It's been "right" here and there for decades — possibly, centuries. I can not even find any links quickly, which means, it is certainly a pre-Internet thing...
In Soviet Washington the swamp drains you.
If the penalty is not hundreds of millions of Euros, then it would be cheaper to ignore the law and just log everything to /dev/null.
Excuse me, but please get off my Pennisetum Clandestinum, eh!
no text
PGP, man. also, who mods stuff like this up ?
>> Maybe somewhere in the Swiss Alps?
>As being German: Definitely yes. Island may be an other option to consider
>If the current politics remain, Germany is going to be a police and
>surveillance state in near future...
Living in Germany you should know better than that.
Don't worry. In two months from now someone will the surveilance will cost money and jobs and eventually eliminate 15% of the positions for human investigators at the federal german BKA, thus costing more jobs. An uproar will shake the nation. Some guy at some obscure bureau of the Interior Ministry will also notice that this law makes their recent pet project, the German Federal Trojan (TM) officialy 65% superfluos. Another big no-no. Some other intellectual will publically notice that all info about all Germans is either available at StudiVZ (Germanys Facebook/MySpace), Amazon.de Marketplace or Ebay Germany anyway - which is allready completely scanned and archived (backups included) by the German IRS - and we know everything worth knowing about everybody allready. 10-15 different factions and public bodies of interest groups will have allready filed 20 complaints to the Federal Constitutional Court and the country will be plaqued by a lengthy debate that will have Secretary of the Interior Schäuble eventually drive his wheelchair off a cliff in frustration. Just before the current coalition of two big parties ends it's legislature there will be a watered down full-compromise version of the law with 8500 exception rules and modifications delivered on 2000+ pages in three big-ass Leitz file-covers, German style. Two months after the federal vote and three months into the new law someone in the EU Gouverment Headquarters will notice that this law breaks somewhere between 23 and 65 terms of union contracts, the British will wine that the Germans are now also attempting to take over the EU lead in surveilance, directly competing the UKs last big resort of excellence. Eventually the then new German gouverment will be bitch-slapped into revising its 10kg online surveilance law into a new draft as not to be fined by Brussels for a kazillion Euros.
Bottom line: No need to worry yet. Even by the most optimistic projections I wouldn't expect this law to gain any tracktion before 2015.
We suffer more in our imagination than in reality. - Seneca
And we will expand our civil liberties! Ronpaul2008.com
--- We need more Ron Paul!
This law is necessary for all countries which are members of the European Union to implement, because it is a EU directive.
Germany are not the only country in EU that will pass this law. Every country in the union are obliged to have their telephone companies and ISPs keep the information for at least six years (I think Sweden are going to recuire the companies to keep the data for at least a year, but I have not followed the debate for the last months).
It is important to point out, however, that it's only the metadata that will be saved. You can see that a person have contacted another person, and probably even where this was (if it's a mobile phone), but you can't see what they have been talking about.
... this ?
The Internet bullet seems to be talking about call detail records "and the line which was used " reference not source destination pairs at the IP level? There is a *huge* difference between the two.
If this is the case many states have similiar rentention statutes on the books for ISPs already in the US.
On the Email part I'm sure all of those who live in Allied countries would be willing to help non Axis aligned citizens living in Germany with their SMTP tunneling needs until this temporary impass of sanity on the part of the German government can be averted?
Well of course it was. Its for your safety.
---- Booth was a patriot ----
So this is the new policy from a country that gave rise to the Gestapo, the Sicherheitsdienst (SD) and after the war the Ministerium für Staatssicherheit (MfS) or Stasi? Now even I am scared...
Beauty is in the beholder of the eye.
How long can you retain data if you send email with the content in the headers?
At some point, even if you have Terabytes of disk space, you're going to run out of room. Then what?
Here's a sure-fire way to mess things up:
1. Implement IP over SMTP headers. (already done, I believe)
2. Use it in Germany.
3. Watch as your ISP hates you. A lot.
But anyhow, it says that it's retaining headers, but not content. But sometimes there's content in the headers, right? Got a Catch-22 there, I think.
coding is life
Do they say how the data should be stored? Are printouts okay? In random order. Can they store more than 6 months of data, all mixed up together? I think the data is a lot less useful to the government if it's hard to search.
But why is it always Germany?
It's times like this I'm so glad my server is in Amsterdam. Germany was actually my 2nd choice, because of the freedoms accorded (until now). A high ping is a small price to pay to dodge all these trigger-happy legislators, at least for the time being.
Forget Skynet, the government is becoming self-conscious. At least the robots only wanted to kill us quickly.
-Billco, Fnarg.com
Here's a torrent of the debate and the vote (in german). Copyright by german TV channel "Phoenix", format is RealVideo 4 within AVI container (MPlayer plays it).
http://141.76.2.8/~s9053014/German%20Data%20Retention%20-%20Parliament%20Debate%20and%20Vote.torrent
We have more food, water, power, etc. than we need and we can get the goods we need (at a price). Now, if we can't get stuff we want at any price and we no longer have water, or power, or food, then that's the stuff that revolutions are made from. In today's political climate, economic realities make a major revolution unlikely in America or Western Europe.
And YES, we have at least a million Americans totally brainwashed and mindf*cked enough that if, for some highly outlandishly unlikely chance, President Bush decides to declare a State of Emergency and suspends elections next year, these people would not terribly mind this inconvenience. They would come to believe that this would be a necessary action and the President Bush would be in the right for doing it. For them, the President cannot be wrong and can do no wrong. I guarantee we will hear a LOT from this group during the next 12 months because they don't like any of the current Republicans and they certainly hate the Clintons with all of their soul.
...the country will be plaqued by a lengthy debate that will have Secretary of the Interior Schäuble eventually drive his wheelchair off a cliff in frustration
Any way I can help? Grease the wheels? Or his breaks?
We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
One that just goes and creates random SYN packets, sending them to random IP addresses and ports and watching the logs go berserk in the process.
With enough people participating, one could even create a network of some sort, where successful syncs are shared and repeated by others, so actual commections (and thus log entries) are created at an elevated rate.
As my statistics prof always preached, the only thing that's worse than having too little data is to have poisoned data.
We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
Must be lucky TV stations that broadcast are differentiated from ISP's, because they don't know who picks up their signals.
If a TV station starts sending out public http/tcp packets then no-one knows who picks up the packet, so one half of their connection information does not exist.
Then all you need is a similar narrowcast upload methodology and the other half of the connection information does not exist either.
Besides, public broadcasting of http/tcp packets, combined with a cache on your computer, would cut traffic.
Would anyone know if this has been implemented and whether any browsers support it? I mean, for 99.999% of my traffic i do not give a frig who sees it, and for 80% I do not care who knows that I asked for it.
Public http with a ticker tape in the browser of what is coming in, with the browser set to store pages of particular interest would speed up my connection (most items would already have been read by one of the 10,000 people on my node within the last hour!), would cut down on network complexity (if 50% of traffic is node-to node instead of peer-to-peer) and cut down on traffic.
The memories of a man in his old age are the deeds of a man in his prime - Floyd, Pink
Do they say how the data should be stored? Are printouts okay?
;-)
No, too many environmentalists in Germany.
The meta-conspiracy theory says that Governments now encourage conspiracy theories in order to decrease the "signal to noise" ratio outside of official media channels.
The result is that independent media is totally unreliable because every fact is swamped by a million paranoid half-truths and lies. But the official media is also unreliable due to bias. So, (1) people have no reliable source of information, and (2) almost any criticism of the Government can be dismissed as the ravings of a crazy conspiracy theorist.
The problem is... where totalitarian dictatorships went wrong in the past, is that they try and shut people up. That causes trouble. There's really no need to to quieten and remove dissidents. No-one really cares.
Indeed yes. You don't need to "disappear" the dissenters. You just need to make them look like crazy paranoids, and in many cases, they are perfectly capable of doing that for themselves.
>north
You're an immobile computer, remember?
It's probably worth pointing out that this is not another whacko German thing - this is based on an EU directive. Of course, one should also add that that directive is currently being contested by Ireland, so there's no need for anyone to implement it yet; the reason Germany does anyway is that it's currently easy to hide behind that and say "we've got no choice but to do this".
Depending on the outcome of Ireland's case, don't think you're gonna be safe anywhere else in the EU, either, though. Time to move to Switzerland, or possibly Norway.
"All opposition parties voted against the bill. Several members of the opposition and several hundred private protesters announced a constitutional complaint."
That if the opposition gets into power they won't put forward a bill to repeal it.
For example Finland has continuously received shit for e.g. people importing alcohol from abroad (inside EU) for ones own use. This is because Finland has an alcohol monopoly and the state receives money for all alcohol sold in special shops. So they clearly have no interest to follow EUs ideal of free movement of goods within EU. (*) There are other examples as well.
Why should they then follow this insanely stupid data retention law, since they've shown already they can say "screw it" to any EU law or directive they please?
(*) Likewise, there's a serious conflict of interest here. On one hand, the government tries to make alcohol abuse less because alcohol is a dangerous drug and causes so much misery. On the other hand, they try to make people consume more, because they make more money that way.
On Slashdot, they first moderated down troll posts, and I didn't speak up because I didn't want to troll.
Then they moderated down redundant posts, and I didn't speak up because it would have been redundant.
Then they moderated down offtopic posts, and I didn't speak up because it would have been offtopic.
Then they moderated down flamebait posts, and I didn't speak up because that would have been flamebait.
Then they moderated down my posts as overrated, but at that time there was no one with mod points left to correct it.
The Tao of math: The numbers you can count are not the real numbers.
Yeah, there has been a lot of that going around lately
Thanks to file sharing, I purchase more CDs
Thanks to the RIAA, I buy them used...
A legal challenge has been started by Digital Rights Ireland before the Irish courts. If successful it should have the knock on effect of invalidating laws such as the German one. Full details here:
http://www.digitalrights.ie/2006/09/14/dri-brings-legal-action-over-mass-surveillance/
1) Invest in hard Drive companies
2) Send massive amounts of spam to germany
3) ?
4) Profit
hrmm... maybe 3 = send stock spam about Western Digital to boost price even more?
I will not give in to the terrorists. I will not become fearful.
Yup. Democracy.
While this may be newsworthy for Germany, Denmark has already imposed such measures. Known as the "logging directive", all telco and ISPs are logging extensive information about telephone calls, e-mails and internet connections (including, but not limited to, HTTP connections and headers).
:-(
I wonder how long we have to accept politicians imposing such intrusive "counter-terrorist initiatives" in the name of freedom, when all it really does is take freedom away from the average citizen.
In addition, the whole mechanism is wildly flawed. Any sane terrorist or IT geek who wants to bypass the logging can do so - using anonymizer-servers in foreign countries, TOR networks, or just going downtown to a random café with a free WiFi Hotspot.
It would seem George Orwell lived (and died) in vain
- Jesper
My security clearance is so high I have to kill myself if I remember I have it...
If you're a resident of Germany, please help challenge this soon-to-be-law in the Federal Constitutional Court (Bundesverfassungsgericht): https://www.vorratsdatenspeicherung.de/content/view/51/70/ Deadline for sending in the power of attorney (Vollmacht): Monday, November 19.
mine would go:
And then they came for my traffic, but got distracted by all the pr0n and I shot the bastards!
-Billco, Fnarg.com