Slashdot Mirror

← Back to Stories (view on slashdot.org)

German Spy Agency Can Keep Tabs On Internet Hubs, Federal Court Rules (phys.org)

Posted by BeauHD on from the hide-and-seek dept.

Earlier this week, a federal court in Germany threw out a challenge by the world's largest internet hub, the De-Cix exchange, against the tapping of its data flows by the BND foreign intelligence service. What this means is that the country's spy agency can continue to monitor major internet hubs if Berlin deems it necessary for strategic security interests. From a report: The operator had argued the agency was breaking the law by capturing German domestic communications along with international data. However, the court in the eastern city of Leipzig ruled that internet hubs "can be required by the federal interior ministry to assist with strategic communications surveillance by the BND." De-Cix says its Frankfurt hub is the world's biggest internet exchange, bundling data flows from as far as China, Russia, the Middle East and Africa, which handles more than six terabytes per second at peak traffic.

De-Cix Management GmbH, which is owned by eco Association, the European internet industry body, had filed suit against the interior ministry, which oversees the BND and its strategic signals intelligence. It said the BND, a partner of the US National Security Agency (NSA), has placed so-called Y-piece prisms into its data-carrying fibre optic cables that give it an unfiltered and complete copy of the data flow. The surveillance sifts through digital communications such as emails using certain search terms, which are then reviewed based on relevance.

10 of 54 comments (clear)

  1. A great argument... by Gravis+Zero · · Score: 2

    ...for encrypting all traffic to every site and even DNS.

    --
    Anons need not reply. Questions end with a question mark.
    1. Re:A great argument... by Joce640k · · Score: 2

      Yep.

      Let them do it if they want. Their days are numbered.

      --
      No sig today...
    2. Re:A great argument... by Joce640k · · Score: 2

      This. DNS in particular

      It's almost as if you think these people can't do reverse DNS on your followup connection.

      --
      No sig today...
    3. Re:A great argument... by KiloByte · · Score: 2

      There's no 1:1 relation between host names and IP addresses, either way.

      --
      The creatures outside looked from Alt-Right to Antifa; but already it was impossible to say which was which.
    4. Re:A great argument... by AHuxley · · Score: 2

      The BND has a way into the very end of every DSN.
      German quality malware. With extra government and now with 200% more contractors.
      No OS, no modem is safe from the reach around of the BND. They will get into any OS.
      From space. "German intelligence agency gets spy satellite system funds" (06.11.2017)
      http://www.dw.com/en/german-in...
      In cyber space.
      New surveillance law: German police allowed to hack smartphones (22.06.2017)
      http://www.dw.com/en/new-surve...
      Welcome to the world of the "State Trojan"
      The German gov malware reads plain text along with the user.

      --
      Domestic spying is now "Benign Information Gathering"
  2. Next round at the Bundesverfassungsgericht by ffkom · · Score: 4, Interesting

    One notable aspect of this court rule was that it did not even consider the legality of _what_ the BND wants others to do - they were purely ruling on the validity of the formal order to provide them access.

    The more interesting round will be at the Bundesverfassungsgericht, where (hopefully) the legality of eavesdropping on all that (mostly intra-country) traffic will be considered.

    But in the end, all those court rules are not really important - spy agencies will spy on every bit of traffic, legal or not, as long as they exist. And in the case of the BND we have already seen how they do it even to provide their "friends" in other countries a favour - e.g. for industrial espionage.

    1. Re:Next round at the Bundesverfassungsgericht by fazig · · Score: 2

      Yes, legality was never a factor in whether they're doing it or not. *Technical possibilities are factor. I still hope that they get slammed in Karlsruhe. At least some moral integrity can be shown by a justice system that is still a separated power.

      *The only two options I see here, besides of not using the internet, are encrypting everything and or additionally creating a lot of junk data. But since the internet infrastructure is already stressed hard enough here in Germany and our larger telcos give a crap about it even though they get millions of € from the government in order to fix the issues, I prefer the former.

  3. GDPR by shayd2 · · Score: 2

    Since the feed includes German domestic accounts. Will the agency have to get a permission letter from every internet user in Germany? The EU? The world?

    1. Re:GDPR by deimios666 · · Score: 2

      The GDPR has a convenient exemption for "national security"

      --
      I think, therefore you are.
  4. Re:The BND has all dirty secrets of Karlsruhe judg by fazig · · Score: 2

    German courts have a history of not overturning such surveillance laws. The constitutional court overturned previous data retention laws in 2010 as being unconstitutional.
    But since that kind of surveillance was something the EU wanted, they sued Germany for non compliance. Then a new data retention law had been drafted by the German government, with some opposition, but eventually it went through and was reinstated in 2015. Ever since then the courts are again working on the validity of this new law, because of course there's been appeals on constitutional issues from various interests groups.
    In June 2016 a Court in Munster ruled that a local ISP did not have to comply to the data retention laws because they're unlawful. More recently, in April this year, a court in Cologne ruled that telcos don't have to comply with the law. In this case it was the largest telco of Germany, the Deutsche Telekom, that sued because they apparently didn't want to store meta data. In the end it costs money for them and it hurts their business.
    Of course that still means ISPs can comply out of their own volition.
    Currently our eyes are focused on the constitutional court that are still in the process of investigating the issue. Hopes are that they'll overturn it again.