Special electronic lawyer mailbox

from Wikipedia, the free encyclopedia

The special electronic attorney mailbox ( beA ) is an electronic mailbox for attorneys based on the EGVP infrastructure. The name was set by the legislator in Section 31a of the Federal Lawyers' Act.

The mailbox is intended to enable lawyers licensed in Germany to communicate securely electronically with the judiciary , with authorities and with each other and to replace the EGVP client for lawyers' access to the electronic court and administrative mailbox . As of January 1, 2018, lawyers are subject to the so-called passive usage obligation in accordance with Section 31a (6) BRAO : They must maintain the technical facilities required for the beA and take note of the delivery and receipt of messages via the beA. The active usage obligation "will come into force - depending on the federal state - in 2020, but no later than January 1, 2022" and obliges lawyers to transmit documents electronically to courts.

The Federal Bar Association (BRAK) was legally obliged to implement it accordingly. The first implementation took place on November 28, 2016. However, it failed due to fundamental safety deficiencies that had become known. The post office box was then taken out of service on December 22, 2017. On June 27, 2018, the chamber decided to restart the post office box in two stages. The access program for the Microsoft Windows , Linux and macOS operating systems has been available since July 4, 2018 . The system has been fully operational again since September 3, 2018, and messages can be sent and received again.

Goal setting

Civil courts , labor courts , finance courts , social courts and administrative courts should be accessible via the beA . All federal courts and all courts in the federal states of Berlin, Brandenburg, Hesse and Saxony could already be reached electronically before January 1, 2018. There is a draft law for the introduction of electronic files in criminal matters for criminal jurisdiction . It provides that the beA can also be used for communication with the criminal courts and public prosecutor's offices. The constitutional court has not yet provided for electronic legal traffic.

Furthermore, the newly established central electronic register of protective documents is to be made accessible via the beA .

According to Section 19 (I) of the RAVPV (Lawyers Directory and PO Box Ordinance), the beA is intended to facilitate electronic communication between the members of the bar, the bar itself and the Federal Bar with each other as well as the courts using a secure transmission channel. Section 19 (2) RAVPV also stipulates that the beA can also be used for electronic communication with other people or bodies.

Legal basis

The background for the introduction of the special electronic attorney's mailbox is the reform of correspondence and communications between attorneys, the judiciary and administrative authorities in the direction of digital file management . Electronic legal communication is the designation for the "secure, legally effective exchange of electronic documents between citizens, authorities and courts." The Service Reform Act of June 25, 2001 (Federal Law Gazette I, page 1206) and the Form Adjustment Act of July 13, 2001 supplemented the written form with an electronic one Shape. Since the Justice Communication Act of March 22, 2005, process files can be kept electronically.

With Art. 7 of the law for the promotion of electronic legal transactions with the courts , the paragraphs §§ 31 and 177 of the Federal Lawyers' Act (BRAO) were adapted and the paragraphs §§ 31a and 31b were newly inserted. The Federal Bar Association shall be bound by the changes to the BRAO, approved for everyone in Germany lawyer set up for the duration of his admission, Bea. The legislature hopes that the law will accelerate the implementation of electronic legal communications.

With the authorization in Section 31c No. 3 BRAO, the legislature has authorized the Federal Ministry of Justice and Consumer Protection to regulate details of the special electronic lawyers' mailboxes by means of statutory ordinances with the consent of the Federal Council. As a result, the Lawyer Directory and Mailbox Ordinance (RAVPV) came into force on September 28, 2016. Sections 19 to 29 RAVPV regulate the beA.

On January 1, 2016, the “Law to Reorganize the Law for In-House Lawyers” came into force. In-house lawyers received a beA on October 1, 2016. If an in-house attorney was also admitted to the bar, a separate beA could be applied for for this activity on January 1, 2016. The law provides that professionals with two licenses also receive two separate beA.

The Chamber described the beA as a special milestone in this development.

Implementation and further planning

According to § 130a ZPO, the transmission of electronic documents using a qualified electronic signature (qeS) is permitted in order to maintain the written form . A transmission of electronically qualified signed documents was already possible before January 1, 2016, for example via the "Electronic Court and Administrative Mailbox" (EGVP), a free client is available for use.

All lawyers admitted in the Federal Republic have received a beA. The Federal Bar Association originally intended to set up the beA so that it could receive messages from January 1, 2016. This plan was abandoned, however, because the service at that time was not "of sufficient quality ... in terms of user-friendliness". In November 2015, the Federal Bar Association declared that it “did not yet meet the high expectations that the Chamber had set itself.” The Chamber had entered into discussions with the software developer Atos IT Solutions and Services about the further course of the project.

There was a further postponement of the start date because the Berlin Higher Lawyers' Court had obliged the Federal Bar Association not to open the mailbox for some lawyers to receive without their express consent. The technical implementation of the chamber lacks the ability to individually control the readiness to receive mailboxes. Regardless of the postponed start date, the initial beA registration continued. The beA was put into operation on November 28, 2016.

Determining written documents must be provided with a qualified electronic signature. From January 1, 2018, when using a secure transmission route i. S. d. § 130a Paragraph 3 ZPO (defined in Paragraph 4: mainly beA or De-Mail) and submission by the lawyer himself, a qualified electronic signature can be dispensed with. A “simple” signature is then sufficient, i.e. even a reproduction of the signature that has been added to the document. Almost all courts have been accessible electronically since then.

Since January 1, 2017, lawyers are obliged to submit protective letters exclusively to the electronic register of protective letters.

BeA-Client Security has been available for download again since July 4, 2018, and an improved version since August 14, 2018. Since September 3, 2018, the system has been back into regular operation - without the test phase required by the German Bar Association and others.

From January 1, 2022 at the latest, all lawyers are obliged to "submit documents to the courts electronically."

Functional features of the first implementation in 2016

When the beA system was switched on, lawyers were able to send beA messages to the bar associations , other lawyers and the associated courts. There was no connection or connection to the usual mail systems.

technical requirements

The following technical requirements must be met in order to use the beA:

  1. A lawyer needs a special chip card , the so-called beA-Karte Basis . With this card, it is possible to log into the beA mailbox and to read received electronic documents. If a lawyer wanted to send an electronic document to courts between January 1, 2016 and December 31, 2017, it had to be provided with a qualified electronic signature (qeS). With the beA card signature it is possible to generate such a qeS and thus to send documents and submit pleadings to the court. A “beA card base” can be upgraded to a “beA card signature” at a later date. Documents should be signed with separate signature files and not "inline" -signed ( PDF -internal signature). From January 1, 2018, lawyers can send documents via the beA without a qualified electronic signature.
  2. Employees can receive a beA employee card.
  3. So that the chip card can be read, the user needs a card reader with a keypad (so-called PIN pad). The card reader must also be approved for generating a qeS in Germany.
  4. The card reader is connected to a computer with at least 512 MB RAM. Microsoft Windows, macOS or Linux can be used as operating systems .
  5. The beA is accessed either via a browser ( Firefox , Safari , Chrome , Internet Explorer , the Edge browser is not supported) or via law firm software . Read access is now also possible via app.
  6. The law firm software manufacturers, who are mainly organized in the Software Industry Association for Electronic Legal Traffic (SIV-ERV), discussed fundamental questions and ways of dealing with the interface at a meeting of the Federal Bar Association on December 13, 2016. After clarifying the remaining questions, the software manufacturers can start programming and testing their own interfaces. The requirements for programming the interface are not yet generally available on this date. Since the interface specifications presented in the middle of the year could not be checked by the software manufacturers due to the lack of a test environment, it is not foreseeable whether there will be any problems of any kind with the implementation in the specialist systems. Only after the chamber has provided a test environment and the software manufacturers have their own beA cards can the first tests and programming begin. The interface promised by the chamber at the end of 2016 was available from May 2017, the software manufacturers could start with an implementation from this point in time, which, however, proves to be very time-consuming as there is no documentation for the interface. It is not foreseeable when an integration into the specialist software systems can be expected.
  7. At the end of September 2017, the Federal Government established the Electronic Legal Transactions Ordinance (ERVV) that only PDF and TIFF files may be transmitted with the beA . In addition, the PDF file must be made searchable "as far as technically possible" (§ 2 Paragraph 1 ERVV) including the attachments, i.e. H. Scanned documents have to be processed with OCR software to ensure searchability. The susceptibility to errors of documents prepared via OCR is dealt with in the printed matter.

A chip card is mandatory for a one-time first registration at the beA. A chip card, e. B. the beA card or special software certificates with an associated PIN can be used.

Basically, the beA should run on the basis of the "Online Services Computer Interface" (OSCI) standard protocol or a "future state-of-the-art" standard in accordance with Section 20 (1) RAVPV. The EGVP is also operated on this basis. In order to guarantee addressability within the EGVP structure to which the beA is linked, there is a kind of telephone book via which the EGVP address (SAFE-ID) of the recipient can be determined. The basis for the data of the lawyers in this directory service called "SAFE" (Secure Access to Federated e-Justice / e-Government) is the data collection of the bar associations when their members are admitted and thus also the nationwide official directory of lawyers.

costs

The development costs were already roughly 38 million euros in January 2018, although the system was not yet in operation.

One-time costs arise for the purchase of the required equipment, e.g. B. a card reader. The costs for a lawyer depend on the type of beA card used, the use of an optional software certificate and the optional involvement of employees. Annual costs ( fixed costs ) are incurred through use .

  1. A certified card reader of class 1, 2 or 3 is required to use the beA with a beA card. The purchase of a corresponding card reader costs around 70 euros once. It can be used to register at the beA and to create qualified electronic signatures. If you also want to use the functions of the new ID card or online banking, a suitable card reader costs around 130 euros.
  2. The beA-Karte Basis for registration at the beA costs 29.90 euros (net) per year. The beA card signature with a qualified electronic signature costs 49.90 euros (net) per year. The latter also enables secure login to the ELSTER portal.
  3. The beA employee card has an advanced certificate . It enables lawyer's employees to log into the beA and read messages. Employees can also send qualified messages signed by the lawyer or messages that are not subject to the written form if they have been granted user rights. The beA employee card costs 12.90 euros (net) annually as a 12-month subscription.
  4. An optional beA software certificate is an advanced software certificate. It can be saved as a file on the computer or USB stick. With the certificate, a lawyer or, if necessary, an employee can access and send beA messages on the laptop while on the move. The beA software certificate costs EUR 4.90 per year (net) with a 12-month subscription.
  5. In addition, there are the annual fees charged by the lawyer / notary by the Federal Bar Association, by means of which the service provider is paid.
  6. Cost of implementing good OCR software when shipping (as well as the time involved in using it).

Security features

To transmit a message, it is received or delivered by a central point. The message itself is encrypted and the key required for decryption is transmitted in encrypted form. The public RSA key used for this is also managed centrally and made available to the sender for encryption. For example, it is possible and intended to deliver a message centrally to other or further authorized recipients. The Chamber commissioned an IT service provider as the central point .

Contrary to the representation of the Chamber, the earlier implementation did not actually have end-to-end encryption of the messages. An independent report from June 2018 did not reveal any indications that this would be planned for the new implementation. The chamber did not publish the necessary administrative and technical measures in detail.

Safety margins

On December 22nd, 2017, the online ticker of the Heise-Verlag reported a severe safety margin at the beA. A certificate that no longer worked meant that the beA could no longer be used. First the BRAK announced that the certificate had expired. However, when it became known that the required certificate had been withdrawn by the certification body due to a security breach by the beA or the chamber, they changed the official announcement to the effect that the certificate had become invalid. The background to this was that the chamber had to import both a public and a private key to operate the beA on the PCs due to the design . Since all installations had received the same key pair, the secret key was compromised and could no longer be viewed as secure by the certification authority . In accordance with its obligation, the certification authority had to revoke the certificate, i.e. declare it invalid. First of all, in an online operating manual, the chamber suggested that the user should manually declare the invalid (untrustworthy) certificate as trustworthy. The severe security system warnings associated with such settings led the Chamber to withdraw this proposal, as it is to be viewed as an unacceptable course of action in a system that is supposed to ensure highly secure communication. In a next step, the chamber suggested installing a separate root certificate provided on the computer. However, this meant that all other certificates on the local PC could be manipulated, as the PC thus became its own checking authority. The procedure thus corresponds to undermining the entire HTTPS security architecture. When it became clear that the chamber had created an even bigger one by solving one major security problem, the beA was completely taken offline over the Christmas holidays. In the official announcement, the true background is not mentioned. Instead, isolated user problems are given as the reason.

On December 27, 2017, the Federal Chamber of Lawyers published that the beA will remain offline for the time being. The chamber does not want to switch the system online again until the service provider has resolved the security issue of the registration process. Since this is a fundamental design problem, troubleshooting must be accompanied by a corresponding reinstallation of the client software. In the same notification, the Chamber also advises lawyers to urgently uninstall the certificate previously provided by the Chamber, as the certificate is associated with security risks for the individual PC environment. In an article in the FAZ , the author Constantin van Lijnden describes the course of events over time and shows that the problems that came to light due to the range of certificates are only the current end of a long sequence of planning problems and wrong strategic decisions. The article shows that, for a long time, suggestions from experts have been ignored and, against better knowledge, technology has been used that is not optimally suited for this purpose. Spiegel Online also presents the overall situation in a summarizing article and quotes at the end of the article: “The problem lies in the design of the software architecture. That cannot be fixed in the short term. [...] They should develop this completely from scratch and thereby tie in with existing technologies. Email encryption is nothing new. "

At the 34th congress of the CCC , the beA was reported in a lecture under the heading “The special lawyer's mailbox beA as a special bungling”. In addition to the certificate problem that became known shortly before, security deficiencies due to outdated Java libraries, non-existent end-to-end encryption , vulnerability due to the ROBOT attack known for 20 years and other unfavorable components were discussed. After the lecture, the Federal Bar Association deleted a previously published false accusation of third parties from its website. The non-existent end-to-end encryption , however, was discussed in specialist committees at the International Legal Informatics Symposium in 2016 .

On January 2, 2018, the Federal Bar Association sent a circular to the local bar association in which it partially commented on the allegations. The tenor of the letter is that the beA is a success story with great acceptance by lawyers. The certificate problem is the only one admitted; one was deceived here by the service provider Atos . In the letter, the Federal Bar also criticizes the choice of words that have been published in the form of letters, emails and forum posts since the scandal became known. One is "shocked that in these days a culture of discussion is spreading, which targets below the belt and links personal attacks with justified criticism of the Chamber and the beA". The Chamber does not comment on the other problems raised.

On January 4, 2018 , the Neue Juristische Wochenschrift, published by CHBeck , announced in its online portal as advance notice of the upcoming issue that the Federal Ministry of Justice is putting pressure on the Federal Bar . The beA must be put back into operation as soon as possible, and the ministry is demanding clarification of the criteria that prompted the chamber to take the beA out of operation again after one year of voluntary use. The ministry is also demanding clarification as to why a certificate was put into circulation for troubleshooting purposes, which had to be withdrawn a short time later.

On January 11, 2018, the Free Software Foundation Europe (FSFE) requested the release of the source code in order to shape the project for the future. The FSFE emphasized: “There is no doubt about the numerous problems with the special electronic attorney mailbox. But instead of leaving its members in the dark and excluding independent security researchers, the Federal Bar Association should now publish the entire software under a free software and open source license and make the further development process transparent. This is the only way to slowly restore the shattered trust of the users, i.e. all lawyers, authorities and courts. The disclosure of the program code enables independent IT experts to report potential security gaps at an early stage so that they can be rectified. It has now been shown once again that keeping the source code and the commissioned audits secret does not lead to the desired result. "

On January 17, 2018, Heise Online published a summary of the current findings including a video recording of the CCC's presentation. In the video and the accompanying text it was shown what was tested and what was not tested, as well as the course of the non-functioning communication with the Federal Bar Association. It was pointed out that the basic construction of the client with its local certificate represents an irreparable construction error. The magazine c ' t deals with the topic in its 3/2018 issue as well as in an extensive article in the 6/2018 issue.

On January 26, 2018, the Federal Chamber of Lawyers organized a round of talks called "beAthon" with a small group of invited security experts. The software developer Atos had canceled participation in advance and also prohibited its subcontractors from participating. During the discussion, it was found that the new approach presented by Atos is basically suitable for solving the original certificate problem. In the discussion, the chamber also indicated for the first time that it had interpreted end-to-end encryption differently in the past than it usually does. The chamber also indicated that it had not been aware that it would appear possible to actually set up such a system with end-to-end encryption and completely forego the use of HSMs. When Markus Drenger again pointed out that there was still a major security gap in the existing client software, which would make it possible to attack the computer on which a beA client was installed even when the beA was deactivated, the chamber announced on its website recommends that all lawyers uninstall the current beA client immediately. As a participant of the beAthon, Jörn Erbguth summarized the results in a contribution to LTO . Very detailed summaries of the beAthon have been published on the Golem website and JurPC .

On June 20, 2018, the Federal Chamber of Lawyers published the report that it had commissioned from Secunet as a result of the security deficiencies that had occurred. At the same time, the chamber published a corresponding press release. According to the publication, the updated client security should be available again from July 4, 2018 and the mailbox should be available again on September 3, 2018.

On September 4, 2018, it became known that a security gap in the user administration of the beA could specifically search for lawyers who have not yet set up their personal lawyer mailbox. For example, opposing lawyers can outdo each other at the expense of the affected clients, who are fundamentally liable for mistakes made by their lawyer - which also includes the failure to set up the personal lawyer mailbox.

The Federal Bar Association will provide an update of the beA Client Security on September 3, 2020.

criticism

Procedure for introduction

Parts of the legal profession criticized that the mailboxes should be set up ready to receive without any action by the lawyers, in particular without the initial registration by the respective lawyer, because this did not result from the " Act to promote electronic legal transactions with the courts " and published their criticism in of the specialist literature: in September 2015, in November 2015 and in January 2016. In its statement 6/2016, the German Lawyers' Association proposed a legal clarification for the obligation to use and initial registration. Some lawyers made formal requests to the Chamber to set up the beA ready to receive only if the lawyer had carried out the initial registration. The chamber rejected these motions and only briefly indicated that it derived its actions directly from the law. As a result, two preliminary injunction proceedings before the two senates of the Berlin Lawyers' Disciplinary Court (AGH Berlin) were pending, Az. I AGH 17/15 and Az. II AGH 16/15. The urgent application in the proceedings before the First Senate was published in full text and with attachments. A settlement was reached, which the board later revoked. On June 6, 2016, the Berlin Bar was forbidden by a preliminary injunction from the Berlin Lawyers' Disciplinary Court from opening mailboxes for lawyers who had not given their consent. The chamber postponed the activation of the mailboxes again.

Missing office mailbox

It is also criticized that there is no electronic office mailbox . Mails could only be addressed to individuals; it would not be possible to implement an ad hoc substitution arrangement. Due to the security architecture and the lack of a dispatch option to a law firm, i. H. not explicitly sent to a specific lawyer, only if it is ensured that the recipient will collect the data. The legal situation of unavailability, e.g. B. vacation or illness is unclear. However, it can be said that the professional representation regulations have been integrated into the beA in a relatively practical manner. In this way, representatives can simply be named in the beA for certain or all cases of hindrance. In the latter case, however, the representative then has automatic (permanent) access to the mailbox even without being prevented. The solution provided by the software is to enable access to multiple mailboxes using employee cards or software certificates.

Encryption

End-to-end encryption based on the OSCI standard is also worth discussing . For reasons of computing speed, the encryption takes place in two stages: The actual messages, which can contain large amounts of data, are transmitted symmetrically encrypted using the AES encryption method ( Advanced Encryption Standard ). This AES key is generated randomly by the sender and is attached to the encrypted message, so to speak. This AES key, which is required to decrypt the message, is then transmitted using asymmetrical RSA encryption.

With symmetric encryption, the same key is used for both encryption and decryption. Another advantage of an asymmetric encryption method is that the message in question can be encrypted with the recipient's public key but cannot be decrypted. For this purpose, the respective private key of the recipient is necessary, which should then only be located in a secure location to which only the recipient has access.

However, the beA provides the technical possibility that the asymmetrically encrypted message can be recoded in the data center in order to distribute a message to other, authorized persons. Therefore, unlike the OSCI standard, the public key with which the symmetrical AES key is encrypted is not that of the actual recipient / mailbox owner, but “only” that of the mailbox itself. Its associated private key is located exclusively in the care of the BRAK.

Critics have suggested that this possibility of decoding also creates the possibility of decoding the actual message. This consideration is based on the fact that the actual symmetric key is briefly available within the system at the moment of the encryption, so that the message itself can also be decrypted. The Federal Bar Association meets this argument in a technical way. According to you, this conversion takes place in a so-called Hardware Security Module (HSM), to which nobody has access. The results of security reviews and the architecture were not published. In order to create the possibility of transferring the data to another device in the event of a module failure, the access keys were distributed to different people who only have joint access to the data. In this context, one speaks of so-called key custodians .

According to the published diagrams, the HSM generates a separate key pair for each recipient. The secret part of this key pair remains exclusively in the HSM and the public key is published in the SAFE directory. A sender encrypts the message based on the key published in the SAFE directory for decryption within the HSM, which in turn decrypts the message and encrypts it again with the public key of the final recipient. A sender therefore never sends directly to the recipient, but always to the HSM as an intermediary . The message that the HSM decrypts and encrypts again for the final recipients is the secret AES key with which the actual message is encrypted. The HSM only has access to the key with which this message was encrypted and no access to the actual, original outgoing message.

This problem was addressed at the 34th CCC congress and summarized with the words "End-to-end encryption looks different". As a result, whether the HSM is to be regarded as a backdoor is classified as a legal question.

As part of the “beAthon” panel of experts that took place on January 26, 2018, the Chamber indicated that it interpreted the term end-to-end encryption as deviating from the definition commonly used in cryptography. A representative of the chamber argued that the term end-to-end encryption was not protected. A specialist who was present commented that "lawyers should probably not try to recompose cryptographic terms and contradict cryptographers here".

Limitation of font size

The electronic mailboxes only provide access to the EGVP for lawyers. The EGVP, which is maintained by the judiciary, is configured so that a maximum of 100 files with a total of 60 MB can be attached to a mail. Large documents with a large number of scanned pages or other large electronic documents can exceed this limit. There is no specification for the handling of correspondingly extensive documents; it is up to the user (or the software system he uses) not to exceed the limits. The compulsory use of certain software is also criticized, since the specifications structurally disadvantage free software and open file formats . This is seen as an inadmissible interference with the legal professional freedom and the interests of the clients with whom the files are exchanged.

File formats

According to § 2I ERVV (Ordinance on the technical framework conditions for electronic legal transactions and on the special electronic government mailbox or Electronic Legal Transactions Ordinance), the electronic document must be transmitted in "printable, copyable and, as far as technically possible, searchable form in PDF file format. “The document may also (!) Be transmitted in TIFF file format if“ visual representations in PDF file format cannot be reproduced without loss ”. If the document is transmitted contrary to these provisions, it will not have been validly received in principle. According to § 130 a VI ZPO, the respective court must point this out "immediately" and with notification of the corresponding technical conditions. However, if the sender then immediately submits a suitable document, proving that its content corresponds to the unsuitable copy, the new effective document is deemed to have been received at the time of the earlier submission.

confidentiality

The Federal Bar Association has so far refused to disclose the contracts for the creation of the electronic mailbox with the IT service provider Atos and security audits. The Society for Freedom Rights and FragDenStaat have therefore filed a lawsuit on the basis of the Freedom of Information Act .

literature

  • Christopher Brosch, Obligation to use the special electronic lawyer's mailbox? , Neue Juristische Wochenzeitschrift (NJW) 51/2015, p. 3692
  • Don't be afraid of the beA , Hans-Georg Warken , Tobias Warken; Rubis & Hill, Riegelsberg 2017, ISBN 978-3-00-054919-9
  • Brochure, Lummel, sand cooler, freedom, electronic right-hand traffic with the beA: An introduction , ISBN 978-3-472-08970-4
  • Jungbauer, The special electronic lawyer mailbox (beA) and the ERV: Obligations - Advantages - Liability traps , ISBN 978-3-8240-1484-2
  • Müller, eJustice-Praxishandbuch , 3rd edition, Norderstedt, 2018, ISBN 978-3-7460-8208-0

Web links

Related topics

E-Justice is the generic term for electronically processed judicial processes. Part of this is electronic legal communication .

Individual evidence

  1. beA. What is the beA? (No longer available online.) In: bea.brak.de. 2015, archived from the original on November 1, 2015 ; Retrieved November 9, 2015 . Info: The archive link was inserted automatically and has not yet been checked. Please check the original and archive link according to the instructions and then remove this notice. @1@ 2Template: Webachiv / IABot / bea.brak.de
  2. ^ Federal Bar Association ~ beA - The special electronic attorney mailbox. Retrieved July 12, 2019 .
  3. Special electronic attorney's mailbox: we're finally going! - beA. Retrieved November 28, 2016 .
  4. beA has to stay offline for the time being - security and data protection have priority. Retrieved December 28, 2017 .
  5. beA newsletter. Newsletter. In: bea.brak.de. 2018, accessed July 3, 2018 .
  6. Special electronic lawyer mailbox: login page with download links. Retrieved August 11, 2018 .
  7. see: Ordinance on lawyers 'directories and special electronic lawyers' mailboxes
  8. EGVP - legal basis. General legal basis. In: egvp.de. 2015, accessed November 9, 2015 .
  9. Questions and Answers. Will in-house lawyers receive a beA? How does it look after the planned change in the law? What should be considered when ordering the beA card? (No longer available online.) In: bea.brak.de. 2015, archived from the original on December 2, 2016 ; accessed on December 12, 2016 . Info: The archive link was inserted automatically and has not yet been checked. Please check the original and archive link according to the instructions and then remove this notice. @1@ 2Template: Webachiv / IABot / bea.brak.de
  10. ^ BRAK positions on national legal policy. Electronic right-hand traffic. (No longer available online.) In: www.brak.de. 2015, archived from the original on June 24, 2013 ; Retrieved November 9, 2015 . Info: The archive link was inserted automatically and has not yet been checked. Please check the original and archive link according to the instructions and then remove this notice. @1@ 2Template: Webachiv / IABot / www.brak.de
  11. a b Signature and Signing Process. (PDF; 1.2 MB) For lawyers. In: brak-mitteilungen.de. August 2015, accessed November 10, 2015 .
  12. Federal Bar Association ~ press release 20/2015. In: brak.de. Retrieved November 26, 2015 .
  13. ^ Press release of BRAK No. 7 v. 06/09/2016. June 9, 2016, accessed September 4, 2016 .
  14. beA comes later. BRAK postpones the start date for special electronic lawyers' mailboxes. In: bea.brak.de. November 26, 2015, accessed December 1, 2015 .
  15. Special electronic attorney's mailbox: we're finally going! - beA. Retrieved November 28, 2016 .
  16. Prof. Dr. Astrid Stadler: ZPO comment . Ed .: Prof. Dr. Hans-Joachim Musielak and Prof. Dr. Wolfgang Voit. 16th edition. Franz Vahlen, 2019, ISBN 978-3-8006-5946-3 , pp. Section 130a Rn. 6 .
  17. a b c beA. Schedule according to ERV law. In: bea.brak.de. 2015, accessed November 1, 2015 .
  18. ^ BRAK: special newsletter v. 08/20/2018 to beA. In: BRAK. BRAK, August 20, 2018, accessed August 26, 2018 .
  19. a b c d e f beA is coming. (PDF; 409 kB) Your electronic lawyer mailbox from 2016. In: brak.de. August 24, 2015, accessed November 9, 2015 .
  20. bea lawyer mailbox app (iPhone and iPad). Retrieved June 27, 2020 .
  21. ^ Opinion of the SIV-ERV on the availability of the firm's clients. December 16, 2016, accessed December 16, 2016 .
  22. Legal Tribune Online on the subject of the availability of the firm's software clients. December 16, 2016, accessed December 17, 2016 .
  23. ^ Opinion of the SIV-ERV on the integration of the beA into the specialist software systems. January 26, 2017. Retrieved January 26, 2017 .
  24. ^ Federal Council printed matter on the subject of OCR. (PDF) October 20, 2017, accessed October 20, 2017 .
  25. Löschhorn MMR 2018, 204 (205).
  26. ^ Liability of the BRAK for beA bankruptcy? 124,408,775 € - Repayment and compensation only Sturm im Wasserglas - RechtsTipp24 . In: RechtsTipp24 . January 4, 2018 ( rechtstipp24.de [accessed September 2, 2018]).
  27. B. beA cards, chip card readers and signature cards - beA. Retrieved July 12, 2019 .
  28. a b c d certification body of the Federal Chamber of Notaries. beA products from the certification body. In: bea.bnotk.de. 2015, accessed November 10, 2015 .
  29. secunet: Technical analysis and concept review of the beA . Ed .: secunet. June 20, 2018 ( brak.de [PDF; accessed June 20, 2018]).
  30. Heise reports severe safety margin to the beA on December 22, 2017, accessed on December 24, 2017
  31. BRAK is taking beA off the network over the Christmas holidays due to maintenance work from December 23, 2017, accessed on December 24, 2017
  32. Publication of the BRAK - beA must remain offline for the time being from December 27, 2017, accessed on December 27, 2017
  33. ^ FAZ Einspruch, Alles was Recht ist - no beA for the new year of December 27, 2017, accessed on December 28, 2017
  34. Spiegel-Online, Chaos um beA - Die Postfach-Pleite from December 27, 2017, accessed on December 28, 2017
  35. Hanno Böck: Talk by Markus Drenger on the 34C3 on the beA. January 2, 2018, accessed January 12, 2018 .
  36. Heise reports on the ROBOT attack: TLS attack from 1998 still works from December 13, 2017, accessed on December 28, 2017
  37. Heise reports on the 34C3 - the beA as a special bungling from December 28, 2017, accessed on December 28, 2017
  38. Conference report IRIS 2016 -JurPC Web-Doc. 47/2016, paras. 1 - 35 , accessed on December 28, 2017
  39. The President of the Federal Bar Association to the State Chambers - A statement dated January 2, 2018, accessed on January 3, 2018
  40. NJW bei Beck.de - Justice Minister puts pressure on the Bar because of beA from January 4, 2018, accessed on January 4, 2018
  41. Max Mehl: How the special electronic lawyer mailbox (beA) can still be saved . Ed .: Free Software Foundation Europe. January 11, 2018 ( fsfe.org [accessed January 13, 2018]).
  42. Volker Weber: Fatal construction error in the special electronic lawyer mailbox . Ed .: Heise Online. January 11, 2018 ( heise.de [accessed January 20, 2018]).
  43. Joerg Heidrich: Electronic lawyers' mailbox is becoming a debacle. In: c't 3/2018. January 19, 2018, p. 44 , accessed January 30, 2018 .
  44. Christian Scheininger, Martin Weigel: E-Justice in a cul-de-sac - What will happen to the special electronic lawyer's mailbox? In: c't 6/2018. March 2, 2018, p. 154 , accessed March 3, 2018 .
  45. LTO - beA crisis meeting now without beA makers from January 24, 2018, accessed on January 27, 2018
  46. Federal Bar Association - Press release No. 4.2018 - Results of the beAthon and advice to uninstall the client immediately from January 26, 2018, accessed on January 27, 2018
  47. Hanno Böck: Bar Association advises lawyers to deactivate their software . Ed .: Spiegel Online. January 27, 2018 ( spiegel.de [accessed January 27, 2018]).
  48. Volker Weber: To be on the safe side, lawyers should deactivate the beA Client Security . Ed .: Heise Online. January 27, 2018 ( heise.de [accessed January 27, 2018]).
  49. Jörn Erbguth: It's even worse. But it gets better . Ed .: Legal Tribune Online . January 28, 2018 ( lto.de [accessed January 28, 2018]).
  50. Hanno Böck: So it goes on with the attorney's mailbox . Ed .: golem.de. January 29, 2018 ( golem.de [accessed January 29, 2018]).
  51. Jörn Erbguth: beAthon - the drama continues . Ed .: jurpc.de. January 29, 2018 ( jurpc.de [accessed January 30, 2018]).
  52. secunet: Technical analysis and concept review of the beA . Ed .: secunet. June 20, 2018 ( brak.de [PDF; accessed June 20, 2018]).
  53. Federal Bar Association : beA: Final report is available . Ed .: BRAK. June 20, 2018 ( brak.de [accessed June 20, 2018]).
  54. beA: lawyer mailbox reveals inactive users to the detriment of clients - heise Online
  55. Michael Schinagl: “Can you afford to miss relevant mail?” In: Berliner Anwaltsblatt , September 2015, pp. 297–298 ( Attorney Schinagl )
  56. Berliner Anwaltsverein Complete Edition September 2016 ( Memento of the original from October 7, 2016 in the Internet Archive ) Info: The archive link was inserted automatically and has not yet been checked. Please check the original and archive link according to the instructions and then remove this notice. @1@ 2Template: Webachiv / IABot / www.berliner-anwaltsverein.de
  57. Zedler, MDR 2015, 1163 ff., 1165
  58. Marcus Werner , Julius Oberste-Dommes: No monitoring obligation for beA without initial registration . In: Lawyer Gazette . No. 1 2016 , January 1, 2016, p. 21–26 ( WERNER Rechtsanwälte Informatiker [PDF; accessed on January 8, 2016]).
  59. Marcus Werner : Statement. From January 1, 2016, the BRAK is not allowed to make the beA of a lawyer ready to receive without first registering it. (No longer available online.) In: WERNER Rechtsanwälte Informatiker. October 15, 2015, archived from the original on October 22, 2015 ; accessed on November 1, 2015 . Info: The archive link was inserted automatically and has not yet been checked. Please check the original and archive link according to the instructions and then remove this notice. @1@ 2Template: Webachiv / IABot / www.werner-ri.de
  60. ^ Statement of the DAV on the beA. In: Digital Advocacy. Retrieved June 15, 2016 .
  61. BRAK application. Request to the BRAK to refrain from setting up the beA ready to receive if the lawyer has not carried out the initial registration and has not gone through the identification process. (No longer available online.) In: WERNER Rechtsanwälte Informatiker. November 20, 2015, archived from the original on December 8, 2015 ; Retrieved November 26, 2015 . Info: The archive link was inserted automatically and has not yet been checked. Please check the original and archive link according to the instructions and then remove this notice. @1@ 2Template: Webachiv / IABot / www.werner-ri.de
  62. ^ BRAK answer. (PDF) BRAK rejects the request for an injunction in a short letter. In: WERNER lawyers computer scientists. November 27, 2015, accessed January 8, 2016 .
  63. ^ AGH urgent application. (PDF) Urgent application to the AGH Berlin against the BRAK not to set up a beA ready to receive without the lawyer having completed the initial registration. In: WERNER lawyers computer scientists. December 22, 2015, accessed January 8, 2016 .
  64. Press release no. 2. AGH procedure on the special electronic attorney's mailbox: the BRAK's general meeting decides to revoke the settlement. In: Press release archive of the Federal Bar Association. March 15, 2016, accessed June 25, 2016 .
  65. ^ Decision of the AGH Berlin. (PDF) Decision of the Berlin Lawyers' Court of 6 June 2016 - II AGH 16/15 -. In: WERNER lawyers computer scientists. Retrieved May 9, 2016 .
  66. Press release No. 7. AGH procedure for special electronic lawyers' mailboxes: Berlin Lawyers' Court approves applicants' applications. In: Press release archive of the Federal Bar Association. June 9, 2016. Retrieved June 25, 2016 .
  67. Questions and answers about the beA. (No longer available online.) In: BRAK / beA. Archived from the original on December 2, 2016 ; Retrieved July 3, 2016 . Info: The archive link was inserted automatically and has not yet been checked. Please check the original and archive link according to the instructions and then remove this notice. @1@ 2Template: Webachiv / IABot / bea.brak.de
  68. Siegmund NJW 2017, 3134 (3137).
  69. Löschhorn MMR 2018, 204 (206).
  70. The key custodians can crack BeA messages. January 27, 2018, accessed February 7, 2018 .
  71. ↑ BeA encryption concept. (No longer available online.) December 17, 2016, archived from the original on December 21, 2016 ; accessed on December 17, 2016 . Info: The archive link was inserted automatically and has not yet been checked. Please check the original and archive link according to the instructions and then remove this notice. @1@ 2Template: Webachiv / IABot / bea.brak.de
  72. PDF of the encryption structure. (PDF) July 8, 2015, accessed January 24, 2018 .
  73. beA - the new attorney's mailbox at the CCC Congress. December 28, 2017. Retrieved December 29, 2017 .
  74. cf. Müller NZA 2019, 11 (12).
  75. Browser or law firm software. 2016, accessed January 12, 2017 .
  76. Current beA - special electronic lawyer mailbox. 2016, accessed January 12, 2017 .
  77. Arne Semsrott: Lawsuit because of beA: Bar Association is to issue software security tests. Retrieved February 2, 2019 .