Email monitoring
E-mail monitoring is the specific form of government telecommunications monitoring for the e-mail service .
Legal situation in Germany
According to the Telecommunications Act (TKG) § 110 and the Telecommunications Surveillance Ordinance , since 2005 all operators who offer telecommunications services to the public, i. H. operate public e-mail servers in this context , carry out e-mail monitoring on request. Providers who have a total of more than 10,000 (before 2008: 1,000) participants must take technical and organizational precautions to initiate surveillance immediately, i.e. be “ready to be monitored”.
arrangement
Depending on the case and legal basis, the order can usually be made by
- a judge ,
- a competent federal minister or state minister ,
- the police ,
- the customs ,
- the Federal Office for the Protection of the Constitution or
- a state office for the protection of the constitution .
costs
The operator has to bear the costs for the provision of the monitoring technology. Corresponding solutions cost from around 20,000 euros. However, according to § 23 Judicial Remuneration and Compensation Act - JVEG compensates with a one-time fee for the measure and a weekly or monthly fee for it.
functionality
It is monitored using email addresses . All e-mail traffic must be checked in the mail server or a separate filter for the existence of an e-mail address in the protocol used (e.g. SMTP , POP3 , IMAP , webmail ). If such an e-mail address is found, the provider transmits at least the connection data (e.g. sender, recipient, date, time, etc.), depending on the content of the monitoring arrangement, but usually also a copy of the complete e-mail via FTP on a server of the supervising authority ( consumer ). The connection between the e-mail server / filter and the authority server ( monitoring center) is encrypted by a VPN so that no unauthorized person learns of the monitoring measure as such or of the content of the monitored e-mails.
The operator is also not allowed to inform any currently monitored participant about the ongoing monitoring, as this would then be warned. On the other hand, however, there is an obligation for the authority that the participant concerned is informed about the type and scope of the surveillance carried out after the surveillance measure has been completed.
The content of mail messages can, however , be encrypted by simple technical means, such as asymmetric cryptography , which offers a high level of security. This means that only the existence of a communication can be traced for the user, the content of which remains hidden from him. The best known method for encrypting e-mails is PGP or GnuPG . In many cases, such encryptions can only be circumvented by intercepting the communication content that is still or again unencrypted at the sender or recipient. This can be done through an online search .
Strategic monitoring
The Federal Intelligence Service also carries out what is known as strategic monitoring of international telecommunications relationships in accordance with G-10 Act Sections 5 to 8. With strategic monitoring, all international telecommunications relationships, including e-mail, fax, telephone and web forums, are automatically monitored and searched with the help of search terms.
According to the report of the Parliamentary Control Committee of the Bundestag , an unspecified number of international telecommunications connections were searched for a total of 15,740 keywords. During this search, 2,875,000 communication links were found and analyzed more closely, resulting in 190 telecommunication traffic relevant to the intelligence service. The surveillance is divided into the three danger areas of international terrorism, proliferation and conventional armaments and illegal smuggling.
In 2010, 37,338,517 telecommunication connections were filtered out and examined more closely, the far lower number in 2011 compared to 2010 is said to have been caused by an improvement in the spam detection in the filter rules. Various MPs, such as Gisela Piltz (FDP) and Jan Korte (Die Linke), questioned the proportionality of this monitoring in their reactions to the report.
E-mail monitoring in Germany in 2010 and 2011:
| 2010 | 2011 | |||||
| Keywords | filtered | relevant | Keywords | filtered | relevant | |
|---|---|---|---|---|---|---|
| International terrorism | 1,808 | 10.213.329 | 29 | 1,660 | 329,628 | 36 |
| Proliferation and conventional armaments | 13,304 | 27,079,533 | 180 | 13,786 | 2,544,936 | 56 |
| Illegal smuggling | 321 | 45,655 | 0 | 294 | 436 | 98 |
| total | 15,433 | 37,338,517 | 209 | 15,740 | 2,875,000 | 190 |
See also
literature
- Waltraud Kotschy, Sebastian Reimer: Monitoring Internet Communication in the Workplace, ZAS 2004, 29
- Florian Meininghaus: Access to e-mails in criminal investigations , dissertation University of Passau 2007.
- Daniel Neuhöfer: Access to server-based stored e-mails at the provider , dissertation University of Cologne 2011.
Web links
Federal Network Agency (formerly RegTP):
- Electronic message (email) surveillance
- Frequently asked questions from the operators of e-mail servers ( Memento from January 7, 2015 in the Internet Archive )
Heise article on the cost of email monitoring:
Eco - Association of the Internet Industry V .:
Individual evidence
- ↑ Federal Constitutional Court: Police are allowed to access e-mail servers . Mirror online. Retrieved January 24, 2015.
- ↑ Parliamentary control body : Information by the parliamentary control body, printed matter 17/12773. (PDF; 299 kB) German Bundestag , March 14, 2013, accessed on June 16, 2013 .
- ↑ Parliamentary control body : information by the parliamentary control body, printed matter 17/8639. (PDF; 325 kB) German Bundestag , February 10, 2012, accessed on June 16, 2013 .