Telecommunication surveillance

from Wikipedia, the free encyclopedia

Telecommunications surveillance ( TKÜ ) refers to the collection of information of exchanged over a certain spatial distance information by generally government agencies, and usually without the knowledge of the communication partners. Detected transmission means are z. As letters , telephone conversations, SMS , faxes , e-Maile or Internet traffic in general. The communication can for example be levied on the post away on telecommunication cables or in the radio transmission . Forms of communication can be language, text, Morse code , pictures or videos. TKÜ can be used for criminal prosecution , security or intelligence purposes. TKÜ regulations can be found in national legal norms such as laws and, in some cases, international guidelines. Sometimes, due to technical or legal restrictions, only the traffic data (metadata) is recorded and not the communication content. There are international standards for technical implementation in telecommunications networks .


Ever since there was long-distance communication (e.g. letters ) and states , postal traffic could be monitored by the rulers of organized communities. The monitoring options followed technical developments, for example the emergence of wired or non-wired telex and telephone traffic. In front since modern times, the organized communities not usually constitutional states were, there was no intervention authorizations as a legal basis .

State telecommunications surveillance became a means of state law enforcement in the 1890s.

In the United States, the United States Supreme Court did not declare this compatible with the United States Constitution until 1928, when prohibition was at its peak in the United States. At that time Roy Olmstead was convicted and convicted due to telephone surveillance. The American mafia boss Lucky Luciano was also convicted in the mid-1930s with the help of telephone bugs in his brothels.

Telephonkontrolgerät "Jitka" in the late 1960s by the Czechoslovak secret police StB in use

During the Second World War , the warring parties used eavesdropping devices for telephone surveillance intensively by their secret services . The same thing happened through the secret services during the " Cold War "; Foreign messages in particular were bugged by bugs.

In 1963, US Attorney General Robert F. Kennedy allowed the FBI to equip Martin Luther King's home and office with telephone bugs to record alleged communist contacts; In 1966, Martin Luther King's phone bugs were removed. The US-American President Richard Nixon allowed the FBI to monitor four reporters and 13 state officials with telephone bugs in order to use the "obtained" information to expose the monitored persons to the press for discrediting. Another climax followed in 1972 was the Watergate scandal , in which the FBI used telephone eavesdropping devices to spy on the Democratic National Committee at the Watergate Hotel .

Even after the end of the Cold War, the secret services used telephone surveillance. The climax was then the global surveillance and espionage affair of 2013, which Edward Snowden uncovered, as well as further publications by WikiLeaks from 2007, in which the use of eavesdropping devices by secret services were documented and published.


Telecommunication monitoring is the term used in criminal procedure law and police law in Germany for the monitoring of telecommunication processes and content. This includes listening to phone calls and reading e-mails , short messages (SMS) and faxes as well as polling cells . The legal basis for the surveillance is - depending on the cause and objective of the surveillance measure - either the police laws of the federal states , Section 100a of the Code of Criminal Procedure (which is by far the most common case in practice) or Section 23a of the Customs Investigation Service Act .

In the field of intelligence services ( BND , BfV , MAD , LfV ), the legal basis is the Article 10 Act (official abbreviation: G 10). G 10 measure is therefore the usual term for a TKÜ in German intelligence services.

Telecommunications surveillance is an interference with the constitutionally protected basic rights of Article 10 of the Basic Law ( letter , post and telecommunications secrecy ).

Surveillance can be carried out to clarify the so-called catalog offenses listed in § 100a Paragraph 2 StPO , in some federal states also for the purpose of general hazard prevention and in accordance with Section 1, Paragraph 1 of Article 10 of the Law on Defense against Dangers to National Security. Judges (or, since 2008, “the court”) are authorized to issue orders. In the event of imminent danger, the public prosecutor may issue the order, whereby the judicial (judicial) order must be made up for immediately. If this is not done within three (working) days, the measure is considered not approved and must be stopped immediately. A first empirical study on the effectiveness of judicial reservations was presented in 2003 ( see literature ).

For the purposes of the intelligence services, the respective supreme state authorities responsible for the LfV, the Federal Ministry of the Interior for federal intelligence services , and for construction and homeland are authorized to issue orders. Instead of judicial review, these orders are subject to review by the G10 Commission .

The telecommunications surveillance statistics of the Federal Office of Justice contain the number of telecommunications surveillance measures ordered according to the notifications of the state judicial administrations and the Federal Public Prosecutor's Office in accordance with Section 100a of the Code of Criminal Procedure . In addition, the annual overviews can be used to determine the individual catalog offenses of Section 100a of the Code of Criminal Procedure that were used to order the surveillance. Most of the wiretapping measures were ordered because of violations of the Narcotics Act on the basis of Section 100a (2) No. 7a and No. 7b StPO. In 2010, 6,880 cases were registered (33.73% of all cases), in 2012 even 9222; Gang theft and homicides follow at a great distance. In 2010, only 19 cases (0.093% of all cases) related to the distribution, acquisition and possession of child pornography were recorded. In practice, child pornography only plays a marginal role in telecommunications surveillance, in stark contrast to media reporting on this topic.

In 2010 there were 5,493 preliminary investigations in Germany in which telephone calls and computer communications were tapped or monitored (2008: 5,348; 2009: 5,301). A total of 20,398 surveillance measures were ordered (2008: 16,463; 2009: 20,358). This does not include interception measures by the police for preventive purposes and interference by the intelligence services in telecommunications secrecy that is not controlled by the judiciary . In 2012, monitoring of cellular communications was ordered 20,034 times and Internet communications were monitored in 4,488 cases. This is to be distinguished from the publication of traffic data sets .

From January 1, 2008 to March 2, 2010, data retention was also used for telecommunications monitoring.

On August 24, 2017, the law for the more effective and practical design of criminal proceedings came into force, with which the source telecommunication monitoring ("source TKÜ") and online searches were made possible. In the case of Quellen-TKÜ, malware is secretly installed on private computers, laptops, cell phones and tablets so that state authorities can monitor ongoing communication. With the online search, all stored content can be recorded using software installed on the device. "In addition, all files could be manipulated, webcams and microphones on the home computer could be controlled remotely - without the knowledge of those involved, without protocol and without witnesses." also the encroachments on fundamental rights associated with the source telecommunications surveillance ("Quellen-TKÜ") and online searches.

Source telecommunications monitoring

With the increasing spread of encrypted communication, the monitoring of telecommunications is becoming increasingly difficult. Some investigative authorities responded with what they called source telecommunications surveillance (Quellen-TKÜ) . Software is installed on the computer with which the communication to be monitored is carried out, which records the communication prior to the encryption and transmits it to the investigating authority. The source TKÜ is a special form of the TKÜ, which should only record communication before it is encrypted or after it has been decrypted, but should not obtain any information that would not be obtained through a "conventional" TKÜ. However, whether this can actually be defined in practice is controversial.

A distinction is to be made between the source TKÜ and the online search , in which the investigating authorities are allowed to derive evidence-relevant data from the systems of a data subject within the framework of the legal possibilities - including those that are not transmitted remotely, but e.g. B. are stored on the hard drive .

However, the technical implementation of source TKÜ and online searches is similar: In both cases, hacking (e.g. by Trojan horse ) has to gain access to a third-party device, which theoretically always gives full access to all data stored there (with all the risks involved ). As a result, the source TKÜ is to be rated as a considerably more extensive intervention than the “conventional” TKÜ.

To what extent this source TKÜ is legally legitimized by the laws on telecommunications surveillance or represents an inadmissible interference with the basic rights of the person concerned is controversial.

In 2010 it became known that the German customs investigation service uses the source TKÜ to use specially developed software to transfer the content of conversations via Skype to a specific server before it is encrypted.

On October 8, 2011, the Chaos Computer Club (CCC) published an analysis of a program on the source TKÜ and uncovered that the capabilities of the program exceed the monitoring of telephony. The investigated program also made it possible to load any programs from the Internet, to take screenshots and it contained a module which enables the keystrokes to be recorded . Furthermore, simple data, such as B. pictures are uploaded to the computer, including any falsified evidence or other compromising material.

In addition to the constitutionally questionable additional functions, the CCC criticized the Trojan's security functions. Only the upload of the data to be exfiltrated was encrypted, whereby the same key was used in all cases. The control of the Trojan was unencrypted and without authentication, so that a security hole was opened on the computers of those affected.

E-mail telecommunication monitoring

"E-mail telecommunication monitoring (E-Mail-TKÜ)" is a measure in which the e-mail address is the identifier to be monitored in the context of telecommunication monitoring and a corresponding arrangement is implemented in accordance with the relevant specialist laws . The term is not used by the federal law enforcement, investigative and hazard prevention authorities.

Server telecommunication monitoring

With the "server telecommunication monitoring (Server-TKÜ)" the communication data is collected on a server . The server TKÜ is used to research the facts and / or to identify an accused. In the area of ​​cyber defense, it provides information on attack vectors, target spectrum, possible intentions and common approaches of an attacker. The “Indicators of Compromise” (IOC) generated in this way, i.e. the technical characteristics of a cyber attack, are essential for its attribution , but are also used to protect the IT infrastructure of the attacked person.

In the Federal Criminal Police Office, standard servers with a server operating system and standard network components are used to carry out server TKÜ.

Preventive telecommunication surveillance

Competence center for information technology monitoring

The Competence Center for Information Technology Surveillance (CC ITÜ) is a group (OE 2) in the Federal Criminal Police Office (BKA). The group is part of the department OE (operational operational and investigative support) and is divided into four units: Unit OE 21 (Monitoring information technology surveillance / CC malware analysis), Unit OE 22 (Software development and maintenance information technology surveillance (CC ITÜ)) , Unit OE 23 (Telecommunications Surveillance) and Unit OE 24 (Information Technology Surveillance). The CC ITÜ performs tasks of telecommunications and information technology monitoring (TKÜ / ITÜ). Against the background of the increasing diversity and complexity of communication services, innovative ITÜ methods and products are becoming increasingly important. In addition to the implementation of appropriate monitoring measures, one of the centre's main tasks is method development. In addition, services related to the investigation of hacking incidents and malware are provided.

On April 1, 2008, a development team started its work at the BKA with the aim of harmonizing and bundling the fragmented telecommunications surveillance landscape of the 38 security authorities and the approx. 80 surveillance systems of the federal and state governments. As a first step in the multi-stage construction and expansion, the Federal Ministry of the Interior planned to concentrate the technical processes at the Federal Administration Office on one technical platform by mid-2009 . This new organizational structure enables the knowledge carriers of the federal authorities to work closely together spatially and organizationally. The Federal Ministry of the Interior sees the strict separation between technical / scientific tasks and the content analysis of the TKÜ data ensuring the principle of organizational separation between intelligence services and the police .

Were founded in order to better meet the technological change (" Next Generation Network "), in the core of the new organizational structure:

  • a competence center-TKÜ ( CC-TKÜ ) to bundle the conception, planning and research activities,
  • a service center TKÜ ( SC-TKÜ ) as a service provider for setting up and operating the information technology infrastructure for the participating authorities.

In a confidential statement in September 2008, the Federal Audit Office sharply criticized the project because the parameters "were changed until the desired result could be calculated in favor of the bundling model" and recommended "alternative solutions" to be examined.

The then Federal Commissioner for Data Protection , Peter Schaar , expressed concern about the merger without a clear legal basis, which lays down the legal, technical and organizational requirements for cooperation in the implementation of monitoring measures: “A lot of experience shows that if such possibilities exist and there is a corresponding change in the general political weather situation, for example if the security situation worsens that this information would then be merged. "

The service center, which also functions as a think tank , started work in early August 2009. In Bavaria there has been a TKÜ competence center at the Bavarian State Criminal Police Office since 2006.

Authority practice

In March 2008 the Customs Criminal Police Office announced in the Official Journal of the European Union that it had received two orders for “TKÜ Auswerte - SW” and “TKÜ Auswerte Hardware u. Software licenses ”to the Hessian company“ DigiTask ”. In January 2009, the Customs Criminal Police Office announced that it had placed another order for 2.1 million euros with the Hessian company DigiTask for the delivery of hardware and software for telecommunications surveillance (TKÜ). Another order for “hardware maintenance and software maintenance services on stationary telecommunication monitoring systems” for 700,000 euros was also awarded to “DigiTask” by the ZKA in January 2009.

In January 2008, the LKA Baden-Württemberg announced in the Official Journal of the European Union that they had placed an order with the Hessian company “DigiTask” for the “TKÜ application and service for the creation of a complete TKÜ system for 1.2 million euros Police of the state of Baden-Württemberg and the maintenance of the entire system ”. In November 2008, the Bavarian State Criminal Police Office placed an order with “DigiTask” worth almost 250,000 euros for the “expansion of the TKÜ system with an archive system”.

The Pirate Party Germany published a letter in January 2008, allegedly from the Bavarian Ministry of Justice , in which the costs and services of a spying software offered by " DigiTask " were communicated and the lack of clarity in the assumption of costs was pointed out. The authenticity of the letter is supported by the fact that in September 2008 the police searched the premises of the party's press secretary to determine the identity of the informant.

In May 2009, Hessen announced the establishment of 1000 police and judicial workstations for telecommunications surveillance. A special requirement of the software is that, as a rule, 500 users log on at the same time in order to carry out monitoring measures. The order volume was given as 2.5 to 4 million euros. In March 2010, Hessen announced that an offer had been received and an order worth 5.34 million euros had been placed with the Saarland company Syborg .

Referring to the illegal use of a state Trojan by the Bavarian state government, Harald von Bose , the state commissioner for data protection in Saxony-Anhalt , expressed skepticism in March 2011 about the planned introduction of preventive source telecommunications monitoring by the state government of Saxony-Anhalt.

According to the respective interior ministers, Trojans were used by the investigative authorities of Lower Saxony , Rhineland-Palatinate , Bavaria and Brandenburg until October 2011 . The interior ministries of Saxony and Hesse initially did not respond to inquiries from the news magazine Der Spiegel , while the interior ministry of North Rhine-Westphalia initiated inquiries to find out whether Trojans were already being used in NRW. On October 10, 2011, Baden-Württemberg stopped using the software. Interior Minister Reinhold Gall (SPD) admitted that up to this point the Baden-Württemberg police had used the same basic version of the Trojan as in Bavaria.

Other versions of the state trojan are still used in Germany.


In English, telecommunications surveillance is called Lawful Interception or Legal Interception (LI). These are English technical terms for a feature that all technical facilities of public networks must offer: a possibility that authorized government agencies can connect to certain connections and listen to the traffic running there. For example, switching centers in the telephone network must enable this.

While in the older technology it was still a question of call jacks to which telephones were connected, today it is an automatic, standardized IT process that also includes location, billing information, e-mail addresses, login names, operating times of the Devices, SIM , IMSI and PUK numbers as well as MAC and IP addresses can be recorded and saved in advance. The operators of the public networks will not be reimbursed for the running costs that arise from the provision of the connection options. The provision is mandatory for commercial use of such a network in order to obtain a license from the Federal Network Agency and to maintain operation.


Many criticisms have been made of the implementation and use of telecommunications surveillance. Telecommunications surveillance is undoubtedly an interference with fundamental rights. Such an intervention is only permitted for the prosecution of the most serious crimes or to prevent terrorist attacks, for example. Potential abuse must be prevented, but occurs both in dictatorships and in democratic countries. Criticism is therefore also voiced against manufacturers of surveillance systems, especially when these are exported to countries in which human rights are not respected.

See also


Web links

Individual evidence

  1. a b Time: Brief History: Wiretapping
  2. a b Guide to data access, particularly in the telecommunications sector. (PDF; 429 kB) Munich Public Prosecutor's Office, June 2011, accessed on December 5, 2011 .
  3. a b Federal Office of Justice: Justice statistics: Telecommunications surveillance
  4. a b The state is listening in ( memento from September 24, 2009 in the Internet Archive ). September 22, 2009.
  5. Martin Gropp: The cell phone in particular is monitored - FAZ, May 6, 2014
  6. a b c Netzwelt - Surveillance Act: State Trojans should also read WhatsApp for authorities . In: Neue Westfälische , Neue Westfälische, June 26, 2017. Archived from the original on February 8, 2019. Retrieved on February 8, 2019. 
  7. ^ Bielefeld. "Digitalcourage" association plans lawsuit against "state trojans" . In: Neue Westfälische , Neue Westfälische, July 27, 2017. Archived from the original on February 8, 2019. Retrieved on February 8, 2019. 
  8. backgrounds: State Trojans to read along in times of WhatsApp & Co . In: Die WELT , Die WELT, June 22, 2017. Archived from the original on February 8, 2019. Retrieved on February 8, 2019. 
  9. ^ New surveillance law: Hacker attack from the Bundestag . In: SPIEGEL Online , SPIEGEL Online, June 22, 2017. Archived from the original on February 8, 2019. Retrieved on February 8, 2019. 
  10. Controversy over surveillance law The police, your friend and hacker . In: Spiegel Online , Spiegel Online, June 22, 2017. Archived from the original on February 8, 2019. Retrieved on February 8, 2019. 
  11. ^ Source TKÜ and online searches - necessity, state of affairs and framework conditions. In: . BKA, accessed on January 4, 2019 .
  12. On the illegality of source telecommunications surveillance on the basis of § 100a StPO. HRRS, October 20, 2010, accessed March 10, 2011 .
  13. ^ Florian Albrecht: Illegal online search by the Bavarian State Criminal Police Office . In: JurPC . tape 59/2011 , April 5, 2011, paras. 1-30 ( online ). Make so-called screenshots
  14. Special program: Customs investigators eavesdrop on web calls. Spiegel Online , October 9, 2010, archived from the original on October 9, 2010 ; Retrieved October 9, 2010 .
  15. Analysis of a government malware, page 5. (PDF; 191 kB) Chaos Computer Club , October 8, 2011, accessed on October 12, 2011 .
  16. ^ Staatstrojaner, interview with the constitutional lawyer Ulf Buermeyer, Min.36ff. Kitchen radio , October 12, 2011, accessed October 12, 2011 .
  17. ^ Chaos Computer Club analyzes state Trojans. Chaos Computer Club , October 8, 2011, archived from the original on October 8, 2011 ; Retrieved October 8, 2011 .
  18. The German state Trojan was cracked. Frankfurter Allgemeine Zeitung , October 8, 2011, archived from the original on October 8, 2011 ; Retrieved October 8, 2011 .
  19. a b c Printed matter 19/5874. In: . German Bundestag , November 20, 2018, accessed on January 4, 2019 .
  20. Organizational overview of the Federal Criminal Police Office. In: . BKA, December 1, 2018, accessed January 4, 2019 .
  21. Department "Operative Operations and Investigation Support" (OE). In: . BKA, accessed on January 4, 2019 .
  22. ^ Reply of the Federal Government. (PDF; 120 kB) Printed matter 16/10050 - Establishment of new federal structures for telecommunications surveillance. In:
  23. ^ New listening center in Cologne . In: telepolis. May 15, 2005.
  24. Page no longer available , search in web archives: For the bundling and further development of telecommunication monitoring - two centers for competence and service at the Federal Office of Administration . @1@ 2Template: Toter Link / The Federal Ministry of the Interior for the German EU Council Presidency.
  25. Audit Office criticizes Schäuble's eavesdropping plans . In: Spiegel Online. September 27, 2009.
  26. Monitoring technology centrally managed . In: Taz. December 21, 2007.
  27. Data protection officers against Schäuble's eavesdropping center . In: Heise Online. August 3, 2009.
  28. Customs Criminal Police Office: delivery order - 70229-2008. In: Official Journal of the European Union . March 14, 2008, archived from the original on October 11, 2011 ; accessed on February 14, 2016 .
  29. Customs Criminal Police Office: delivery order - 70231-2008. In: Official Journal of the European Union. March 14, 2008, archived from the original on October 11, 2011 ; accessed on February 14, 2016 .
  30. Customs Criminal Police Office: delivery order - 26158-2009. In: Official Journal of the European Union. January 29, 2009, archived from the original on October 11, 2011 ; accessed on February 14, 2016 .
  31. Zollkriminalamt: Service contract - 20674-2009. In: Official Journal of the European Union. January 23, 2009, archived from the original on October 13, 2011 ; accessed on February 14, 2016 .
  32. ^ Landeskriminalamt Baden-Württemberg: delivery order - 23600-2008. In: Official Journal of the European Union. January 29, 2008, archived from the original on October 11, 2011 ; accessed on February 14, 2016 .
  33. Bayer. State Criminal Police Office: delivery order - 307886-2008. In: Official Journal of the European Union. November 28, 2008, archived from the original on October 11, 2011 ; accessed on February 14, 2016 .
  34. LKA Bayern already uses "Bayerntrojaner" for VoIP eavesdropping? (PDF) Pirate Party , 2008, accessed February 14, 2016 .
  35. Pirate party in focus - existence of the Bayern trojan confirmed. Pirate Party, September 17, 2008, archived from the original on March 5, 2009 ; accessed on February 14, 2016 .
  36. ^ Presidium for technology, logistics and administration , Hessen: delivery order - 121111-2009. In: Official Journal of the European Union. May 2, 2009, archived from the original on October 14, 2011 ; accessed on February 14, 2016 .
  37. ^ Presidium for technology, logistics and administration , Hessen: delivery order - 91422-2010. In: Official Journal of the European Union. March 30, 2010, archived from the original on October 14, 2011 ; accessed on February 14, 2016 .
  38. Dr. Harald von Bose : X. Activity report of the State Commissioner for Data Protection Saxony-Anhalt from April 1, 2009 - March 31, 2011: 20.2 Source telecommunications monitoring. In: Activity reports of the state representative. March 31, 2011, accessed August 5, 2018 .
  39. ^ Ole Reissmann, Christian Stöcker, Konrad Lischka: Plumper Snoopers: Virus programs recognize the state trojan Der Spiegel , October 10, 2011
  40. Country stops the use of federal Trojans. In: Stuttgarter Nachrichten . October 10, 2011, accessed February 14, 2016 .
  41. Online search: Friedrich defends surveillance by Trojans. In: Frankfurter Allgemeine Zeitung. October 15, 2011, accessed February 14, 2016 .
  42. ETSI - "lawful interception" standards .
  43. Die Zeit: ring three times = terrorist . January 4, 2010.
  44. Leila Nachawati: Syria Files: More Western Technology for the Regime. Global Voices Online , translated by Katrin Zinoun, July 10, 2012.