Details on German State Trojan programme

By EDRi · October 24, 2012

This article is also available in:
Deutsch: [Details zum Deutschen Staatstrojaner | https://www.unwatched.org/EDRigram_10.20_Details_zum_Deutschen_Staatstrojaner?pk_campaign=edri&pk_kwd=20121024]

Some documents spotted by the Annalist blog that were issued by the
German Government in July 2012, within a parliamentary enquiry about
expenditures by the German Federal Ministry of the Interior, clearly
show more details about what was revealed a year ago by EDRi member CCC
(Chaos Computer Club) – that the German police has been spying and
monitoring Skype, Google Mail, MSN Hotmail, Yahoo Mail and Facebook
communications. The tool used by the police is a Trojan programme
created by Digitask company, the so-called “Staatstrojaner”.

The German law allows the police to use data interception tools on
computers for eavesdropping, but the Constitutional Court has introduced
certain limitations interdicting the use of such tools to access private
data or take control of a suspect’s computer. In 2011, the Ministry of
Justice promised to give up the initial Trojan virus and have new
software created internally: “The software by DigiTask GmbH that was
used in the past for computer surveillance (lawful interception) is not
currently being used by federal public authorities any more. The
software that will be used for computer surveillance will be developed
by a competence centre established within the Federal Criminal Police
Office. It will be safeguarded that the source code will be audited
regarding its range of functions by qualified experts. It will also be
accessible for the relevant authorities for data protection (among
others the Federal Commissioner for Data Protection).”

But the recent governmental expenditure documents show also that the
German Government is far from being able to produce software for lawful
interception that complies with the decision of the Federal
Constitutional Court.

“The development of software by the Federal Criminal Office is
presumably going to take months if not years. We may even have to
ruefully admit that we lack the capability completely,” stated the
spokesman on domestic policy of the Conservative Party.

In France as well, since Loppsi2 legislation has come into force in
2011, the police is allowed to place spyware on the computers of people
suspected by various crimes. This surveillance is however carried out
under the authority of a judge who needs to explain why its usage was
needed in that respective case.

Hacker News Puzzle (17.10.2012)

Hacker News Puzzle

One year later:German police unable to develop ‘state trojan’ (12.10.2012)

One year later: German police unable to develop ’state trojan‘

German police monitors Skype, GoogleMail and Facebook chats (3.10.2012)

German police monitors Skype, GoogleMail and Facebook chat

German Gov’t Inadvertently Reveals Police Monitor Gmail, Skype, Facebook
& Use Snooping Malware (10.10.2012)
https://www.techdirt.com/articles/20121009/08281520662/german-govt-inadvertently-reveals-police-monitor-gmail-skype-facebook-use-snooping-malware.shtml

German police spyware is also targeting Skype, Gmail, Facebook…(only
in French, 10.10.2012)
http://www.numerama.com/magazine/23989-le-mouchard-de-la-police-allemande-vise-aussi-skype-gmail-facebook.html