What happens when a bureaucracy goes wild? Well, you can end up in a situation where private companies are facing the most restrictive privacy regime in the world, while government agencies are at liberty to spy on their people at will. Germany - my country of origin, and the country that claims to have "Informationelle Selbstbestimmung" (roughly: information self-determination) - has now completed a fairly comprehensive system of laws limiting fundamental human rights viz-a-viz the government:
Just yesterday, the so called "BSI Gesetz" was passed, which allows the BSI (roughly comparable to the NSA) to store and analyze any communication of government agencies, in particular exchanges between the people and government employees. So anytime you send an email to any German agency or visit their websites, the BSI will store all communication parameters and use them as they see fit. They claim pseudonymization, but they reserve the right to make the data identifiable again at any time. Inadvertently collected information may be used in any legal proceeding against you. So beware, if you send them mail, call them, or even just visit their web sites. The most chilling aspect is that this total oversight – with an equivalent lack of transparency and accountability - has echoes of two periods in German history which the country does not recall with pride: the periods which are closely associated with the Gestapo and the Stasi.
Just a week earlier, a censorship law was passed that is officially aimed at blocking access to websites containing pornographic material depicting minors. While I wholeheartedly agree with the goal to persecute the criminals that produce, distribute, and consume such media, the law is implemented in worst possible way: a secret set of lists will be created by the BKA (comparable to the FBI) that determines which web sites are to be blocked. This activity is supposedly to be monitored by the Datenschutzbeauftrager (roughly: federal privacy commissioner), who has already indicated that his agency is neither capable nor willing to perform this function. Strong promises were made prior to passing the law that this new "federal firewall" infrastructure will only be used in the context of access prevention to objectionable pornographic material; there have now already been demands to also use it to block access to "Killerspiele" (i.e. first person shooters), Nazi propaganda material, and also pull this entire approach to the E.U. level to guard all Europeans from bad influence. Thought police, anyone?
This new legislation is on top of a slew of other nonsense, like the ability of almost any government agency to investigate your financial situation without a warrant, a lifelong globally unique tax ID, a national ID card that will soon contain biometrics, the requirement to inform the agencies of any change of address, and a federal broadcast tax that is collected by the GEZ, which has received the second ever "Big Brother Lifetime Award".
But - satisfying all prejudices about being thorough - there is more to come: my big favorite is the current health record proposal - which centers around the “Gesundheitskarte” (literally: health card, their health insurance card), but in reality will create the biggest database of medical records ever: Gematik will store all electronic health records of all patients in the entire health care system, including the - nominally - independent private insurers. If interested, take a look at their “Security Whitepaper” (German only, sorry): other than explaining the benefits of using a symmetric key for bulk encryption and public/private keys for key negotiation they have little to offer. If this is Gematik's level of competence in security and privacy, then I predict happy times for identity thieves specializing on the German patient.
What amazes me most is the ease with which all these regulations are introduced and accepted: yes, there has been some protest against the federal firewall law, but in the end it still passed and - quite frankly - I cannot imagine that any future administration will even attempt to remove it. It seems to me perverse that a government is misusing the compassion for victims of the most horrific crime to introduce a comprehensive cyber censorship infrastructure. This can only serve as a sobering reminder that even 20 years after the fall of the last dictators in Europe, there are countries in the continent which still have not fully embraced what her most gifted thinkers had set out to achieve more than 350 years ago. As most of you know, I now live and work in the United States - and fervently hope that this may never happen here.
[Many thanks to Robin for correcting some of my many mistakes].
tags; privacy censorship orwell nanny state healthcare
Copyright by Gerald Beuchelt.
The opinions expressed herein are my own personal opinions and do not represent my employer's view in anyway.
In addition, my opinions can change. This weblog provides a momentary snapshot of such opinions. Existing posts that were written in the past do not necessarily reflect my current thoughts and opinions.
For the purposes of attribution, the author is "Gerald Beuchelt" and attribution shall provide a (clickable, where possible) URL to this site.
© 2010, Gerald Beuchelt
E-mail