The German Ministry of Interior (BMI) has authorized the use of a new hacking tool for criminal investigations since January, according to recent reports by German daily Die Welt . Like other previously deployed government Trojan programs, it is nick-named “Bundestrojaner”. The new version, developed by Munich-based IT surveillance company FinFisher GmbH, enables criminal investigators from the German Federal Criminal Police Office (BKA) and state (Länder) criminal police offices to access individual suspects’ devices and to surveil their real-time communication before it is encrypted by messenger programs such as WhatsApp. Officially, this surveillance procedure is referred to as “source telecommunication surveillance” (“Quellen-Telekommunikationsüberwachung”).
In summer 2017, the Bundestag had passed a law amending §100 of the German Criminal Code and extending the scope of application for surveillance measures and “source communication surveillance” in particular. But the law itself and government hacking more generally remain highly contested. Critics argue that it obstructs individuals’ privacy and harms IT security , . The German Federal Constitutional Court might even rule parts of it unlawful. We’ll explore some of the reasons below.