Monday, November 04, 2013

Germany: Privacy protections must go beyond 'no-spying act'

Washington and Berlin are close to agreeing not to spy on each other. That won’t be enough, Germany's data protection commissioner tells GlobalPost.
By Jason Overdorf
GlobalPost (November 4, 2013)

BERLIN, Germany — German intelligence officials are meeting with their American counterparts in Washington on Monday for a second round of talks aimed at hammering out a so-called “no spying pact” that would ensure US spooks never again snoop on Chancellor Angela Merkel's phone calls.

But Germany's data protection commissioner believes that’s far from enough for protecting the privacy of ordinary citizens.

“There must be a complete redesign of the structures and methods and rules governing secret services and collection of data by those secret services,” the Federal Commissioner for Data Protection and Freedom of Information Peter Schaar said in an interview with GlobalPost.

He said it’s crucial that the right to privacy extends beyond borders and not remain restricted to US citizens, and that it must include clear regulations defining who can be targeted for surveillance and what kind of data can be collected.

“The complete change that has happened 10 or 15 years ago — especially after 9/11 — [has been to] go away from collecting data on suspects to collecting all data you could collect without any suspicion or any concrete information that there are threats,” Schaar said. “This is one of our main problems.”

A balding, avuncular figure, Schaar has spent the past decade in his post working to establish rules for protecting privacy in Germany and the European Union.

But he’s recently emerged as the most trenchant German critic of how his country has handled the NSA scandal. Calling for Merkel to play hardball to secure broader commitments from President Obama, he believes Edward Snowden's revelations have opened a “window of opportunity” for Germany to extend the protection of its citizens and for the EU to push through tough new privacy laws.

That window could be closing fast, however.

On Monday, Gerhard Schindler, head of Germany's Federal Intelligence Service (BND) and Hans-Georg Maassen, head of the Federal Office for Protection of the Constitution (BfV), were set to meet with NSA officials to iron out the details of a pact not to spy on each other, Germany's Die Zeit reported.

The talks follow discussions last week that included Merkel's foreign policy adviser, the coordinator of the German secret service, US National Security Adviser Susan Rice, Director of National Intelligence James Clapper and Lisa Monaco, assistant to the US president for homeland security and counterterrorism.

German officials expect the “no spying” agreement to be finalized by early 2014, according to Die Zeit. But how far the pact will go in limiting the rights of the NSA and similar agencies remains to be seen.

The German magazine Der Spiegel reported on Sunday that the two sides have agreed not to conduct industrial espionage on each other in the future.

Presumably, a pact will be hammered out to also protect Merkel's phone — the hacking of which turned Germany from quiet supporter to dogged NSA critic. However, nothing is known about any protections the deal may offer to ordinary citizens.

In Germany, where both the Nazis and the communist government of the former East employed ruthless agencies to spy on their own people, that's unlikely to assuage fears surrounding the NSA's massive internet surveillance programs.

“The Obama administration said previously that they do not spy for business purposes,” Schaar said.

“If they now say, 'Oh, well, we confirm that we don’t spy for business purposes,' we can believe this or not. But it is not an advantage compared with the situation before. We need much more comprehensive rules for what is allowed and what is a no-go area.”

Merkel has repeatedly said that concerns over the NSA scandal should not be allowed to affect business. Schaar disagrees.

Last week, the commissioner called for Germany to stop sharing banking information with companies in the United States and to suspend the Safe Harbor agreement that allows American companies operating within the European Union to transfer customer data and store it in the US — moves that would create some chaos in the business world.

He also argued in favor of suspending negotiations for the much-vaunted US-EU free trade pact.

Despite the ongoing talks for the no-spying pact, he sees no reason to back down now.

“I followed the hearing of [NSA director Keith] Alexander and Mr. Clapper in front of the intelligence committee. They said: 'What we did was in compliance with US law and we need this. We do not intend to change.' If we get this message, I would say of course there must be a clear answer from the European side.”

Although the capabilities of its own intelligence services pale in comparison with the NSA’s, Germany has also shifted from tracking concrete suspects to trolling the internet for useful information. But its clearly defined limits on that information-gathering could shape the direction of a no-spying pact as well as further regulations currently under debate in the European Parliament.

Germany's so-called G-10 act — which relates to the surveillance of communication protected by article 10 of the German constitution — bars the intelligence services from monitoring more than 20 percent of the overall internet traffic, according to Schaar.

Moreover, the search terms used to filter communications must be cleared through a parliamentary commission — ensuring, at least to some degree, that the civilian government knows what its clandestine operators are doing.

However, based on what’s known of the scale of NSA operations and Washington’s apparent use of the UK's General Communications Headquarters (GCHQ) to skirt what limited US regulations do exist, those limitations must now go much further, Schaar believes.

“Governments can’t be convinced by good words or the public alone, he said. “Especially if that public is outside their own country.”

http://www.globalpost.com/dispatch/news/regions/europe/germany/131104/germany-privacy-protection-peter-scheer-no-spying-act