State as a hacker? NGOs warn of catastrophic surveillance legislation!

State as a hacker? NGOs warn of catastrophic surveillance legislation!

In a current debate on the planned monitoring of Messenger services, data protection officers and NGOs have raised an alarm. The draft law, which is to be decided in the National Council between Wednesday and Friday, is criticized as a "historical step back for general security". Over 40 organizations, including renowned data protection groups such as Epicenter.Works, Greenpeace and the Catholic campaign, have directed an open letter to all Member of the National Council to protest the so-called "dangerous monitoring". They warn of the dangers of such legislation for individual freedom and privacy.

A central argument of the critics is the lack of independent control because the Ministry of the Interior would control itself. Technically, targeted monitoring of messenger services is only possible if the entire device is attacked, which means that the state would be a hacker itself. This procedure could deliberately leave security gaps open and have significant consequences for all users: inside. According to the NGOs, this could have particularly serious consequences for journalists, activists, scientists and opposition forces.

international examples of surveillance

The risk of such surveillance is not theoretical. Alarming developments have already been shown in other countries. In Spain, the intelligence service was accused of monitoring mobile phones from Catalans, journalists and government members with the “Pegasus” spy software. The events in Greece were similar during the so-called "Predatorgate" scandal, in which politicians and journalists were targeted. In Poland, the authorities use Pegasus against almost 600 people, including many opposition and lawyers.

These examples not only show the potential for abuse of technologies for monitoring, but also the dangers of democratic structures. Messenger monitoring was included in the government program by the ÖVP as a claim. After initial inconsistencies on the compatibility, one finally agreed on a draft law, whose support from the government parties in the National Council is uncertain.

Technological risks from SpionaS software

The discussion about surveillance is also reinforced by the technology behind spy software such as "Pegasus". NSO Group, an Israeli company, has developed the software that is able to bypass the encryption of platforms such as WhatsApp, Signal and Telegram. According to reports, Pegasus can monitor over 50,000 telephone numbers worldwide and gives hackers comprehensive access to smartphones, including camera and microphone.

experts emphasize that the largest weak point is actually the end device itself, not the encryption methods themselves. The Federal Government even plans to weaken the encryption by the Bundestrojan in order to monitor communication through protected messenger. These measures could question the overall security of encryption and have serious consequences.

The importance of data protection becomes particularly clear in this context. Data protection laws, such as the EU Data Protection Regulation (GDPR), were introduced to ensure the protection of personal data and prevent abuse. Principles such as the processing of personal data only with a permissible legal basis and the right to information and deletion should ensure that the privacy of users is respected. However, it is pointed out that developments in technology and their handling of the governments constantly face new challenges for data protection

The NGOs hope that the open letter can mobilize further MPs to take action against the impending law decision. The concerns of the experts and activists about data protection as well as the threat of state surveillance systems are more relevant than ever in today's digital world.