The WIP The global source for women's perspectives

Personal Data Is Now on the Record in Germany

by Rose-Anne Clermont

BERLIN – Seventy years ago, every kernel of a German’s identity was accessible by the government; financial statements, personal correspondence, family and religious information remained unprotected and defenseless. Private was what could be hidden in an attic, in the lining of a coat, or quickly swallowed in desperation. The absence of data protection allowed for Nazi officials to easily pick apart its citizens and brand them with a star or deem them racially superior.

Less than a generation ago, the former German Democratic Republic (GDR) was notorious for its secret police, the Stasi, who regularly bugged telephones, opened and censored letters between family members, colleagues and lovers and broke into normal people’s homes without probable cause. The regime also perpetuated an overcrowded network of spies, including ordinary citizens who snooped on their neighbors and friends. Even spies were scrutinized by Big Brother in a society static with fear and distrust.

“There were some things we just didn’t say outside of our house,” remembers Barbara Boock, 73, of both regimes. “One never spoke about politics outside of the family.” Boock was born in a small eastern town outside of Jena, in 1934, a year after the Nazis came to power. Because her parents were Anthroposophist, (a spiritual philosophy known mostly for Waldorf schools and biodynamic agriculture) the family was scrutinized by the Nazis. “I remember coming home from school and watching the Gestapo storm through our house and take away all of our Anthroposophist books.”

After the war, growing up in the GDR, Boock remembers the Gestapo essentially being replaced by the Stasi. “We all did what was referred to as ‘the German glance’. You looked all around you and behind your back whenever you left the house. The term comes from the Nazi era, but we all did it in the GDR as well…we had friends who had been taken away and never seen again.”

This is the history that makes privacy such a sensitive issue for Germans, regardless of age, religion or on which side of the Wall they grew up. It is an issue that sent 10,000 Germans to the streets on November 6th, to protest a German data retention law passed three days later in the German parliament.

“National socialism and the GDR regime are still very current in the everyday social discussion, even without the collective psychological repression taking place [now]” says Dr. Thilo Weichert, head of the Independent Center for Data Protection in Schleswig-Holstein, one of Germany’s 16 state-level data protection agencies.

Under the German law, mandated by a European Union anti-terrorism directive from 2006, telecommunications companies are required to store customer data; who called, emailed or faxed whom, when and where, for six months, in the event the information is needed for a criminal investigation. The German law also prohibits the use of fictitious Internet identities, even though this is not required under the EU directive.

The Greens called the parliamentary voting results, 366 to 156 for the law, with 2 abstentions, a ‘black day for civil rights’ and ‘a sad day for democracy.’

In defense of the law, Federal Justice Minister Brigitte Zypries said on public television “We’re not storing the content of the conversations. We’re storing who spoke to whom.”

This, says Ricardo Cristof Remmert-Fontes of the German Working Group on Data Retention – which organized the protest marches – is already too much. “It is an excessive invasion of personal privacy,” he says, “which is a human right.”

The Working Group, a grass-roots organization of civil rights and data protection activists and regular citizens, has already collected over 13,000 signatures to bring a suit against the new law to Germany’s Federal Constitutional Court.

German doctors, lawyers and journalists are among the most vocal in the suit. To their outrage, they have no full immunity under the law. In certain circumstances, investigators can bug their telephone conversations. Parliamentarians, religious clergy and state prosecutors, on the other hand, do have full immunity.

“It’s incomprehensible to me why a conversation with a doctor or a lawyer should be less protected than that of a clergy, state prosecutor or parliamentarian,” said Peter Schaar, the Federal Commissioner for Data Protection in a statement made shortly after the parliamentary vote.

Six years ago, as the world struggled to digest what had happened on September 11, 2001, Europe cringed when American legislation like The Patriot Act was passed. Data protection advocates here strongly criticized America’s apparent readiness to toss aside fundamental civil rights in the name of fighting terrorism.

Yet after the bombings in Madrid in 2004 and then in London in 2005, the span and capabilities of the world’s terrorism networks struck fear into Europe as well, and the EU established a data retention directive that some say is just as worrisome as The Patriot Act.

“The data retention law and the Patriot Act have the same ideological and historical background,” says Weichert. “All people are treated and registered as potential suspects, bureaucratic security is put above everything, especially above civil rights, and these measures are legitimized by terrorism in general and by the 11th of September in particular.”

Indeed, the EU continues to pass more legislation to keep in line with anti-terrorism measures mapped out by the US, despite the protest of civil rights and data protection advocates here on the continent. The EU agreed with the US this past summer, after years of negotiations, that European flights to and from the US must provide Homeland Security officials with 19 categories of information about each of its passengers (name, travel itinerary, frequent flyer information, changes made to reservations, are just a few). US security officials will then store the data “actively” for seven years and then move the data for another eight years to a “dormant” status.

Also this past summer, the EU agreed to allow US terrorism investigators access to international money transfers managed by the Belgian-based SWIFT (a network used by most international banks for inter-bank transactions), even though SWIFT had initially come under fire by the EU for allowing the US to see transaction data on EU citizens during investigations following September 11th.

Here in Germany, the data retention law is one of a series of blows to data protection and privacy advocates. Earlier in November, the German government began issuing passports with biometric fingerprints. Under a Homeland Security law from 2002, travel to the US requires biometric passports from EU citizens if they want to continue enjoying their non-Visa status. Biometrics refers to characteristics unique to each individual (face, fingerprints, iris, DNA).

The emergence of biometric passports lent urgency to the government’s consideration of adding biometric fingerprints to German IDs by the end of 2009. “Citizens have a choice if they want to travel to a country that requires fingerprints for entry,” says Verena Meyer, a spokesperson from the Federal Commission for Data Protection, “but every German citizen has to have an ID card. Fingerprints are normally only required of accused criminals.”

Data protection advocates here have warned that Germans will soon become “transparent” citizens, with every movement, conversation or bank transaction stored on one chip or another and filed into one huge database. That fear was once limited to conspiracy theories or political fiction eerily foreshadowed in George Orwell’s 1984.

“We didn’t have telecommunications back then,” says Boock of her childhood in a rural GDR town. “And even though all of this technology is convenient, it also exposes you more, it allows more of you to be controlled.”

About the Author

Rose-Anne Clermont is an American freelance journalist based in Berlin. She has contributed to Spiegel Online, International Herald Tribune and (in German) to die Zeit.

Back to top