The German Ministry of the Interior routinely uses spyware to monitor its citizens’ online communications, according to the ministry’s response to a parliamentary inquiry.
The detailed disclosure was part of a 43-page response to questions from Left Party MP Jan Korte about the ministry’s expenditures on private service providers.
The list of expenditures revealed that the ministry monitors Skype, Gmail, MSN Hotmail, Yahoo Mail and Facebook chat with software from private firms.
Last year, Europe’s largest hacker group, the Chaos Computer Club, reverse engineered one such program — a “state trojan” created by Digitask — which had similar capabilities as the infamous FinFisher spyware used by authoritarian regimes to crack down on activists during the Arab Spring.
The hackers’ analysis showed that the Digitask program lacked the safeguards needed to make the software compliant with the German Constitution, and that it also contained significant security flaws. The group was even able to create its own program to remotely operate the government spyware.
Korte’s inquiry also revealed that Hesse-based Digitask’s claim of “trade secrets” meant that the Interior Ministry was prevented from examining the spyware’s source code, and so was likely unaware of the program’s potential for abuse.