German Government Spying on Citizens with Faulty Malware

The German Ministry of the Interior routinely uses spyware to monitor its citizens’ online communications, according to the ministry’s response to a parliamentary inquiry.

The detailed disclosure was part of a 43-page response to questions from Left Party MP Jan Korte about the ministry’s expenditures on private service providers.

The list of expenditures revealed that the ministry monitors Skype, Gmail, MSN Hotmail, Yahoo Mail and Facebook chat with software from private firms.

Last year, Europe’s largest hacker group,  the Chaos Computer Club, reverse engineered one such program — a “state trojan” created by Digitask — which had similar capabilities as the infamous FinFisher spyware used by authoritarian regimes to crack down on activists during the Arab Spring.

The hackers’ analysis showed that the Digitask program lacked the safeguards needed to make the software compliant with the German Constitution, and that it also contained significant security flaws.  The group was even able to create its own program to remotely operate the government spyware.

Korte’s inquiry also revealed that Hesse-based Digitask’s claim of “trade secrets” meant that the Interior Ministry was prevented from examining the spyware’s source code, and so was likely unaware of the program’s potential for abuse.

This lax approach to privacy by the ministry in dealing with Digitask is a sharp contrast the German government’s handling of privacy concerns involving American companies like Google and Facebook.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s