Leaders Germany: Governments ask for user data massive

As can be seen from data from the E-Mail provider Proton Mail, governments ask to a much higher level of user data from large technology companies than ten years ago. According to the evaluation that the FAZ is present, data from 164,472 user accounts to the governments of the EU were passed on by Google, Meta and Apple in the first half of 2024. The evaluation of Proton is based on the transparency reports of the respective companies, which they themselves publish on their website.

With the inquiries and received data records, Germany is a leader among the EU countries. 76,910 data records, not quite half of all handed over, do not apply to German authorities. In the second half of 2014 there were still 2976 data records. France with 25,772 data records and Poland with 17,916 are currently behind Germany. In general, the EU governments were given almost fifth times as many data records from the three companies in the first half of 2024 as in the second half of 2014. At that time there were a total of 11,133.

How granular the data that is handed over depends on the company and the request. “Although we do not know exactly what the type of data was requested, many inquiries certainly aim at private, personal and sensitive data,” writes Raphael Auphan, responsible on the board of proton for the operational business, the FAZ Meta, for example, leads in its transparency information that some inquiries are limited to the name and registration date, others also demanded content or credit card information published on the accounts published on the accounts an. In any case, META will check out the inquiries before processing to their authenticity and only issue certain data only on presentation of court decisions or in accordance with local laws. Similar formulations can be found on the corresponding Google and Apple website.

At the end of February, Proton published a similar evaluation of the data that was published to the American government. From 2014 to 2024, Meta, Google and Apple passed on the data of around 3.2 million user accounts to American authorities. Data records that have been requested under the American “Foreign Intelligence Surveillance Act” (FISA) are not yet included. Under certain circumstances, FISA allows you to request data from technology companies without prior procedures and without a court order.

Proton Mail does not blame the technology company that they adhere to local laws and answer inquiries from law enforcement authorities. However, Proton criticizes the decisions of the companies if they do not protect their services with an end-to-end encryption from access by companies themselves and from third parties. This is justified in the business models of the companies that earn a large part of their sales through personalized advertising.

In order to adapt advertising on the Internet precisely to users, the companies collect data on the preferences and behaviors of their users and thus create detailed profiles of them. “Everything the government has to do to find out as well as everything that it could ever know is to make an inquiry to Big Tech in California”, Auphan is quoted in a message about the evaluation. Due to “surveillance capitalism”, the governments would hardly have to surveillance by secret services: “We observe a trend in democratic countries, in which law enforcement authorities tend to request as much electronic data as possible,” Auphan writes.

The encryption of private chats and other data traffic has been a bone of contention between governments and companies for years. Governments are demanding to soften encryption in order to give you better access to evidence of law enforcement. Companies and data protection activists often lobby and warn against putting all internet users under general suspicion. They also warn of exuberant surveillance and abuse.

There is currently a dispute between Apple and the British government on this topic. The Labor government under Prime Minister Keir Strandmer has asked Apple to soften the extended data protection of his service iCloud and to publish unencrypted data stored in the cloud on request to law enforcement authorities. Apple removed the encryption for British users on February 21, but appealed to the order in court on March 4. A spokeswoman for Apple emphasizes in a phone call with the FAZ that other services such as iMessage and all data that are processed on the devices themselves and not in the cloud memory are still encrypted-outside the United Kingdom.

In the case of the master inquiry Germany, it seems to go in a similar direction. The three expected CDU, CSU and SPD government parties state in their election programs for the past Bundestag election to want to expand the powers of the law enforcement authorities in the digital area. The Union parties explicitly present the “protection of the population and the security interests of our state” before the data protection interests of the individual. Internet providers should be obliged to save IP addresses and port numbers for a minimum duration.

While the Union wants to use this primarily in the fight against terrorist attacks and sexual violence against children, the SPD focuses on the fight against “hatred and agitation” on the Internet. For this purpose, she wants to use log-in traps, among other things, in order to be able to compensate for the IP addresses of suspicious user accounts when registering-“with strict protection and data protection”, as the SPD emphasizes in the program. In addition, she wants to make companies more responsible for her projects.