Freedom on the Net
You are here
(0 = Best, 100 = Worst)
(0 = Best, 25 = Worst)
(0 = Best, 35 = Worst)
(0 = Best, 40 = Worst)
|Internet Penetration:||86 percent|
|Social Media/ICT Apps Blocked:||No|
|Political/Social Content Blocked:||No|
|Bloggers/ICT Users Arrested:||No|
|Press Freedom Status:||Free|
June 2014 - May 2015
- Ongoing disputes between media companies and search engines over ancillary copyright enforcement have affected the freedom of information landscape online (see Media, Diversity, and Content Manipulation).
- In contrast to the European Court of Justice’s rejection of the EU Data Retention Directive in 2014, the German government proposed new data retention legislation in May 2015 (see Surveillance, Privacy, and Anonymity).
- Recent reports disclosed that the German foreign intelligence service BND helped the U.S. National Security Agency (NSA) to spy on German and European citizens, politicians and companies (see Surveillance, Privacy, and Anonymity).
The state of internet freedom in Germany is frequently and openly discussed by the media and civil society, mainly due to the prominence of internet regulation issues in widely read online news publications. There is now a general consensus that internet freedoms are essential for an open and democratic society, and politicians, both from the governing parties and the opposition, usually act accordingly.
At the same time, some important issues remain unresolved, or have even come under renewed pressure during the reporting period. For one, both the ancillary copyright for press publishers and the European Court of Justice’s ruling on the “right to be forgotten” have had an impact on the content displayed by search engines, potentially infringing on the freedom of information. The current law on the liability of providers of open access to the internet, as interpreted by a court case from 2010, remains a serious obstacle for cafes and other businesses wanting to establish free wireless networks for customers, and recent proposals by the governing coalition for new legislation fail to effectively change the legal situation for non-commercial providers. Furthermore, despite the European Parliament’s endorsement of net neutrality, there are increasing signs that the government and the ruling coalition in the German parliament are starting to back away from upholding the principle.
In the wake of the European Court of Justice’s dismissal of the EU Data Retention Directive in the spring of 2014, law enforcement representatives have found support from the governing coalition in their call for new national legislation to enact data retention in Germany. Despite growing opposition from civil society that has become more aware of surveillance issues due to whistleblower Edward Snowden’s revelations concerning the activity of the NSA and German intelligence services, the government now seems determined to introduce data retention in the near future. The NSA scandal itself has still not been properly resolved or assessed despite the ongoing parliamentary inquiry process. Even as the government is rightly being criticized for a lack of cooperation with the inquiry commission, new disclosures in April 2015 about the role of the German foreign intelligence service BND have added to the magnitude of the affair.
Internet access in Germany continues to grow, and there are few inhibiting obstacles to access. However, in terms of broadband development, the country still lags behind other European states, in particular outside of urban centers. In the mobile market, the merger of Telefónica and E-Plus in July 2014 has led to less competition.
Availability and Ease of Access
Germany’s network infrastructure for information and communication technologies is well-developed, with 79 percent of the population in Germany having private internet access. Together with the number of mobile-only internet users, this has resulted in an overall internet penetration rate of 89 percent, according to Eurostat findings, which is 8 percentage points above the European Union (EU) average. Similarly, data compiled by the International Telecommunications Union place the internet penetration rate at 86 percent by the end of 2014. However, growth in internet penetration is slowing, with an increase of only 0.3 percentage points in the past year. The portion of individuals who still plan on obtaining private access is 2.9 percent.
The most widely used mode of internet access is still DSL, with 23.3 million connections in 2014. However, cable internet connections are becoming more widespread, with 6.3 million connections in 2014, compared to only 5.5 million in 2013. Connections with speeds of more than 50 Mbps are available for about 66 percent of households. In 2015, the development of comprehensive broadband supply was still considered to be proceeding too slowly, according to experts at a conference in Berlin in April 2015, especially in non-urban areas. The state of Bavaria, however, has announced a push for increased efforts by providing vast public funding. On the federal level, Minister for Traffic and Digital Infrastructure Alexander Dobrindt announced a joint roadmap with industry to provide every household with internet access speeds of at least 50 Mbps by 2018. He reaffirmed the federal government’s commitment in March 2015, announcing that the federal government and telecom companies would invest a combined amount of 10 billion euros in 2015.
Mobile phone penetration in Germany is nearly universal, with a penetration rate of 139 percent. In 2014, internet access via mobile devices further increased: 52.6 million people regularly accessed the internet via UMTS or LTE, compared to only 36.9 million in the year before. The total data volume increased from 267 million GB in 2013 to 393 million GB in 2014. According to the Federal Ministry of Economics and Technology, Germany is ranked ninth internationally in terms of mobile internet access. In February 2015, 45.6 million people in Germany used a smartphone. By the end of 2014, LTE connections with at least 2 Mbps were available to 92.1 percent of all German households, while connections with at least 6 Mbps were available to 74.7 percent. A year before, these numbers had been only 70 and 44 percent, respectively.
There is still a gender gap when it comes to accessing the internet in Germany. While 81.8 percent of men used the internet in 2014, only 71.9 percent of women did. The difference stagnated at 9.9 percent compared to 9.6 in 2013. Internet penetration is particularly high in the age group between 14 and 39 (over 96 percent) but, in comparison, relatively low in the age group 70 and above (about 30 percent). Despite considerable and stable growth rates in the preceding years, the rate of internet penetration in this latter group has stagnated in the past year.
Differences in internet usage depending on formal education level have not significantly changed over the past few years: the discrepancy between people with low and high levels of formal education is still noteworthy. This phenomenon is confirmed by a comparison of net household incomes. Households with less than EUR 1,000 (US$1,283) net income per month have a 54.1 percent penetration rate, whereas those with more than EUR 3,000 (US$3,848) net income have a penetration rate of 93.7 percent. Furthermore, slight differences in internet usage exist between Germany’s western region (79 percent) and the eastern region that once constituted the communist German Democratic Republic (71 percent); in the past year, this difference has even slightly increased. The gap between the urban states Hamburg, Berlin, and Bremen, and the rural states with the smallest internet penetration rate such as Saxony-Anhalt or Brandenburg, has again slightly decreased but is still between 10 to 14 percent. Although the governing coalition on the federal level has acknowledged these digital divides as problematic, the discrepancies in access persist.
Prices for internet access have remained relatively stable, while telecommunication services have become slightly less expensive, decreasing by about 1.6 percent.The available figures indicate that prices for flat rate broadband internet still range from EUR 16 to EUR 30 (US$21 to US$38) which is regarded as affordable compared to the average income per household of EUR 3,989. Nevertheless, as the stark differences in internet usage compared to income indicate, the price level constitutes a barrier for people with low incomes and the unemployed. Although the Federal Court of Justice ruled that access to the internet is fundamental for everyday life, costs for internet access are not adequately reflected in basic social benefits.
Restrictions on Connectivity
The German government does not impose restrictions on ICT connectivity. The telecommunications infrastructure in Germany was privatized in the 1990s and is largely decentralized today. There are more than one hundred backbone providers in the country. The former public enterprise Deutsche Telekom was privatized in 1995, and remains the only company that acts as both a backbone provider and an ISP. However, the German state owns less than a third of its shares, which crucially limits its control over Deutsche Telekom. There are a number of connections in and out of Germany, the most important being the DE-CIX, which is located in Frankfurt. It is privately operated by eco, the Association of the German Internet Industry.
The telecommunications sector was privatized in the 1990s with the aim of fostering competition. The incumbent Deutsche Telekom’s share of the broadband market is currently 42.1 percent, which marks a further decline as competition continues to increase. Other ISPs with significant market share include Vodafone/Kabel Deutschland combined with 18.2 percent, 1&1 with 14.3 percent, cable companies Unitymedia Kabel BW with 9.9 percent, and O2-Telefónica with 7.3 percent. Despite the merger of Vodafone and Kabel Deutschland, the leading position of the Deutsche Telekom is still virtually unchallenged.
There are now three general carriers for mobile internet access: T-Mobile, Vodafone, and E-Plus/O2-Telefónica. Due to the merger of E-Plus and O2 in July 2014, the new company has gained market leadership with 44.7 million customers. Former leader T-Mobile follows with 39.1 million. Vodafone had 32.3 million customers in 2014. Before the merger, the German market was considered one of the most competitive in the European Union. With main competition reduced to three providers, there is some fear that this may change at the expense of a favorable pricing development. Nevertheless, the EU Commission approved the deal after a formal investigation.
Internet access, both broadband and mobile, is regulated by the Federal Network Agency for Electricity, Gas, Telecommunications, Post, and Railway (Bundesnetzagentur or BNetzA), which has operated under the supervision of the Federal Ministry of Transport since early 2014. The president and vice president of the agency are appointed for five-year terms by the German federal government, following recommendations from an advisory council consisting of 16 members from the German Bundestag and 16 representatives from the Bundesrat. The German Monopolies Commission and the European Commission (EC) have both criticized this highly political setting and the concentration of important regulatory decisions in the presidential chamber of the Federal Network Agency. Similarly, the European Court of Justice (ECJ) and the EC noted that the regulation of data protection and privacy by agencies under state supervision does not comply with the EU Data Protection Directive 95/46/EC.
In addition to such institutional concerns, regulatory decisions by the BNetzA have been criticized for providing a competitive advantage to Deutsche Telekom, the former state-owned monopoly. The most recent examples are the agency’s decisions on April 10, 2013 to allow a slight increase in the price that Telekom charges competitors for the “last mile,” the final leg of telecommunications infrastructure that reaches customers, and to support controversial vectoring technology, which in turn manifests its dominant position regarding the last mile. Vectoring can boost the bandwidth of DSL connections on existing copper lines but requires one operator to manage the whole bundle, in effect limiting the unbundling of the local loop and thus privileging, under specific circumstances, the market leader. Despite the widespread concerns about a “re-monopolization” of the fixed-line network, the BNetzA announced its final decision on August 29, 2013, after making some adjustments in favor of Telekom competitors and subsequently obtaining the approval of the EU Commission.
Access to online content in Germany is relatively free, and most often restricted content involves copyright issues or disputes concerning the remuneration of authors. Some further limitations that potentially affect freedom of expression and freedom of information stem from the ongoing enforcement of the ancillary copyright for press publishers and the European Court of Justice’s decision on the right to be forgotten in May 2014.
Blocking and Filtering
Government-imposed blocking of websites or internet content rarely takes place in Germany. In 2014-2015, there were no publicly known incidents of censorship directly carried out by state actors. Since there is also no significant filtering of text messages or email communication, the overall scale and sophistication of censorship has remained stable and on an insignificant level. YouTube, Facebook, Twitter and international blog-hosting services are freely available.
Content blocking or filtering practices enforced by corporate actors have been discussed for some time. The ongoing dispute between YouTube and GEMA (German Society for Musical Performance and Mechanical Reproduction) indicates that private entities substantially shape the availability of online content. Since 2009, Google and GEMA have been unable to reach an agreement on the amount Google should pay for a license for copyright-protected music videos disseminated on YouTube. GEMA considers it a copyright violation when YouTube uses “the rights administered by GEMA without paying any compensation to the copyright owners.” As a result of this disagreement, which as of May 2015 remains unresolved, YouTube blocks videos for users within Germany if the video might contain copyrighted music, instead showing an error message saying that the video is not available in Germany because GEMA might not have granted the publishing rights. Google has raised concerns about the resulting undesired harms for freedom of expression. In February 2014, the Munich District Court decided in an injunction suit filed by GEMA that the phrasing of YouTube’s error message violated the collecting society’s rights. Although YouTube subsequently altered the content of the displayed message on blocked videos, the Higher Regional Court in Munich confirmed the lower court’s judgment, arguing that the displayed message kept misleading viewers by implying GEMA’s responsibility for the blocking of content.
German ISPs employ deep packet inspection (DPI) for the purposes of traffic management, as well as to throttle peer-to-peer traffic. Users are especially affected by P2P-related restrictions in the mobile market. Although Vodafone, for example, announced that for the time being the practice shall remain limited to mobile internet access, there is no ultimate confirmation that it will not be extended in the future.
The protection of minors constitutes an important legal framework for the regulation of online content. Youth protection on the internet is principally addressed by states through the Interstate Treaty on the Protection of Human Dignity and the Protection of Minors in Broadcasting (JMStV), which bans content similar to that outlawed by the criminal code, such as the glorification of violence and sedition. A controversial provision of the JMStV reflecting the regulation of broadcasting media mandates that adult-only content on the internet, including adult pornography, must be made available in a way that verifies the age of the user. The JMStV enables the blocking of content if other actions against offenders fail and if such blocking is expected to be effective. The Federal Criminal Police Office (Bundeskriminalamt) has initiated the deletion of thousands of sites related to child pornography. In 2013, it reported a slight decline in discovered sites.
Most of the content removal issues in Germany relate to the removal of results from search engine functions, rather than deletion of content from the internet entirely. The autocomplete function of Google’s search engine has repeatedly been subject to scrutiny. In May 2013, the Federal Court of Justice ruled that Google could be held liable, at least under some circumstances, for the infringement of personal rights through its autocomplete function. In its subsequent decision concerning the same case, the Higher Regional Court in Cologne decided that Google’s liability amounted to the obligation to delete the respective automated search query combination and to refrain from repeating the tort, but not to pay further compensation.
Since the European Court of Justice decision on the right to be forgotten in May 2014, Google and other search engines have been under the obligation to remove certain search queries from their index in the case that they infringe on the right to privacy of a person, and that person files a respective application with the search engine. As of March 31, 2015, Google had assessed nearly 40,000 applications, and decided to remove the link in roughly half of the cases. In order to reduce repercussions in relation to the freedom of expression and information, a potential downside of the judgment as maintained by numerous experts, Google set up an advisory group assigned with the task to develop formal and substantial criteria in order to adequately balance between the affected civil rights.
There is no censorship prior to the publication of internet content. On the other hand, figures released by ICT corporations indicate that post-publication content removal requests are issued with regard to defamation or illegal content. According to Google’s latest transparency report regarding requests to remove content, covering the period from January to June 2014, the company received 151 requests from the German courts and other public authorities. Defamation remains by far the most common reason for court orders to remove content. Upon request from authorities, between July and December 2014, Facebook restricted access to 60 pieces of content that advocated right-wing extremism and Holocaust denial, which are illegal under the German criminal code.
The liability of platform operators for illegal content is regulated by the Telemedia Act. The law distinguishes between full liability for owned content and limited “breach of duty of care” (Stoererhaftung) for access providers and host providers of third party content. Although access and host providers are not generally responsible for the content they transmit or temporarily auto store, there is a certain tension between the underlying principles of liability privilege and that of secondary liability. Principally, ISPs are not required to proactively control or review the information of third parties on their servers; they become legally responsible as soon as they gain knowledge of violations or violate reasonable audit requirements.
In 2012, court rulings limited the liability privilege of intermediaries by further specifying requirements, responsibilities, and obligations. Additional blocking and filtering obligations of host providers have been put in more concrete terms by the Federal Court of Justice (Bundesgerichtshof, BGH) in the “Alone in the Dark” case. In this specific instance, the game publisher Atari sued the file hosting service Rapidshare for copyright violations concerning a video game. Although the judges did not hold Rapidshare liable for a direct infringement, they saw a violation of the service’s monitoring obligations under the breach of duty of care as a result of Rapidshare’s failure to proactively control its service for copyrighted material after it was notified of one infringing copy.
In a subsequent decision concerning Rapidshare in August 2013, the BGH substantiated and further extended host providers’ duties. According to the judgment, if the business model of a service aims to facilitate copyright infringements, the company is considered less worthy of protection with regard to liability privilege. As a consequence, host providers are required to monitor their own servers and search for copyright-protected content as soon as it has been notified of a possible violation. As agreed on in the coalition agreement in 2013, the Federal Ministry of Economy introduced a draft bill in March 2015 in order to legislate a revision of the law on the breach of a duty of care. It explicitly provided for a preclusion of liability privilege for providers with such business models.
ISPs are obliged to disclose customer information for prosecutions of copyright infringement, even though the person may not have infringed copyrights for commercial purposes. A special requirement to review the content on any violations of rights was also ruled in a case where a blogger integrated a YouTube video onto his website. However, in October 2014, the European Court of Justice ruled that embedding content from other sources by means of framing is, as such, not a copyright infringement.
An important exception to the liability privilege concerns wireless networks. Because of a highly disputed Federal High Court ruling in 2010 against the existing liability privilege, as it applied to wireless networks,, legislative initiatives from states and political parties now seek to modify the secondary or indirect liability of local Wi-Fi operators. The governing coalition agreed to press ahead with new legislation that aims to create legal certainty for operators in order to facilitate the expansion of publicly accessible Wi-Fi networks. However, the bill introduced in March 2015 that aimed to revise the current rules on liability was criticized for only privileging commercial providers of wireless networks, not those who want to share their network access for non-commercial purposes. Moreover, the proposal obliges providers of freely accessible hotspots to undertake “appropriate measures” to identify users, which is problematic in relation to both practicability and the right to anonymity. An initiative by the parliamentary factions of the Greens and Die Linke parties to provide for a more lenient regulation concerning providers of open internet access was rejected by the governing coalition in November 2014. In addition to these legislative proposals, in September 2014 a Munich court asked the European Court of Justice for a preliminary ruling on the question of the applicability of the liability privilege for a provider of an openly accessible Wi-Fi network.
Media, Diversity, and Content Manipulation
Germany is home to a vibrant internet community and blogosphere; however, there are some issues with regard to the enforcement of ancillary copyright regulations that may have the effect of distorting search results for news outlets attempting to monetize their content.
While the degree to which political actors can successfully pressure online news outlets to exclude certain information from their reporting is still insignificant, there have been some attempts to delete critical information on the internet. In January 2014, the Federal Ministry of the Interior accused the website FragdenStaat.de of copyright infringement after the website had published an internal document concerning legal analysis of an election threshold for the elections to the European Parliament. The decision was criticized as an attempt to abuse copyright laws in order to suppress freedom of information. In reaction to the incident, the commissioners for the protection of the freedom of information on both the federal and state level released a joint statement rejecting the Federal Ministry of the Interior’s claims. The commissioners demanded the government clarify that copyright law may not be employed to withhold administrative information.
To date, self-censorship online has not been a significant or well-documented issue in Germany. Still, there are more or less unspoken rules reflected in the publishing principles of the German press. The penal code and the JMStV prohibit content in a well-defined manner (such as child pornography, racial hatred, and the glorification of violence). Additionally, the criminal investigation into the online media outlet Netzpolitik in July 2015, with regard to their reports on the activities of the German intelligence agencies, was criticized for its potential chilling effect on investigative reporting, even though the case was subsequently dropped.
The principle of net neutrality was legally codified with the latest amendment of the telecommunications act (Telekommunikationsgesetz, TKG), § 41a TKG, enacted in May 2012. While the European Parliament’s April 2014 vote in favor of net neutrality has widely been considered a positive step, the details of the new regulation are considered deficient and incomplete. At the same time, the principle has come under heightened pressure in Germany over the past year. The ruling coalition has started to endorse classified net traffic in order to privilege certain services and providers. In October 2014, it was revealed that the government may refrain from promoting net neutrality in order to create incentives for private companies to speed up the development of broadband internet in Germany. According to suggestions published by the Federal Ministry of Transportation, certain internet services may acquire paid priority treatment by the networks in order to refinance infrastructure measures in this sector. At the same time, EU Commissioner for the Digital Economy and Society Günther Oettinger has repeatedly argued in favor of an abandonment or modification of the principle. A report published in March 2015 disclosed findings that suggest that net neutrality is already frequently violated in Germany. For instance, most mobile internet providers contractually prohibit certain services such as tethering or Voice over Internet Protocol (VoIP) in order to maximize profit.
Local and international media outlets and news sources are generally accessible and represent a diverse range of opinions. However, the enactment of the ancillary copyright for press publishers (Leistungsschutzrecht für Presseverleger), which came into effect on August 1, 2013, allows publishers to monetize even the small snippets of information that search engine operators display as part of the results of a query. This raised concerns regarding the constitutionally protected rights to freedom of expression and freedom of information. In 2014, in reaction to the law’s enactment, search engines started to exclude search results leading to the websites of publishers who had assigned the collecting society VG Media to collect fees stemming from the ancillary copyright. When Google declared that in the future it would endeavor to show only such results and snippets that fall outside of the scope of the law, twelve German publishers and the VG Media initiated antitrust proceedings against the search engine, which were rejected by the Federal Cartel Office. Subsequently, major publisher Axel Springer reported that due to Google’s practice, traffic to its news websites had dropped by 40 percent. In reaction, several publishers including Springer granted Google a license to show snippets free of charge. This decision was criticized for unduly privileging the market leader while disadvantaging smaller search engines, thus further reinforcing Google’s leading position. In part due to this practice, the law remains controversial. However, while the parliamentary opposition seeks to revoke the law, the governing coalition refuses to consider succumbing to the critics.
In the past year, the internet has provided the infrastructure for several advocacy campaigns concerning political and social issues in Germany. As the government’s reluctance to uphold net neutrality became apparent, internet users were encouraged to take part in an online day of action on September 10, 2014. Aside from that, the long-term pan-European campaign for net neutrality continued, gaining renewed urgency after the aforementioned recent political developments. Likewise, two separate campaigns were launched in reaction to distinct legislative plans concerning data retention on both the national and European level. Domestically, the renewed proposals to introduce comprehensive data retention sparked vocal opposition among civil rights groups, which urged citizens to partake in online protests in order to express their objection. An even more widespread online mobilization was observed in relation to EU plans to enact obligatory data retention of the data of airline passengers. Under the hashtag #NoPNR, several websites called for a pan-European day of action on April 11, 2015.
During the reporting period, the repercussions of whistleblower Edward Snowden’s revelations concerning the vast surveillance practices by the NSA and GCHQ continued to dominate the political agenda. While a parliamentary inquiry commission attempts to investigate the degree of spying on German citizens and politicians, the federal government has been criticized for failing to sufficiently provide the necessary information to the commission. At the same time, new disclosures have further implicated the German intelligence service BND, culminating in reports that the service was involved in industrial espionage at the expense of German and European companies.
The German Basic Law guarantees freedom of expression and freedom of the media (Article 5) as well as the privacy of letters, posts, and telecommunications (Article 10). These articles generally safeguard offline as well as online communication. In addition, a groundbreaking 2008 ruling by the Federal Constitutional Court established a new fundamental right warranting the “confidentiality and integrity of information technology systems” grounded in the general right of personality guaranteed by Article 2 of the Basic Law.
In July 2014, the federal government proposed legislation to transform the Office of the Federal Commissioner for Data Protection and Freedom of Information from a subdivision of the Federal Ministry of the Interior to an independent supreme federal authority. The act, which passed the Federal Assembly on February 6, 2015, is expected to significantly strengthen the Commissioner’s powers in relation to data protection in Germany.
Prosecutions and Detentions for Online Activities
Online journalists are largely granted the same rights and protections as journalists in the print or broadcast media. Although the functional boundary between journalists and bloggers is starting to blur, the German Federation of Journalists maintains professional boundaries by issuing press cards only to full-time journalists. Similarly, the German Code of Criminal Procedure grants the right to refuse testimony solely to individuals who have “professionally” participated in the production or dissemination of journalistic materials.
In the fall of 2014, during the proceedings of the parliamentary inquiry commission that was installed in the aftermath of the NSA revelations, the online journalist Andre Meister from the news website Netzpolitik.org, who blogged live from the commission, was reportedly monitored by the parliamentary police. Upon inquiry, the acting officer conceded that he was especially assigned to keep an eye on the journalist. Although the conduct was officially dismissed as a mere misunderstanding, it was met with harsh criticism, and Netzpolitik.org announced it was taking legal action against the alleged surveillance of their journalistic activity. According to the journalist, parliament officials have since responded that there is no information about him stored by the Bundestag. Moreover, as previously mentioned, editor-in-chief of Netzpolitik.org Markus Beckedahl and Andre Meister were subject to a criminal investigation for charges of treason following their reporting on the activities of the Federal Office for the Protection of the Constitution in July 2015.
The German Criminal Code (StGB) includes a paragraph on “incitement to hatred” (§ 130 StGB), which penalizes calls for violence against minority groups and assaults on human dignity. The German people mostly regard this provision as legitimate, particularly because it is generally applied in the context of holocaust denials.
Surveillance, Privacy, Anonymity
Debates over the activities of the NSA and the British government’s intelligence organization GCHQ—and the German intelligence service’s involvement in such mass surveillance—continued throughout the past year. While there are few restrictions on anonymous communication and the right to anonymity is generally upheld, the surveillance revelations remain a concern with regard to protecting the rights to privacy and freedom of expression.
The ramifications of the leaked classified documents by former NSA contractor Edward Snowden regarding the activities of UK and U.S. intelligence services lingered throughout the reporting period, while new revelations surfaced. After it had already become known in 2013 that the German Federal Intelligence Service (Bundesnachrichtendienst, BND) had monitored German internet traffic on behalf of the NSA, further information reported in July 2014 disclosed that the BND had permanent access to all data traffic routed through the central node of the internet exchange point DE-CIX in Frankfurt since at least 2009, with the help of a major German internet provider. The practice was allegedly carried out with at least tacit approval of both the Office of the Federal Chancellor and the Federal Ministry of the Interior, and was deemed unconstitutional by lawyers testifying in the parliamentary commission of inquiry.
In October 2014, it was reported that the data transmitted to the NSA included that of German citizens, although the BND denied having done so deliberately. The conduct came under scrutiny at the commission of inquiry, which had been installed by the Federal Parliament in March 2014. During the hearing in March 2015, DE-CIX manager Klaus Landefeld strongly criticized the German authorities for not providing clear and transparent rules on the legal requirements for surveillance measures. Shortly thereafter, the central node operator announced a lawsuit against the BND. During the course of the inquiry commission’s proceedings, the federal government was repeatedly criticized for insufficiently cooperating with the appointed representatives, for instance refusing to transmit essential files and records. Minister of the Chancellery Peter Altmaier was even accused of threatening commission members with criminal charges after details of certain files had been published by the press.
In April 2015, German weekly Der Spiegel reported on a further dimension of the espionage scandal, disclosing that the BND had spied on German and European politicians, citizens, and companies for the NSA. In particular, the aspect of industrial espionage was widely regarded as a hitherto unthinkable breach of confidence. In the course of events, it became known that the Federal Chancellery had been informed as early as 2008 but ignored the respective reports.
Although the Federal Minister of the Interior and some other members of the conservative parties have repeatedly expressed their disapproval of anonymity on the internet, the principle is by and large upheld as a basic right. The basic right was further strengthened by a decision by the Federal Court of Justice, which confirmed that an online review portal is under no obligation to disclose the data of an anonymous user. In the preceding judgment, the Higher Regional Court in Stuttgart had ruled to the contrary. Website owners or bloggers are not required to register with the government. However, most websites and blogs need to have an imprint naming the person in charge and contact address. The anonymous use of email services, online platforms, and wireless internet access points are legal.
The right of anonymity notwithstanding, the telecommunication act of 2004 stipulates that the purchase of SIM cards requires registration, including the purchaser’s full name, address, international mobile subscriber identity (IMSI), and international mobile station equipment identity (IMEI) numbers if applicable. In this way, the growing penetration of mobile internet threatens to further erode the possibility of anonymous communication.
The use of proxy servers is common in Germany, but more for the purpose of circumventing copyright restrictions than to avoid censorship. There are no figures available for the extent of their use.
Excessive interceptions by secret services formed the basis of a 2008 Federal Constitutional Court ruling, which established a new fundamental right warranting the “confidentiality and integrity of information technology systems.” The court held that preventive covert online searches are only permitted “if factual indications exist of a concrete danger” that threatens “the life, limb, and freedom of the individual” or “the basis or continued existence of the state or the basis of human existence.” Based on this ruling, the Federal Parliament passed an act in 2009 authorizing the Federal Bureau of Criminal Investigation (BKA) to conduct covert online searches to prevent terrorist attacks on the basis of a warrant. In addition to online searches, the act authorizes the BKA to employ methods of covert data collection, including dragnet investigations, surveillance of private residences, and the installation of a program on a suspect’s computer that intercepts communications at their source. In April of 2015, it was revealed in an audit report conducted by the Federal Commissioner for Data Protection and Freedom of Information that the BKA had gravely violated data protection law by storing the personal data of numerous left-wing political activists without sufficient legal grounds. Several persons had been included in the database after taking part in constitutionally protected activities such as attending demonstrations.
The amended telecommunication act of 2013 reregulates the “stored data inquiry” requirements (Bestandsdatenauskunft). Under the new provision, approximately 250 registered public agencies, among them the police and customs authorities, are authorized to request from ISPs both contractual user data and sensitive data. While the 2004 law restricted the disclosure of sensitive user data to criminal offenses, the amended act extends it to cases of misdemeanors or administrative offenses. Additionally, whereas the disclosure of sensitive data and dynamic IP addresses normally requires an order by the competent court, contractual user data (such as the user’s name, address, telephone number, and date of birth) can be obtained through automated processes. The requirement of judicial review has been subject to two empirical studies, both of which found that in the majority of cases a review by a judge does not take place. Data protection experts criticize the lower threshold for intrusions of citizens’ privacy as disproportionate. Two members of the Pirate Party and a lawyer who had already filed the complaint against the data retention law in 2007 have filed a new constitutional complaint against the telecommunication act. In the aftermath of the enactment on the federal level, several German states established their own laws, with one state’s legislation even entirely omitting the requirement of preceding judicial review. As of mid-2015, the Federal Court of Justice has not yet issued a decision on the matter.
Telecommunications interception by state authorities for reasons of criminal prosecution is regulated by the code of criminal procedure (StPO) and is understood as a serious interference with basic rights. It may only be employed for the prosecution of serious crimes for which specific evidence exists and when other, less-intrusive investigative methods are likely to fail. According to recent statistics published by the Federal Office of Justice, there were a total of 22,917 orders for telecommunications interceptions in 2013, compared to 23,687 in 2012, of which 5,033 concerned internet communications, compared to only 4,488 in the year before. There were also a total of 20,923 orders requesting internet traffic data in 2013, compared to 18,026 in 2012. Surveillance measures conducted by the secret services under the Act for Limiting the Secrecy of Letters, the Post, and Telecommunications exceed these figures. For 2013, the competent Parliamentary Control Panel reported that a total of 15,401 telecommunications – most of them email – were scanned, of which only 118 were considered relevant.  The panel highlighted the steady and significant decline in surveillance measures, the number of which had been above 2.8 million in 2011, down to 851,691 in 2012. The email contents were scanned for keywords relating to certain “areas of risk,” namely international terrorism, proliferation of arms and other military technology, and human smuggling.
The practice of German police authorities to make use of radio cell queries for criminal investigation on a regular basis has continued in the reporting period, and available data suggests a further increase to a significant degree. According to the response to an interpellation by the faction of the Pirate Party in the state parliament of Saarland, in that state alone there were more than 50 radio cell queries per day. In the state of Berlin however, in reaction to persistent criticism of the widespread practice, the state parliament enacted legislation in November 2014 that requires law enforcement agencies to inform cell phone users who are affected by a radio cell query via text. Furthermore, in the future the state is obligated to keep a public record of the practice.
After the European Court of Justice declared the EU Data Retention Directive to be unconstitutional on April 8, 2014, the EU Commission repeatedly announced that for the time being at least, it would abstain from proposing a new directive in line with the Court’s specifications. In reaction to this, however, several German politicians from the ruling coalition as well as representatives of the police union and members of the domestic intelligence services started calling for a German enactment of data retention. Federal Minister of Justice Maas and Federal Minister of the Interior de Maizière announced their joint legislative plan under a new name in April 2015. The draft has been criticized as being disproportionate and as violating the European Court of Justice’s guidelines. In particular, one news website revealed that under the new act, not only data received during phone calls would be preserved but continuing location data of cellphone users even absent incoming or outgoing calls. Moreover, an undisclosed collateral agreement to the legislation, leaked to the journalists at Netzpolitik.org, provided for the possibility for law enforcement to obtain stored data information without the requirement of prior judicial authority. The federal government has since confirmed the existence of said agreement.
Intimidation and Violence
Aside from the case of alleged intimidating surveillance of a blogger reporting from the parliamentary inquiry commission concerning the NSA scandal as mentioned above, there have been no cases of direct intimidation of or violence against online journalists or other ICT users in the reporting period.
Human rights activists or non-governmental organizations are rarely victims of cyberattacks or other forms of technical violence that intend to intimidate or otherwise silence them. At the same time, cyberattacks have become an increasingly significant problem for industry in Germany. According to recent studies, almost one in three companies was affected by a substantial security breach in the past three years. However, investigations reveal that the majority of attacks are carried out by insiders, not through the internet. Moreover, small and medium-size companies are more prone to attacks than larger companies. The annual financial damage has reached an estimated EUR 50 billion. The latest official cybersecurity report for Germany furthermore lists a particularly grave cyberattack against a steel mill in 2014, which led to the physical destruction of large parts of the facility.
In order to strengthen capabilities to react to cyberattacks, the Federal Ministry of the Interior proposed legislation to improve the security of information networks by obliging telecommunication firms and critical infrastructure operators to report security breaches to the Federal Office for Information Security (BSI). The bill was discussed in the committee for internal affairs of the Federal parliament in April 2015.
 Setfan Krempl, “Breitbandausbau: Telekom und Vodafone zanken sich um Fördermillionen,“ [broadband development: Telekom and Vodafone quarrel about funding] Heise Online, June 5, 2014, http://bit.ly/1MLavPl.
 “Dobrindt kündigt Milliarden-Invesition in Breitbandausbau an,” [Dobrindt announces investment of billions of Euros in broadband development].
 Bundesnetzagentur, Jahresbericht 2014, 79.
Bundesnetzagentur, Jahresbericht 2014,
 Bundesnetzagentur, Jahresbericht 2014.
 Bundesnetzagentur, Jahresbericht 2014, 80.
 TÜV Rheinland Consulting, mid-2013, p. 4. With the allocation of licenses for the next generation mobile standard LTE, the Bundesnetzagentur has obliged the network providers to build the new infrastructure in rural areas first before installing it cities.
 Initiative D21, (N)ONLINER Atlas 2014, main findings, http://www.initiatived21.de/portfolio/nonliner-atlas/.
 Initiative D21, (N)ONLINER Atlas 2014, main findings, http://www.initiatived21.de/portfolio/nonliner-atlas/.
 Initiative D21, (N)ONLINER Atlas 2014, main findings, http://www.initiatived21.de/portfolio/nonliner-atlas/.
 Initiative D21, (N)ONLINER Atlas 2014, main findings, http://www.initiatived21.de/portfolio/nonliner-atlas/.
 Initiative D21, (N)ONLINER Atlas 2014, main findings, http://www.initiatived21.de/portfolio/nonliner-atlas/.
 Bundesgerichtshof [Federal Court of Justice], “Bundesgerichtshof erkennt Schadensersatz für den Ausfall eines Internetanschlusses zu,” [Court awards damages for internet failures]press release 14/13, January 24, 2013, http://bit.ly/1FLvz98; Hartz IV standard rate is € 391 see, Die Bundesregierung, “Hartz IV-Regelsatz wird angehoben,” http://bit.ly/1Go87JM; € 2.28 of that sum are for Internet access, Cf. Deutscher Bundestag [German Bundestag], Drucksache 17/3404, 60, http://bit.ly/1LnUX6U.
 Björn Brodersen and Alexander Kuch, “Backbones – die leistungsstarken Hintergrundnetze des Internets,” [Backbones – the strong background networks of the internet] Teltarif, http://www.teltarif.de/internet/backbone.html.
 In January 2015, Vodafone announced that it would soon drop the name of Kabel Deutschland, the company it had acquired in 2013; Caspar Busse, “Kabel Deutschland – ein Name verschwindet,” [Kabel Deutschland – a name disappears] Sueddeutsche,January 28, 2015, http://bit.ly/18Cmy2s.
 European Commission, Digital Agenda for Europe – Scoreboard 2012, p.68. Cf. also the study by Haucaup et al. documenting a fairly competitive market: Haucap/Heimeshoff/Stühmeier, 2010, “Wettbewerb im Deutschen Mobilfunkmarkt” [Competition in the German mobile market], Ordnungspolitische Perspektiven Nr. 4.
 Bundesministerium für Wirtschaft und Technologie,“Monitoring-Report Digitale Wirtschaft 2014”, 36.
 Markus Beckedahl, “Verkehrsministerium gewinnt Fachaufsicht über Bundesnetzagentur,” [Ministry of Transport gains supervision over Federal Network Agency], Netzpolitik, February 14, 2014, http://bit.ly/1jDT9KQ.
 Monopolkommission [Monopolies Commission], “Telekommunikation 2009: Klaren Wettbewerbskurs halten” [Telecommunication 2009: stay on target in competition], Sondergutachten 56, 2009, 75, http://bit.ly/1VvjgPK; European Commission, Progress Report on the Single European Electronic Communications Market (15th Report) SEC(2010) 630, May 25, 2010, 196, http://bit.ly/1Od2qpT.
 European Commission, , Progress Report on the Single European Electronic Communications Market, 196. Since the Federal Republic still exercises its rights as a shareholder of Deutsche Telekom (circa 38 percent) through another public law entity, commentators see a potential conflict of interest; Christian Schmidt, “Von der RegTP zur Bundesnetzagentur. Der organisationsrechtliche Rahmen der neuen Regulierungsbehörde” [From RegTP to Federal Network Agency. The organizational framework of the new regulator], Die Öffentliche Verwaltung 58, no.24 (2005) 1028.
 Björn Greif, “Neuer Vorschlag der Bundesnetzagentur für TAL-Entgelte erntet Kritik,” [Network Agency’s Plans for Local Loop Unbundling Charges is criticized strongly],ZDNet, March 28, 2013, http://bit.ly/1N9uSZv.
 “Bundesnetzagentur legt Streit um VDSL-Vectoring bei” [Federal Network Agency settles argument concerning VDSL vectoring] Heise, July 10, 2013, http://bit.ly/1KR04sY; “Bundesnetzagentur gibt Startschuss für VDSL-Vectoring” [Federal Network Agency issues clearance on VDSL vectoring] Heise, August 29, 2013, http://bit.ly/1LotFNL.
 Due to substantial criticism by activists and NGOs that provoked an intense political debate, the 2010 law on blocking websites containing child pornography, the Access Impediment law (Zugangserschwerungsgesetz), never came into effect and was finally repealed by the German parliament in December 2011.
 Collecting societies are private organizations at the national level in Germany authorized by the Copyright Administration Act (Urheberrechtwahrnehmungsgesetz). Although they act under the supervision of the German Patent and Trademark Office (DPMA), they belong to the private sector. With the foundation of the collecting society C3S, provided the DPMA grants permission, GEMA’s national monopoly could soon come to an end, see Jens Uthoff, “Neue Wege im Paragraphendschungel,” [New paths through the regulation jungle] Taz, April 9, 2014, http://www.taz.de/!136441/.
 Compared to 0.9 per cent in the United States and ca. 1 per cent in Austria and Switzerland. Cf. Pascal Pauknet, “Diese Kultur ist in Deutschland leider nicht verfügbar,” [This culture is not available in Germany] Sueddeutsche Zeitung, January 28, 2013, http://sz.de/1.1584813.
 GEMA, “GEMA and YouTube”, accessed April 23, 2014, https://www.gema.de/en/press/popular-subjects/youtube/browse/4.html. Could not find this release, but will this work: GEMA, “Hamburg Higher Regional Court confirms: YouTube is liable for copyright infringements,” press release, July 1, 2015, http://bit.ly/1N9yTxj.
 GEMA demands 0.375 cents per retrieval.
 In particular Google argues that because the GEMA doesn’t provide a list on the complete repertoire they licensed, most music videos have been blocked in order to avoid financial risks. cf. http://bit.ly/1if3Qk7.
 GEMA,“Landgericht München urteilt: GEMA-Sperrtafeln auf YouTube sind rechtswidrig,” [District Court Munich rules: GEMA error messages are unlawful] press release, February 25, 2014, http://bit.ly/1Ed8KHm.
 Markus Beckedahl, “Dieses Video ist in Deutschland leider immer noch nicht verfügbar,” [Unfortunately, this video is still not available in Germany] Netzpolitik, March 10, 2014, http://bit.ly/1RkWAkQ.
 GEMA, “OLG München bestätigt: GEMA-Sperrtafeln auf YouTube sind rechtswidrig,” [Higher Regional Court Munich confirms: GEMA error messages on YouTube are unlawful] press release, May 12, 2015, http://bit.ly/1RzDyZq.
 Body of European Regulators for Electronic Communication, A view of traffic management and other practices resulting in restrictions to the open Internet in Europe: Findings from BEREC’s and the European Commission’s joint investigation, May 29, 2012, http://bit.ly/1MOMMhj.
 Andre Meister, “Waschmaschine im Netz: Wie Telekom und Vodafone Deep Packet Inspection als Feature verkaufen,” [Laundry machine on the net: How Telekom and Vodafone sell deep packet inspection as a feature] Netzpolitik.org, August 1, 2014, http://bit.ly/1Od6TZN.
 The legal framework regulating media protection of minors in particular consists of the Law for the protection of children and youth (“Jugendschutzgesetz”, JuSchG) of the federal government and the Interstate Treaty on the Protection of Minors in the Media (short “Jugendmedienschutzstaatsvertrag”, JMStV).
 Cf. the respective § 5, Abs. 3 JMStV.
 BGH [Federal Supreme Court], judgment of May 14, 2013, Az. VI ZR 269/12; Jürgen Kuri, “BGH zu Autocomplete: Google muss in Suchvorschläge eingreifen,” [BGH on autocomplete] Heise Online, May 14, 2013 http://heise.de/-1862062.
 Beck Aktuell, “OLG Köln: Klage gegen Google auf Unterlassugn bestimmter Suchwortkombinationen erfolgreich” [Higher Regional Court Cologne: Injunction suit against Google concerning certain search query combinations successful], April 8, 2014, http://beck-aktuell.beck.de/news/olg-k-ln-klage-gegen-google-auf-unterlassung-bestimmter-suchwortkombinationen-erfolgreich; Adrian Schneider, “OLG Köln: Die Autocomplete-Entscheidung im Detail” [Higher Regional Court Cologne: the autocomplete decision in detail] Telemedicus, April 11, 2014, http://bit.ly/1iRT59G.
 European Court of Justice, „C-131/12 Google Spain and Google,“ May 13, 2014, http://curia.europa.eu/juris/liste.jsf?num=C-131/12.
 “Ein Jahr Recht auf Vergessenwerden: Löschen von Suchergebnissen beeinträchtigt die Zivilgesellschaft,” [One year right to be forgotten: Removal of search results impairs civil society] Eco, May 13, 2015, http://bit.ly/1N9DnDW.
 Google, “Germany,” Google Transparency Report.
 In particular: Part 3, §§ 7-10 TMG: liability for own content (§ 7, Abs. 1 TMG); limited liability for access providers (§§ 8, 9 TMG) and host providers (§ 10 TMG).
 The BGH in particular has developed the principles of limited liability of host providers: BGH [Federal Court of Justice], judgment of October 25, 2011, Az. VI ZR 93/10.
 Liability privilege means that information intermediaries on the internet such as ISPs are not responsible for the content their customers transmit. Secondary or indirect liability applies when intermediaries contribute to or facilitate wrongdoings of their customers.
 Thomas Stadler, “BGH erweitert Prüfpflichten von Filehostern wie Rapidshare,” [Federal Court of Justice extends monitoring duties for host providers such as Rapidshare] Internet-Law (blog), September 4, 2013, http://bit.ly/1N9EWSv.
 Federal Ministry of the Economy, “Entwurf eines Zweiten Gesetzes zur Änderung des Telemediengesetzes (Zweites Telemedienänderungsgesetz)” [Draft bill of a second act to revise the Telemedia Act] March 11, 2015, http://bit.ly/1C9Em24.
 European Court of Justice, C-348/13 BestWater International, October 21, 2014, http://curia.europa.eu/juris/liste.jsf?num=C-348/13.
 In 2010, the German Federal High Court sentenced the private owner of a wireless router on the grounds that his or her open network allowed illegal activities. cf. Christopher Burgess, “Three Good Reasons to Lock Down Your Wireless Network,” The Blog, The Huffington Post, June 8, 2010, http://huff.to/1LYHK3k.
 Christian Heise, “Finaler Gesetzentwurf zur Neuregelung der Störerhaftung: Deutschland bleibt ein WLAN-Entwicklungsland,” [Final draft bill on the revision of breach of duty of care liability: Germany remains a Wi-Fi developing country] Freifunk statt Angst (blog), March 12, 2015, http://bit.ly/1PTrjV8.
 Christian Dingler and Sarina Balhausen,“Entwurf zur Neuregelung der Störerhaftung bei offenen WLANs verschärft das Problem,” [Bill to revise breach of duty of care liability for open Wi-Fi aggravates the problem] D-64, February 24, 2015, http://bit.ly/1P9TPne.
 “LG München I legt Frage der Haftung bei offenen WLANs dem EuGH vor” [Munich district court submits question on liability concerning open Wi-Fi to ECJ] Offenenetze (blog), October 8, 2014, http://bit.ly/1iRW1mK.
 Axel Kannenberg, “Urheberrecht: Innenministerium mahnt FragdenStaat.de ab,” [Copyright law: Federal Ministry of the Interior warns FragdenStaat.de] Heise Online, January 22, 2014, http://bit.ly/1arZC67.
 Martin Holland,“Informationsfreiheitsbeauftragte: ‘Urheberrecht dient nicht der Geheimhaltung’” [commissioners for the protection of the freedom of information: ‘copyright law does not serve secrecy purposes’] Heise Online, June 18, 2014, http://bit.ly/1ikDQER.
 Organization for Security and Co-operation in Europe,“OSCE representative warns about impact on free media of criminal investigation of Netzpolitik.org journalists in Germany,” press release, August 4, 2015, http://www.osce.org/fom/175796.
 Markus Beckedahl, “Das Verkehrministerium möchte leider die Netzneutralität dem Breitbandausbau opfern,” [Unfortunately, the ministry of traffic wants to sacrifice net neutrality for broadband development] Netzpolitik.org, October 7, 2014, http://bit.ly/1oU8GCc.
 Markus Beckedahl, “Unser Report deckt auf: Verletzungen der Netzneutralität sind in Deutschland schon jetzt die Regel,” [Our report reveals: violations of net neutrality in Germany are already the rule] Netzpolitik.org, March 5, 2015, http://bit.ly/1GYtGBK.
 Henry Steinhau, “Leistungsschutzrecht: T-Online und 1&1 verbannen Verlage der VG Media aus ihren Suchergebnissen,” [Ancillary copyright: T-Online and 1&1 ban VG Media publishers from their search results] iRights info (blog), September 16, 2014, http://bit.ly/1JKFxlY.
 Leony Ohle and Maximilian Renger, “Leistungsschutzrecht: Sachverständige im Zwist über Abschaffung,” [Ancillary copyright: Experts quarrel about abolition] iRights info (blog), March 5, 2015, http://bit.ly/1VvowTr.
 Kilian Vieth, “Battle for the Net: Großer Online-Aktionstag für Netzneutralität am 10. September 2014,” [Battle for the Net: Great online action day for net neutrality on September 10, 2014] Netzpolitik.org, September 8, 2014, http://bit.ly/1Odc6kn.
 Campact!, “Vorratsdaten: Nein zur Rundum-Überwachung!” [Data retention: No to omnipotent surveillance!], http://bit.ly/1qr0ueW; Vorratsdatenspeicherung, “Kampagne: Stoppt die Vorratsdatenspeicherung 2.0!,” http://bit.ly/1N9JOH3.
 “#NoNPR: Aktionstag gegen ‘europaweite Vorratsdatenspeicherung von Passagierdaten’” [#NoNPR: action day agains Europe-wide data retention of passenger data] Radio Utopie April 11, 2015, http://bit.ly/1O9xxkA.
 BVerfG [Federal Constitutional Court], Provisions in the North-Rhine Westphalia Constitution Protection Act (Verfassungsschutzgesetz Nordrhein-Westfalen) on online searches and on the reconnaissance of the internet null and void, 1 BvR 370/07 Absatz-Nr. (1 - 267) Judgment of February 27, 2008, http://bit.ly/1YVssS3; For more background cf. Wiebke Abel and Burkhard Schaferr, “The German Constitutional Court on the Right in Confidentiality and Integrity of Information Technology Systems – a case report on BVerfG”, SCRIPTed 6, no. 1 (2009), 106, http://www.law.ed.ac.uk/ahrc/script-ed/vol6-1/abel.asp.
 Dr. Datenschutz,“Endlich! Unabhängige Datenschutzbehörde für Deutschland,” [Finally! Independent data protection agency for Germany] Datenschutzbeauftragter, August 27, 2014, http://bit.ly/1jE9tv3.
 Andre Meister, “netzpolitik.org vs. Bundestag: Wir gehen rechtlich gegen Überwachung durch die Bundestagspolizei vor” [netzpolitik.org vs. Federal Parliament: we are taking legal action against surveillance by the parliamentary police] Netzpolitik.org, November 7, 2014, http://bit.ly/1JKHHCa.
 Information provided by Andre Meister.
 “Netzpolitik.org: Bundesanwaltschaft ermittelt gegen Journalisten wegen Landesverrats” [Federal prosecutor’s office investigates against journalists for treason] Spiegel Online, July 30, 2015, http://bit.ly/1H6QXiu.
 Cf. fn. 54.
 Jacob Appelbaum and Laura Poitras, “Edward Snowden Interview: The NSA and Its Willing Helpers,” Spiegel Online, July 8, 2013, http://bit.ly/1FNgvY9; Friedhelm Greis, “NSA-Skandal: Chronologie der Enthüllungen,” [NSA scandal: chronology of disclosures] iRights.info (blog), December 30, 2013, http://bit.ly/1O9zSfk.
 “BND lässt sich Abhören von Verbindungen deutscher Provider genehmigen,” [BND gets official approval for wiretapping of connection of German providers] Der Spiegel, October 6, 2013, http://bit.ly/1VvpOTU.
 Cf. Anna Sauerbrey, “Innenminister Friedrich will Blogger-Anonymität aufheben,” [Federal Minister of Interior wants to abolish anonymity of bloggers], Tagessspiel, August 7, 2011, http://www.tagesspiegel.de/politik/internet-innenminister-friedrich-will-blogger-anonymitaet-aufheben/4473060.html.
 Telecommunications Act (TKG), § 111.
 Bundesverfassungsgericht [Federal Constitutional Court], Provisions in the North-Rhine Westphalia Constitution Protection Act (Verfassungsschutzgesetz Nordrhein-Westfalen) on online searches and on the reconnaissance of the Internet null and void, judgment of February 27, 2008, 1 BvR 370/07; For more background cf. Wiebke Abel and Burkhard Schaferr, “The German Constitutional Court on the Right in Confidentiality and Integrity of Information Technology Systems – a case report on BVerfG”, SCRIPTed 6, no. 1 (2009), 106, http://www.law.ed.ac.uk/ahrc/script-ed/vol6-1/abel.asp.
 Dirk Heckmann, “Anmerkungen zur Novellierung des BKA-Gesetzes: Sicherheit braucht (valide) Informationen,” [Comments on the amendment of the BKA act: Security needs valid information], Internationales Magazin für Sicherheit 1, no. 1 (2009) http://bit.ly/1KWuRm6.
 Matthias Monroy, “BKA-Datenbank: Laut Bundesdatenschutzbeauftragtem ‘gravierender Verstoß gegen datenschutzrechtliche Vorschriften’” [BKA database: According to Federal Commissioner for Data Protection ‘grave violation of data protection provisions] Netzpolitik.org, April 14, 2015, http://bit.ly/1LYRnis.
 Two independent studies from by the Universität of Bielefeld (2003: Wer kontrolliert die Telefonüberwachung? Eine empirische Untersuchung zum Richtervorbehalt bei der Telefonüberwachung“ [Who controls telecommunication surveillance? An empirical investigation on judicial overview of telecommunication surveillance], edited by Otto Backes and Christoph Gusy, 2003) and Max-Planck-Institut Institute for Foreign and International Criminal Law: Hans-Jörg Albrecht, Claudia Dorsch, and Christiane Krüpe, “Rechtswirklichkeit und Effizienz der Überwachung der Telekommunikation nach den §§ 100a, 100b StPO und anderer verdeckter Ermittlungsmaßnahmen,” [Legal reality and efficiency of wiretapping, surveillance and other covert investigation measures], http://www.mpg.de/868492/pdf.pdf) evaluated the implementation of judicial oversight of telecommunication surveillance. Both studies found that neither the mandatory judicial oversight nor the duty of notification of affected citizens are carried out. According to the study by the Max Planck Institute, only 0,4 % of the requests for court orders were denied.
 Breyer, Patrick, “Verfassungsbeschwerde gegen Bestandsdatenauskunft eingereicht,” [Constitutional complaint against stored data inquiry submitted], Bestandsdatenauskunft (blog), July 1, 2013, http://bestandsdatenauskunft.de/?p=357.
 Bundesamt für Justiz [Federal Office of Justice], “Übersicht Telekommunikationsüberwachung (Maßnahmen nach §100a StPO) für 2013,” [Summary of telecommunication surveillance for 2013] July 28, 2014, http://bit.ly/1QNATtJ.
 These are aggregated figures related to the three areas of risk in which scanning took place according to the report of the Parliamentary Control Panel. Cf. Deutscher Bundestag, Drucksache 18/3709, January 8, 2015, 8, http://bit.ly/1YVxEWc. Note that the annually presented numbers do not refer to the last year but to the year before, i.e. 2013. The Parliamentary Control Panel periodically reports to the parliament and nominates the members of the G10 Commission. The G10 Commission controls surveillance measures and is also responsible for overseeing telecommunications measures undertaken on the basis of the Counterterrorism Act of 2002 and the Amendment Act of 2007.
 Matthias Monroy, “Starker Anstieg bei der Ausforschung von Verkehrs- und Standortdaten für polizeiliche Ermittlungen,” [Vast increase of inquiry on location data for criminal proceedings] Netzpolitik.org, January 9, 2015, http://bit.ly/1yaEOv7.
 Andre Meister, “Erhebungsmatrix zu Funkzellenabfragen im Saarland: Jeder Bürger mit Handy war letztes Jahr sieben mal verdächtig,” [Inquiry matrix concerning radio cell queries in Saarland: Every citizen with a cell phone was suspect seven times in the last year] Netzpolitik.org, January 9, 2015, http://bit.ly/1C3qfHp.
 Andre Meister, “Funkzellenabfrage in Berlin: Abgeordnetenhaus beschließt Statistiken und Benachrichtigungen per SMS,” [Radio cell query in Berlin: State parliament enacts statistics and notifications via text] Netzpolitik.org, November 28, 2014, http://bit.ly/1hgsRwu.
 Stefan Krempl, “EU-Kommission unternimmt keinen neuen Anlauf zur Vorratsdatenspeicherung,” [EU Commission does not make new attempt to enact data retention] Heise Online, June 4, 2014, http://bit.ly/1PTyRHr.
 Christian Dingler, “D64-Stellungnahme zum VDS-Gesetzentwurf: Höchstspeicherfrist kommt, Vorratsdatenspeicherung bleibt,” [Statement of D64 on the data retention bill: maximum data preservation is coming, data retention is staying] D-64, April 16, 2015, http://bit.ly/1O9BOEQ.
 Markus Beckedahl, “BMJ: Neue Vorratsdatenspeicherung soll Standortdaten komplett speichern” [Federal Ministry of Justice: new data retention supposed to preserve location data completely] Netzpolitik.org, April 16, 2015, http://bit.ly/1jEcrzK.
 Andre Meister, “Geheime Nebenabrede: Doch kein Richtervorbehalt für Bestandsdatenauskunft, also Großteil der Vorratsdatenspeicherung,” [Secret collateral agreement: no requirement of judicial authority for stored data, therefore large part of data retention] Netzpolitik.org, April 20, 2015, http://bit.ly/1DE9cgR.
 Constanze Kurz, “Bundesregierung: Geheime Nebenabrede zur Vorratsdatenspeicherung ist nicht geheim, nur ‘nicht-öffentlich’” [Federal government: Secret collateral agreement to data retention legislation is not secret, merely ‘not public’] Netzpolitik.org, April 30, 2015, http://bit.ly/1JDwubJ.
 BITKOM, “Digitale Angriffe auf jedes dritte Unternehmen” [Digital attacks against every third company], February 25, 2015, https://www.bitkom.org/Presse/Presseinformation/Digitale-Angriffe-auf-jedes-zweite-Unternehmen.html
 Bundesamt für Sicherheit in der Informationstechnik [Federal agency for security in information technologies], Die Lage der IT-Sicherheit in Deutschland 2014, [The state of IT security in Germany in 2014], 31, http://bit.ly/13cGiGL.