State and Politics in Germany

Germany is regarded around the world as a role model when it comes to data protection. Yet you, Mr Schaar, as Federal Commissioner for Data Protection, are now saying that "we are evolving into a society in which more and more surveillance is taking place." What has happened?

In its 2006 ranking, the human rights organization Privacy International once again confirmed that our country – as compared to other countries in Europe and around the world – still maintains relatively high standards as regards protecting privacy and granting individuals the right to informational self-determination. Nonetheless, we cannot ignore the fact that the measures implemented to guarantee data protection are being dismantled in absolute terms in Germany too, and this is particularly evident since 11 September 2001.

Which particular challenges do you have in mind?

In the interests of combating terrorism, the security forces – the police and intelligence services – have been given a range of new powers. At the same time, however, video surveillance of the public domain, at train stations and on the high street for instance, has also been stepped up. In addition, the new electronic passports contain a digitalized image of our face, and will soon include fingerprints which are stored on a radio frequency identification (RFID) chip. I am alarmed by the fact that people have succeeded in reading the biometric data despite the passport being closed. Evidently the security measures implemented are not sufficient in this case. I am also worried by the Internet, which is equally insecure and easy to monitor, and the ubiquitous use of the computer in shops and trade transactions in which the RFID on the plastic bottle plays a key role. Some people are already talking of an "Internet of things", when fridges, plastic bottles and retailers can all communicate with one another of their own accord. The by-product of this is that all kinds of personal data about our habits and preferences are stored. Technological progress is in the process of undermining our data protection regulations, some of which are already obsolete. We should not only react to this, we have to intervene and take control.

How can people preserve their informational self-determination? Simply by saying "not over my dead body!"?

The successful protest which led to the national census planned for 1983 being abandoned made it clear that people and action groups are not without power. I am currently aware of an increasing awareness and growing resistance on the part of the German population to being monitored and watched at every step. Unfortunately, however, politicians have yet to take this on board to an appropriate degree. The failed maxim that "you have to know everything in order to be completely safe" is not befitting of a democratic state based on the rule of law. This statement was made by Erich Mielke, head of the Stasi state security service in the former Communist regime of East Germany. His "striving for knowledge" did not do the system any good, but simply destroyed the life of its society. This is exemplified in the German film The Lives of Others. The fact that the film won a Hollywood Oscar this year proves just how sensitively even American audiences react these days to the subject of the police state.

The public, quasi-state social insurance organizations (e.g. which provide unemployment benefits) can by law request information from banks about account holders, even without any suspicion of criminal activity. Is the welfare state creating a "transparent citizen"?

Not necessarily. There is a risk of this happening, however, if in the aforementioned case the steps aimed at "preventing abuse" are taken long before there are in fact any real grounds for suspicion of wrongdoing and if preventive measures are conducted purely for the purposes of monitoring rather than to address the cause. This is how freedoms end up being curtailed.

The "electronic health card", containing detailed personal information, can in case of need provide rapid access to acute treatment, but also makes for a "transparent patient". Can patients with compulsory health insurance cover refuse the card, and how can data protection laws help them?

Under the law, people with health insurance are obliged to use the health card. I believe that it is crucial that there is only one obligatory application, namely the "electronic prescription". All other applications, from emergency data to the electronic patient record, are voluntary. Even if consent has been given on one occasion, the person in question can revoke this at any time. This wide-ranging freedom of the insured to make their own decisions must be maintained.

One of the key principles of data protection is that information should only be used when there is a clear reason for doing so. Nonetheless, the state uses data acquired when collecting motorway tolls, for example, to help investigate criminal offences committed on that particular stretch of road. Which other objects of legal protection are also given priority over data protection?

That is always a question which needs to be weighed up in each individual case. When the police are investigating a specific capital crime, I find it reasonable for a warrant to be issued granting access to data which are not all that sensitive. However, access must be limited to precisely defined data, and may only be used to solve serious crimes. It would not be appropriate, for example, to use such data to investigate cases of tax evasion or speeding offences. In other words, the question of appropriateness must always be posed.

Originally, data protection concerned information which the state itself collects and stores for its own purposes. Nowadays, however, the state increasingly accesses information recorded for business purposes by private companies – telephone providers, for example – with the consent of their clients. Is it not necessary now to make a new political distinction between the needs of the state and the spheres of personal freedom?

Yes, technically speaking, Big Brother can see into every last corner of our lives, so the state must make a conscious decision to curb its activities. It is not only a legal issue, but also concerns the ethics of the information age. The prerequisite in this context is that protection of the private sphere must be acknowledged and defended as a value in its own right. It appears to me – you may be surprised to hear – that we in Continental Europe value our privacy to a lesser extent than is traditionally the case in the US. In Germany, the third power – in the judgments passed down by the Federal Constitutional Court and other high-level courts on subjects such as the protection of informers in the media or the powers of the police to bug people's flats – is now proving to be the custodian of data protection. However, no-one nowadays lives on a national island of data protection, which is why informational self-determination must be set down as a basic human right.