Germany – let’s stop debating data retention and start finding solutions

How will Germany’s government proceed?

While the German governing coalition agreed on replacing the current data retention law, it must not be replaced by a window dressing like in Denmark or Belgium, where a new generation of data retention laws only pretend to comply with the EU court’s requirements, but in practice aim to continue indiscriminate mass surveillance.

The coalition agreement supports communications data retention “on an ad-hoc basis and by judicial order” only. German justice minister Marco Buschmann’s liberal party is proposing a “quick freeze” approach where data is stored only in case of a suspicion.

Yet the social democrat minister of the interior, Nancy Faeser, has been advocating for indiscriminate collection of information on every internet connection (“IP data retention”). Law enforcement authorities are, likewise, calling for such digital mass surveillance, referring to child protection needs.

Proponents of mass surveillance want to make us believe perpetrators are safe unless the whole population is under surveillance. This prevents the urgently necessary debate on targeted child protection and prevention measures. Mass surveillance legislation seems like a technologically easy and cheap way out, whereas allocating appropriate resources for prevention and prosecution is difficult, expensive and politically less rewarding.

Mass surveillance is not a solution

Much more is needed to protect children better. We need to improve reporting and raise overall awareness because the number of unreported cases is alarmingly high. We need to improve the cooperation of authorities, promote child protection officers and increase funding for social work and counselling centres. Competent and fast investigations are what is needed. Mass surveillance is neither needed, nor a solution.

We have seen remarkable police successes against child sexual abuse perpetrators recently, especially in the state of North Rhine-Westphalia. These successes were achieved as a result of targeted investigations, not by indiscriminate data retention. In January this year, Germany’s government published statistics on crime clearance rates. In the years 2017 to 2021, only 3% of child sexual abuse material (CSAM) investigations could not be pursued because of the lack of records of IP addresses.

There is no evidence that IP data retention makes any statistically significant contribution to crime clearance rates. The IP data retention obligation that was in effect in 2009 did not increase the clearance rate. Along with Gegen-Missbrauch eV, the German association for victims, partners and opponents of child sexual abuse, and Sebastian Heimann, director of the German Family Association, there are child protection experts who agree that data retention is not what is needed.

Last year, the public learned that the police were not requesting the removal of known child sexual exploitation material and “child pornography”. This inaction is scandalous and irresponsible.

Unfortunately, under the influence of massive pressure, the European Court of Justice green-lighted indiscriminate retention of all IP addresses used online. The importance of IP addresses for safeguarding our privacy online is widely underestimated.

Freedom of expression

IP addresses constitute our foot- and finger-prints on the internet. The systematic collection of IP data, taken together with web logs kept by internet companies, allows for the identification of a person, the tracking of their everyday online activities, the identification of senders of emails, locating citizens and profiling. Therefore, systematic retention all IP addresses is a profound intrusion into citizen’s privacy.

The ability to use the internet anonymously is essential for freedom of expression and information. Citizens must have the ability to anonymously exchange information with the press, authorities, law firms, counselling centres and doctors, to confidentially seek advice and help and to be able to inform and express themselves about any subject. IP data retention would eliminate this anonymity for citizens who are not technically savvy enough to mask their digital footprints.

The effects of data retention go far beyond infringement of the individual right to privacy. They have a chilling effect on democratic society.  A survey conducted by nine EU member states, published earlier this year, underlined that data retention causes far-reaching societal problems because it deters people from engaging in private communication. When people in crisis situations do not have access to consultation services anonymously, it can lead to violence and could endanger human lives.

We need to find a better approach to digital investigations that truly respects citizens’ privacy and liberties. With a crime clearance rate of more than 90%, Germany demonstrates that it is possible to take action against the circulation of CSAM without indiscriminate data retention. We must stand up against mass surveillance, for us and for generations to come.