CNET también está disponible en español.

Ir a español

Don't show this again


Germany wants to sic spyware on terror suspects

Conservative government is backing a proposal allowing authorities to transmit Trojans to suspects through official-looking e-mails. Opposition parties and privacy advocates cry foul.

In the name of nabbing terrorists, the German government is floating a plan that would permit authorities to plant spyware on suspects' hard drives through e-mail messages appearing to stem from official sources, according to various news reports out of Berlin this week.

The proposal, which has not yet been made public but was leaked in part to some German news outlets, is reportedly the brainchild of Interior Minister Wolfgang Schaeuble. He's pushing for its inclusion in a broader security law under consideration by Chancellor Angela Merkel's coalition government. The spyware provision is a response to a federal court decision earlier this year that frowned upon secret remote searches of computers, according to a recent report by the Associated Press.

But left-wing party members and civil liberties advocates are railing against the idea as a potential invasion of citizens' privacy, according to AP and Agence-France Presse reports. One Left Party Parliament member told AFP she also feared the policy would make citizens fearful to open e-mails from government sources.

Advocates of the plan, for their part, have tried to assuage fears about abuse of the technique. They have told reporters they would use the so-called "Trojan horse" spyware in a targeted way and would do so only with court approval.

Police use of spyware, as readers of CNET should know, is hardly a new idea. Recent cases in the United States have revealed agents with the FBI and the DEA have installed spyware--in both cases, with a court's permission--as part of investigations.

It was not clear how the German software would operate, although the news reports indicate the goal is to snoop on a suspect's hard drive data and Internet activity. An FBI tool called CIPAV, for example, can immediately report back to the government a computer's Internet Protocol address, Ethernet MAC address, "other variables, and certain registry-type information." Then, for the next 60 days, it will record Internet Protocol addresses visited but not the contents of the communications.

The widespread availability of spyware-detection software could arguably make it more difficult for any government to hide such a scheme from a tech-savvy suspect. In a recent CNET survey of 13 leading anti-malware vendors, not one acknowledged cooperating unofficially with government agencies--at least U.S. ones--to mask the presence of police spyware. Some, however, indicated they may keep quiet if ordered by a court to do so.