Police Databases: Erroneous Profiling and Threats on Civil Liberties
The existence of police databases on activists and human rights defenders is not a new trend, nor is it restricted to the digital sphere. Though some of these databases are created to track individuals and networks deemed as threats to national security, there are cases where political dissidents or activists end up being tracked and profiled as well.
Just as the usual critiques of corporate data collection do not contest the act itself, but rather the amounts of data collected, how it is collected, and how it is used, this piece does not aim to question the right of governments or police forces to conduct investigations and collect data. Rather, it seeks to examine the types and uses of collected data and the transparency of their methods. We take Germany as a case study, particularly because it is widely considered to have strong data protection laws. We look at the existing (and lacking) structures for holding a government accountable for its practices of personal data collection and political profiling and the impact this might have on freedoms of expression, assembly and affiliation.
In the media, and in comparison to other countries, Germany tends to be perceived as having strong data retention laws and tough measures on violations of privacy. But even in countries with relatively responsible reputations, tension arises around discussions of data collection on political actors. Whether data is being collected on left-wing or right-wing activities, the collection of data by security forces needs to have clear parameters to abide by the constitution and the protection of civil liberties. In this article, we will shed light on a number of databases collected by the various police forces and departments in Germany, and their structures for data protection.
Though these databases are employed under the auspices of enhancing security and curbing violence, there has been a set of cases, which are laid out in this article, that highlight the (mis)uses of data beyond the intended objective of security. Though the focus of this article is on police databases in Germany, it intends to highlight the impacts that these databases might have elsewhere, and the vulnerabilities facing activists' privacy everywhere. The German context is key not only because of the country's strategic importance in the EU internationally, but also because of its leading role in advocating for such police databases within EU governing bodies. The German state also has various security (police and military) cooperation agreements with countries like Egypt, Serbia, Mexico and Tunisia. In Egypt for example, the German security forces have agreements that include training Egyptian police on internet surveillance in the context of fighting extremism – a cooperation that has been criticised and at times suspended by the German government for concerns about its use by the Egyptian police to crack down on human rights activists and members of the LGBT community.
There are numerous reports of individuals' personal data being stored and subsequently profiled under stigmatising terms like “violent offender,” which has had consequences for those profiled. These include so-called preventive detention before major demonstrations, increased controls at border crossings, personal searches or the imposition of travel barriers. In a number of cases around protests, entire groups travelling together were placed under investigation, even if only one of the individuals was recorded in the database, as the Federal Data Protection Commissioner explained. This kind of group profiling can lead to the profiling of journalists and the hinderance of their work, as we saw during the G20 summit in Hamburg 2017 (which we will cover later).
Another example is the Strasbourg NATO summit in April 2009, where the German police shared information on 232 individuals with their French counterparts. As a result, more than 100 people were prevented from crossing the German-French border to attend the demonstrations in Strasbourg.
In our own findings and in existing reports on the topic, we have discovered that politically engaged individuals can be misclassified even in countries with high standards of personal data collection. This misclassification, whether structural or unintentional, can lead to serious repercussions for civil liberties. It is worth noting that there are certain measures that can be implemented to provide a safety net against those threats: like a system of checks and balances that includes independent data-protection entities, citizens' access to freedom of information requests, upholding press freedom and holding power to account when these freedoms are compromised.
Storing on Suspicion
German police use a number of databases, both on the federal and national level. Various police databases hosted by the Federal Criminal Police Office (BKA) exchange and process information between German federal states – including an index of criminal records, a fingerprint database and a DNA database. The largest of these is dedicated to "Internal Security," which comprises multiple subordinated files. Parallel to the federal structure, each state operates its own databases for operative or investigative files. In areas like political activism or illegal drugs, all the information compiled by various police forces is accessible by the BKA.
On several occasions, these databases have been criticised for collecting data beyond their legal scope, including collecting data on individuals who hadn't been sentenced or tried. Some of them contain names of people who had their identity checked at a protest, or who registered a demonstration under their name (which is a prerequisite in German law). Many individuals are miscategorised or recorded under false designations. An activist sharing a car ride with a person who is in the database, for example, can end up being registered not as a contact of a person of interest but rather as a person of interest themselves, i.e. an “offender.” The label "offender" in some databases by default falls under the same category as “Violent Offenders.”
On the EU level, investigative journalist and director of Statewatch, Tony Bunyan, says that “the proposal to put ‘troublemakers’ on the Schengen Information System (SIS) database was discussed and rejected by the Council of the European Union (the 27 governments) back in 2001 following the protests in Gothenburg and Genoa. It did produce two separate Manuals, one on security against terrorism at Summit meetings and another on policing public order. In 2007 the two Manuals were collapsed into one so that:
“The scope of the manual is now such that it applies to the security (both from a public order point of view as well as counter-terrorism) of all major international events, be it political, sporting, social, cultural or other.” Source: EU Security Manual
According to Bunyan, “the database proposal came back onto the agenda after protests at the G8 Summit, 6-8 June 2007, in Heiligendamm, Germany. Over the next two years there were numerous discussions in two Council Working parties which ended in June 2009 with no agreement on the need for a database let alone a legal definition of a 'troublemaker' or a 'violent offender'.”
In autumn 2017 the Federal Ministry of the Interior continued to regard 28 of the 32 journalists as posing a security risk, among other reasons because they were accused of "particularly grave breaches of the peace." The public broadcaster Tagesschau investigated the allegations against some of the journalists and found no evidence to support the police claims. Furthermore, in some cases they couldn't find evidence because the security apparatus had destroyed the database under the claim that it shouldn't have been there, hence “destroying the evidence."
As a result of this case, the International and European Federation of Journalists (IFJ-EFJ) joined their German affiliates DJU and Ver.di (DJV) in condemning what they labelled “attacks on the press”:
"The DJV and the German Journalists’ Union (DJU) lodged complaints to the Federal Criminal Police Office (BKA). “The way BKA dealt with accreditations is legally highly questionable,” said Cornelia Hass, chairwoman of the German Journalists’ Union (DJU). “One cannot help but think this happened for the reason to prevent disagreeable media coverage,” says Hass. “This procedure defies our democratic principles, therefore we filed an objection with the authorities.” DJV has called the decision to withdraw press accreditations “entirely arbitrary". DJV chair Frank Überall has requested the Federal Office of Investigation (BKA) to not impose any further restrictions on journalists. In a letter addressed today to the BKA, DJV President Holger Münch asked the Office to justify their approach against journalists" Source: Statement by the IFJ
Nine of the journalists who had their accreditations revoked will take Germany's Federal Press Office (BPA) to court, alleging that the move was unlawful. Hass further affirmed that neither the Federal Criminal Police Office (BKA) nor the BPA has provided any valid reasons for blacklisting the journalists. "Now the court must determine whether the handling of our members holds up under legal examination," she said. "I have reason to be doubtful."
Suspicion Files of State Security Departments
For the alleged "prevention and prosecution of politically motivated crimes, "personal data is stored by the BKA at the federal level in the database "Violent Offender – Left" ("Gewalttäter links") or “Violent Offender – Right” ("Gewalttäter rechts"). These databases are part of the so-called joint files that are supplied with data by the various state police forces. The information is accessible through the German Police Information System INPOL and can be accessed by all federal and state police authorities. These lists do not only contain convicts and those accused and suspected of crimes, but also their personal contacts and companions. The term "violent offender" is not clearly defined and thus can be misleading, due to circumstantial grounds like a mere personal identification or detention in the area of a protest, as mentioned above. Other reasons a name might land in this database range from the carrying of sunglasses or scarves during demonstrations – which are interpreted as violations of the prohibition of covering one's face in Germany. An entry may contain several dozen data fields, including the individual's personal data, photographs, known whereabouts, nationality, personal description, occupation, skills, political affiliation or membership of a political group, "criminological abstract," e-mail and IP addresses and other notations. Information transmitted by foreign police departments can also be stored in these databases. This may concern, for example, personal data in the run-up to expected major international events. Conversely, personal data from these databases can also be "loaned" to foreign authorities. The above-mentioned journalists were included in this list. According to media reports, only data from selected people is forwarded, but the criteria for this selection are unknown. A transfer to foreign police agencies is then linked to certain data deletion deadlines in connection with the event to be dealt with (such as a summit protest). Whether these deadlines are respected is yet to be verified by an independent review. In our research, we found no details about such a review of multilateral or bilateral exchanges of such data.
The BKA is also home to the central files abbreviated "PMK" ("politically motivated crime"), in which only the State Security Department of the BKA can create and delete entries. However, the information may also come from other federal and state police and domestic secret services. It stores "relevant persons" and "persons likely to threaten public safety." The assessment is incumbent on the individual officials, as with the files of violent criminals of the federal states, there no prior criminal offence or conviction is necessary. Mere suspicion is sufficient. If the criminal authorities suspect a "residual suspicion" of certain people, this can be stored even after a judicial acquittal.
The PMK files are subdivided into the four areas: "left," "right," "foreigner crime" and "other or no category." The first two designations pertain to activists who take "the role of a leader, a supporter, logistics expert or stakeholder." These can also be those who have registered a demonstration. Information from investigations, searches, telephone monitoring, computer hard-disk analysis, travel movements and account data is stored in these records. In 2012, the Federal Data Protection Commissioner reviewed the database and found several flaws, like a lack of reasons for the storage or incorrect information. Normally, each entry needs to be checked by the police after several years, to verify that it is still valid and/or whether it requires further storage. The Data Protection Commissioner found that many entries in the database had no designated check-interval, or the highest possible was ticked. Ninety percent of the records (mostly in the category "other persons") needed to be deleted after the report of the Data Protection Commissioner.
"With regard to the stored "other persons", in all audited cases a storage basis [legal reason] was missing. Some people were registered for participating or registering an assembly. There were no facts which had a concrete connection with criminal offences or from possible security threats from the registered assembly. “I regard this as a serious offence against data protection regulations. […] Therefore I see myself confirmed [...] according to which also provocative forms of the protest are protected by constitutional law and therefore the participants may not be stored.” Source: Federal Data Protection Commissioner
Stigmatising Categories in Police Databases
Moreover, the BKA provides files with "personalized indicators" (Personengebundene Hinweise or PHW), which are also put into different categories or profiles. Most PHW are shared nationwide, but they are created by the federal states. The information is collected in order to prepare measures to protect the police forces on duty. In this database, they define "dangerous" according to various PHW categories: "armed," "violent," "prostitution," "narcotic consumer," "contagious," "offender" ("right-motivated," "left-motivated," "foreigner crime") or "biker gang." Four years ago, it became known that some federal states had profiles labelled "junkie" and "vagrant". Some of those titles were changed after there was a public outcry: for example Baden-Württemberg had created the PHW category "gypsy," which was later renamed "frequently changed location." The similarly criticised category "mentally ill" is maintained nationwide, but is now called "mental and behavioural disorders." HIV/AIDS initiatives unsuccessfully demanded the abolition of the category "contagious," which includes HIV positive individuals. The PHW uses the term "Left or Right motivated offenders" ("Straftäter linksmotiviert/rechtsmotiviert"). Contrary to the file name, it is not only offenders that are stored here, but also former suspects or persons against whom there is a vague "initial suspicion" of committing a politically-motivated offense. The personal data is not only used as initially alleged for "personal protection" of police officers, but it is also used in investigations for the exploration of political relationships. This led the data collection policy to come under public debate a few years ago. Some of the PHW files (including the political ones) were outsourced to the "Investigative Assisting Evidence" ("Ermittlungsunterstützende Hinweise", EHW) following a decision by the Interior Ministers' conference of the federal states. It was heavily criticised by the Data Protection Commissioner:
“The new EHW should, however, also classify the person concerned and enable it to be assessed quickly (eg "rocker", "politically motivated offender"). Unlike previous PHW, there are no specific deadlines [for deleting them]. The "label" sticks on the person concerned in doubt for the entire storage period. In my opinion, EHWs have a more stigmatizing character. They cannot be justified by the legitimate purpose of self-securing the deployed officers. As with all police data, it should be remembered that it is not just about convicted offenders. Much of the police data relates to people who are saved only on suspicion.” Source: Data Protection Commissioner
The BKA also maintains another list under the title PMK (politically motivated crime), for both right-wing and left-wing associated groups. The difference between these lists and other politically motivated files is not known. In addition, the Domestic Secret Services also operates a so-called project file for "violent extremists." During a more in-depth check, the Federal Data Protection Officer identified serious deficiencies and practices that were contrary to the prevailing decree in Germany that separates police and secret services data from the files flowed to the police. Furthermore, personal data was stored inadmissibly. Though these lists are supposed to contain "violent extremist persons," the Data Protection Commissioner found that in the case of an anti-nuclear demonstration, "a large number" of those stored had merely exercised their fundamental right to freedom of expression and right to protest.
“The object of my control was a joint project file of the BfV and the BKA, which was managed by the BfV. It should contain only violent extremist persons. I had to notice serious legal violations. Because the BfV had stored a large number of persons who had only exercised their fundamental right to freedom of opinion and demonstration in an anti-nuclear demonstration. This is unlawful - even if in such a demonstration individual people should have been violent. Thus, the BfV then, also in the wake of my control, explicitly conceded in the cases I have stated, those people concerned should not have been saved.” Source: Data Protection Commissioner
Attempts to Collect "Troublemakers" at the EU Level
Since the G20 Summit in Hamburg, the discussion has returned to setting up a European database on "left-wing extremists." But there have already been several previous attempts at the European Union level that have all failed. Back in July 2001, one week prior to the G8 Summit in Genoa, the EU Home Affairs ministers agreed to pursue "violent troublemakers" across Europe. Three months later, they declared their intention to gather data on persons who were "notoriously known by the police." Against the backdrop of mass incidents at the G8 in Heiligendamm in 2007, Germany put the pursuit of "violent trouble makers" back on the agenda of the Justice and Home Affairs Council of the European Union. In 2007 Germany held not only the Presidency of the G8, but also the Presidency of the European Union. In the wake of the summit protests, the Upper House of the German Parliament (Bundesrat) identified the Europol information system and the Schengen Information System as potential locations for the central "database on violent offenders who are active internationally." Another option on the table was to network decentralised databases on violent offenders in the EU member states.
Germany’s requests cropped up again in a European Commission action plan three years later. An appreciable number of the member states – including Belgium, Lithuania, Poland, Sweden and Slovakia – saw no need at the time for political data collection of this nature. One of the obstacles is the question of whether a common database is only to be used for investigative enquiries or also for police checks. In addition, a number of EU member states do not define "troublemakers" in their police law, so there is no basis for police measures against those stored in an EU-wide database. With this in mind, the German Ministry of the Interior suggested that countries without a definition of "troublemakers" could help collect this personal data, while police measures against those people stored would only be carried out by countries where it is legally possible (see the whole story and the idea to label activists as "euro anarchists" at Statewatch).
A new effort to exchange information on political activists comes with the possible installation of a decentralised European Police Records Information System (EPRIS). The countries involved would use the system as "hit/no-hit procedure" and therefore would not have direct access to the data in other countries, but may enquire as to whether there is any information regarding specific individuals. If data is available, a further enquiry must be submitted stating grounds for access to the data, which must then be granted by a judge or a state prosecutor. Further discussions about EPRIS are awaiting the results of a technical feasibility study.
Mitigation Strategies through Independent Reviews and Public Response
Most recently, the Federal Constitutional Court ruled that authorities are obliged to check the legality of their storage regularly, but there are no indications that this has taken place. In particular, with databases on activists, a constant pattern is that as soon as a Data Protection Commissioner scrutinises the files, a majority of entries are found to be illegally stored. Greater accountability and respect for constitutional rights have been facilitated through the insight of data-protection entities and their reviews, in addition to the public transparency regarding these checks.
The bigger problem, however, is that the parties affected by such data retention normally do not know about it. Unless an individual, as in the case of the G20 journalists, looks into why they were banned from travelling or exercising their rights, and in the absence of a notification on the inclusion in such lists, people can be unaware of such a listing or the fact that it is the reason for what they are facing. This can hinder any possible judicial review, or any action to guarantee the legal obligation to delete the records kept on them. In many countries like Germany an individual can file a request for information which must be answered within a certain period unless there are security reasons behind withholding the file. The trend of such enquiries is still rising: in 2017 more than 3,200 people have made use of it, requesting files from the BKA alone. But one needs to know about these measures, understand the process of presenting such a request, and be familiar with the procedure in case it is not answered according to legal requirements. This is why supervision of data collection is important, as much as making the information about the possibilities of presenting an information request public and accessible.
Similarly, entities like journalists' unions and civil society organisations that safeguard freedom of the press are crucial for democratic societies. These bodies, like the German Journalists’ Union (DJU) and the Federal Data Protection Commissioner play an important role in the extent to which these databases might affect basic democratic freedoms (like freedom of the press), and the freedom of expression and assembly (in the case of protesters and political participation). Bodies like independent unions and organisations for press freedom constitute the safety net needed to guarantee a healthy democracy. And we must not forget the important role of civil society actors like civil-rights activist groups and journalists, who hold power to account and provide the public with much-needed information on these issues.
This article was written by Matthias Monroy and Leil-Zahra Mortada. Research by Matthias Monroy
Matthias Monroy is a knowledge worker, activist and editor of the German civil rights journal Bürgerrechte & Polizei/CILIP. Currently working for German member of Bundestag Andrej Hunko. Publishing in left-wing newspapers, online-media, free radios and mostly netzpolitik.org