"Today the German Constitutional Court decided that the state may not engage in surreptitious surveillance of information technology systems. The case, a constitutional complaint against a law permitting such surveillance by intelligence services, was decided on the basis of a new human right in the confidentiality and integrity of information technology systems. The court emphasises that this right, which applies where other fundamental rights affecting privacy are inapplicable (such as the rights in confidentiality of telecommunication communications or the right to inviolability of ones home), is derived from the fundamental rights in personal dignity and personality rights under the constitution. The right can only be restricted where significant higher ranking fundamental values need be protected, such as the life and integrity of others (that is, as a means to prevent acts of terrorism provided there are sufficient reason to believe that surveillance will the state to prevent such acts, but only if the surveillance measure is permitted by a judge on a case by case basis).The link to the decision is here. The IPKat imagines that this decision may have repercussions for more than copyright management systems, since it may come into conflict with scenarios in which, on the face of it, IP Enforcement Directive 2004/48 would contemplate the disclosure of infringement-sensitive materials held by internet service providers and regular database holders. Merpel sniffs, surely it would be a good idea if matters of this sort -- given their fundamental nature -- were resolved by the Commission and by pan-European legislation before they arose, rather than by national courts after they arose ...
The decision may have a dramatic impact in relation to the constitutionality of protected rights management information systems deemed to protect copyright. Where a supplier of copyright works manipulates data stored on a customers computer, or where personal data are being collected in order to allow the right holder to trace the use of works supplied online, it appears that if the customer can invoke the new right there is little left to argue for right holders that such means are necessary to protect copyright. It seems most unlikely that the protection of copyright can serve as a basis for higher ranking interests that would provide a legitimate purpose for justifying such intrusion. I incidentally wonder what would happen if the German Constitutional Court would find the DRM provisions under copyright unconstitutional and thereby void, given that it is derived both from the WCT and the Information Society Directive".
2 comments:
All comments must be moderated by a member of the IPKat team before they appear on the blog. Comments will not be allowed if the contravene the IPKat policy that readers' comments should not be obscene or defamatory; they should not consist of ad hominem attacks on members of the blog team or other comment-posters and they should make a constructive contribution to the discussion of the post on which they purport to comment.
It is also the IPKat policy that comments should not be made completely anonymously, and users should use a consistent name or pseudonym (which should not itself be defamatory or obscene, or that of another real person), either in the "identity" field, or at the beginning of the comment. Current practice is to, however, allow a limited number of comments that contravene this policy, provided that the comment has a high degree of relevance and the comment chain does not become too difficult to follow.
Learn more here: http://ipkitten.blogspot.com/p/want-to-complain.html
It is amazing how quickly Guido reported this case!
ReplyDeleteThe BVerfG states for the first time that the general personality right under Art 2(1), 1(1) German Basic Law also encompasses the basic (human) right of confidentiality and integrity of information technology systems.
That does not mean however, that this basic (human) right cannot be balanced against other rights. The court makes it clear that such "online searches" or surveillances are legal in such cases where the is concrete danger for other rights of paramount importance ("überragend wichtige Rechtsgüter") like human lives or the existance of the state. In such cases, where other basic rights are colliding the "online search" must be sanctioned by a judge.
I can see why Guido is worried about the consequences of this broadening of the general personality right, but at the same I cannot see how the court could have decided any differently without fundamentally changing its view of how Art 2(1), 1(1) Basic Law should be interpreted. Articles 10 and 13 just did not cover this aspect of modern life.
The court must have been aware of the potential consequences of this new interpretation. I assume that if conflicts with the IP Enforcement Directive 2004/48 or the DRM provisions under copyright/WCT and the Information Society Directive ever came to be decided by the BVerfG things might pan out slighlty differently.
I am not at all sure that today's decision allows a definite predicition as to how such conflicts would be decided by the BverfG or whether this new aspect of the General personality right could then indeed be invoked.
The above case was mentioned at a conference organised by the Academy of European Law (ERA) in cooperation with the Office of the European Data Protection Supervisor on 26-27 May 2008 in Trier, Germany. Topic was "Data protection in the EU: How to strike the right balance between mobility, security and privacy".
ReplyDeleteAn interesting newsitem or ERA's website sets out what was dicussed at the conference; it can be retrieved here: http://www.era.int/web/en/html/nodes_main/4_1649_459/4_2153_462/5_1625_7703.htm