Germany’s Federal Administrative Court has dismissed a case brought by the German Commercial Internet Exchange (DE-CIX) over mass surveillance.
The Internet exchange group, a part of eco - Association of the Internet Industry, attempted to stop Germany’s foreign intelligence agency, the Bundesnachrichtendienst (BND), from copying all of the data going into its Frankfurt data center.
I spy with my massive eye
The court said DE-CIX could not cite article 10 of Germany’s Basic Law, which guarantees the privacy of communications, because the company was not directly affected by the BND operations. The court also said that the legality of the surveillance was a concern for the federal government, not DE-CIX.
The data center operator said in a statement: “DE-CIX management bears no responsibility for the [legal] violations that result from the tapping of German domestic communications signals by the BND at the Internet exchange in Frankfurt.”
DE-CIX asserts that the BND inserted Y-piece prisms into the fiber optic cables coming to its Frankfurt facility, the world’s largest Internet exchange. This, it said, violated the constitutional court’s ban on widespread data dragnets, which limited data capture to no more than 20 percent of overall traffic.
It also violates the law forbidding the BND from intercepting German citizens’ communications, DE-CIX alleged. The BND said it uses a filtering system to remove domestic traffic - however this particular system has not been independently verified, and previous versions were shown to be only 95 percent effective.
While the administrative court does not allow for appeal, DE-CIX has said that it will now take its case to Germany’s constitutional court.