Germany’s Interior Ministry wants to require carmakers to help spy on individuals suspected of criminal behavior. This is according to a draft resolution submitted by Thomas de Maizière to a conference of Germany’s interior ministers in Leipzig on Thursday.
Specifically, the government wants manufacturers to switch off a specific function in the car’s computer that alerts the owner via text message if the car is moved. Should investigating authorities want to install some kind of monitoring device in a suspect’s car, of course, the suspect would receive a text message telling them that somebody was moving their vehicle. According to Mr. de Maizière’s proposal, auto manufacturers would be required to switch off this mechanism.
The draft resolution has not been welcomed. “This opens the door for hackers,” Stephan Noller, vice president of the German Federal Association of the Digital Economy, warned on Wednesday. “If we integrate such options for access into all systems, it becomes a dangerous security risk for virtually every device. A system that has a digital master key can never be safe from hacker attacks.”
Achim Himmelreich, another vice president of the same organization, agrees. The proposed rule would set a legal precedent that impacts practically everything digital, he argued in a press release, including networked cars, tablets and smartphones as well as smart TVs and digital household appliances. Parts of the draft resolution use vague terms when it comes to technology, making it possible the legal measure could be used on many more consumer goods.
The Interior Ministry vehemently denies that it is currently planning any such expansion. According to a ministry official, the discussion is definitely not about smartphones, tablets or the microphones in smart TVs.
In fact, the Interior Ministry insists that the way in which manufacturers switch off the warning system is up to them, and that they aren’t asking for a back door that hackers could exploit to get around personal passwords. The draft resolution contains no technological specifications about how exactly the system should be disabled.
If we integrate such options for access into all systems, it becomes a dangerous security risk for virtually every device.
Such details will be hashed out in a longer process that leads to the eventual formulation of an explicit law. First though, the interior ministers’ conference must decide that such measures are necessary.
The protests from digital experts show just how sensitive this issue is. Digital firms and government security authorities have been fighting about matters like this more frequently. Businesses say they are trying to make their products safer from hacker attacks, while the government seems to want to combat crime by allowing more access, potentially making them less private.
“In the future, alarm systems will be the key to smart homes and networked cars,” says Bernhard Rohleder, the head of Bitkom, a German digital economy association. “Whoever has this key has access to all networked building engineering systems and their sensors. You don’t need bugs. All you have to do is dial into one of the many networked devices and activate the cameras or microphones.”
Dana Heide is a Berlin-based correspondent for Handelsblatt where she covers digital policy, innovation and small and medium-sized companies. To contact the author: firstname.lastname@example.org