Machine-translated copy of the judgment of the German Federal Constitutional Court of 2 March 2010...

Copyright © 2012 Constitutional Court

Citation: BVerfG, 1 BVR 256/08 dated 02.03.2010, paragraph no. (1 345), http://www.bverfg.de/entscheidungen/rs20100302_1bvr025608.htmlFree for noncommercial use. Commercial use only with permission of the court.

Guidelines

to the judgment of the First Senate of 2 March 2010

1 BvR 256/08

1 BvR 263/08

1 BvR 586/08

1. A sixmonth, as a precaution without occasion retention of telecommunications traffic data from privateservice providers, such as Directive 2006/24/EC of the European Parliament and the Council of 15 March2006 (OJ L 105 of 13 April 2006, pp. 54, hereinafter: Directive 2006/24/EC) shall be read, not simplyincompatible with Article 10 of the Basic Law, to a possible priority of this policy, it is not so.

2. The principle of proportionality requires that the legal elaboration of such a data store associated with thespecific weight of the storage encroachment on fundamental rights adequately into account. Requiredstandards are sufficiently sophisticated and clear regulations regarding data security, data use, transparencyand legal protection.

3. Ensuring data security standards and the clear purpose of limiting the potential use of data is responsible asan intrinsic part of the arrangement of the data retention requirement the federal legislature under Article 73paragraph 1 No. 7 of the Basic Law. In contrast, the responsibility depends on the establishment of pollingarrangements themselves and for the development of the transparency and legal protection provisions of therespective professional capacities.

4. As far as data security regulations will require that claim a very high standard of safety standards clear andbinding. It is certainly the reason for the law to ensure that this is geared to the development of professionaldiscussions, new insights and knowledge continually receives and is not subject to a free assessment ofgeneral economic factors.

5. The recall and the immediate use of the data are only relatively, if they serve important functions of thesuperior protection of legal protection. In the field of law enforcement, this requires a reasonable suspicion bycertain facts of a serious crime. For the security and the fulfillment of the tasks of the intelligence services,they may be allowed only if there actual evidence of a specific danger to life, limb or liberty of a person, to theexistence or the security of the Federation or a State or a common danger.

6. The only indirect use of data to provide information by telecommunications service providers about the ownerof Internet Protocol addresses is also independent of limiting criminal or legal goods catalogs for lawenforcement, security and the perception of intelligence tasks allowed. The prosecution of offenses, suchinformation shall be permitted only by special importance in the law explicitly named cases.

FEDERAL CONSTITUTIONAL COURT

1 BvR 256/08 1 BvR 263/08 1 BvR 586/08

On behalf of the people

In proceedings of

the constitutional complaints

Delivered on 2 March 2010 flip clock inspector office as Clerk of the office

I.

First of Prof. Dr. G. ...Second by Dr. G ...Third K of the Lord ...

4th the J ... GmbH, represented by its Managing Director,

5th Lord of the U ...6th Lord of the R ...7th Z of the Lord ...8th by Dr. B ...

Agent:Lawyer Meinhard Starostik, Schill Strasse 9, 10785 Berlin

against , § § 113a, 113b of the Telecommunications Act as amended by the Act Amending

the interception of telecommunications and other undercover investigative measuresand the implementation of Directive 2006/24/EC of 21 December 2007 ( FederalLaw Gazette I p 3198 )

1 BvR 256/08

II

First by Dr. Dr. hc H ...Second by Dr. S ...Third the woman L ...4th Mr B's ...5th Women P ...6th K of the Lord ...7th by Dr. L ...8th by Dr. W ...9th of Prof. Dr. S ...10th Women S ...11th Lord of the F ...12th Lord of the S ...13th the Lord V ...14th W of the Lord ...

Agent:Dr. Dr. hc lawyer Burkhard Hirsch, Rheinallee 120, 40545 Düsseldorf

against The law establishing new rules on telecommunications surveillance and other

undercover investigative measures and the implementation of Directive 2006/24/ECof 21 December 2007 (Federal Law Gazette I p 3198)

1 BvR 263/08

III.

First A woman ...Second Mrs B of ...Third Mr B's ...4th Mrs B of ...5th Mrs B of ...6th Mr B's ...7th Lord of D ...8th The Dr. D ...9th of Dr. E ...10th Lord of the F ...11th Lord of the G ...12th the woman G ...13th Women H ...14th Women H ...15th Women H ...16th of Mr. H ...17th of Mr. H ...18th W of the Lord ...19th W of the Lord ...20th the Lord's T ...21st of Dr. T ...22nd Lord of the S ...23rd by Dr. S ...24th Women S ...25th Women S ...26th Women S ...27th Women S ...28th Women P ...29th Lord of the N ...30th Lord of the N ...31st The wife M ...32nd Lord of the M ...33rd The wife M ...34th the woman L ...35th of Mrs. K ...36th K of the Lord ...37th K of the Lord ...38th of Mrs. K ...39th of Mrs. K ...40th by Dr. H ...

41st Women H ...42nd Women H ...43rd Women H ...

Agent:Prof. Dr. JensPeter Schneider, Lürmannstraße 10, 49076 Osnabrück

against The regulations on data retention in the law on the revision of telecommunications

surveillance and other undercover investigative measures and the implementation ofDirective 2006/24/EC of 21 December 2007 ( Federal Law Gazette I p 3198 )

1 BvR 586/08

the Federal Constitutional Court First Senate with the participation of the judge and judge

President paper, HohmannDennhardt, Bryde, Gaier, Eichberger, Schluckebier, churchyard, Masing

to the hearing on 15 December 2009 by

Judgmentrules as follows:

1. The § § 113a and 113b of the Telecommunications Act, as amended by article 2, paragraph 6 of the ActAmending the interception of telecommunications and other undercover investigative measures and theimplementation of Directive 2006/24/EC of 21 December 2007 (Federal Law Gazette Part I page 3198)violated Article 10, paragraph 1 of the Constitution and are void.

2. § 100g, paragraph 1, sentence 1 of the Criminal Procedure Code, as amended by Article 1, point 11 of theAct Amending the interception of telecommunications and other undercover investigative measures and theimplementation of Directive 2006/24/EC of 21 December 2007 (Federal Law Gazette Part I page 3198) fails,then as far as traffic data according to § 113a of the Telecommunications Act shall be subject to Article 10,paragraph 1 of the Basic Law and is to that extent void.

3. The interim result of the arrangement of 11 March 2008 in the process 1BvR 256/08 (Federal Law GazettePart I, page 659), repeated and extended by order of 28 October 2008 (Federal Law Gazette Part I page2239), recently reiterated by order dated 15th October 2009 (Federal Law Gazette Part I page 3704), byproviders of publicly available telecommunications services in the course of official requests for informationcollected, but for now are not in accordance with § 113b sentence 1, sentence 1 of the TelecommunicationsAct to the requesting authorities sent but saved telecommunications traffic data to be deleted immediately.They may not be transmitted to the requesting agencies.

4. The Federal Republic of Germany shall reimburse the complainants their necessary expenses of theconstitutional complaint procedure.

Reasons:

A.

ASubject of the constitutional complaints are provisions of the Telecommunications Act (hereinafter: the

Telecommunications Act) and the Code of Criminal Procedure (hereinafter: StPO) which govern the a preventiveretention of telecommunications traffic data by providers of publicly available telecommunications services for sixmonths and the use of these data.

I.

2The challenged provisions of the law were establishing new rules on telecommunications surveillance and other

undercover investigative measures and the implementation of Directive 2006/24/EC of 21 December 2007 ( BGBl IS. 3198 , the Law on the revision of telecommunications surveillance) are added or changed after the Article 16Paragraph 1 of 1 January 2008 entered into force. They are used to implement the Directive 2006/24/EC of theEuropean Parliament and the Council of 15 March 2006 on the retention of data, with the provision of publiclyavailable electronic communications services or of public communications networks and processes, and amendingDirective 2002/58/EC (OJ L 105 of 13 April 2006, pp. 54, hereinafter Directive 2006/24/EC).

3First All constitutional complaints directly to the Telecommunications Act § § 113a and 113b, which are by Article

2 No. 6 of the Act Amending the interception of telecommunications has been inserted into the TelecommunicationsAct. The constitutional complaints in the process 1BvR 263/08 and 1 BvR 586/08 also directly contact to § 100gStPO, as amended by Article 1, No. 11 of the Act Amending the interception of telecommunications, insofar as he iscollecting under § 113a Telecommunications Act allows stored data.

4a) § 113a TKG aims to have regard to all publicly available telecommunications services traffic data that provide

information about participating in a telecommunication connection ports, over time, has taken place to thetelecommunications, and the places that communicates from which is to save for six months and keep available forthe State responsibilities. The law takes so long been imposed on the Federal requirements (see Bundestagdocument 14/9801, p 8; BRDrucks 755/03 Beschluss, pp. 33 ff; BRDrucks 406/1/04; BRDrucks 406/04 <decision >;BRDrucks 723/05 Beschluss, p.1), which in 2006 joined with reference to the relevant actions on European level,including the German parliament. He called on the federal government to approve the draft of the Directive2006/24/EC and to submit soon a draft Implementation Act (see Bundestag document 16/545, pp. 4, 16/690, p 2;BTPlenarprotokoll 16/19, p 1430). Which the federal government came up with the draft law on the reorganization oftelecommunications surveillance pursuant to (see Bundestag document 16/5846).

5§ 113a para 1 sentence 1 of the Telecommunications Act requires providers of publicly available

telecommunications services as defined in § 113a para 25 TKG separately listed telecoms traffic data for landline,internet and mobile phone calls, to send SMS, MMS and similar messages to Email connections to the Internet andsave for a period of six months. A person providing such services, without actually generating traffic data shallensure in accordance with § 113a para 1 sentence 2 of the Act, that the data is stored, and communicated to theFederal Network Agency, who collects the data. Anyone providing telecommunication services, while changes to §113a TKG data to be stored is also required, under § 113a TKG, paragraph 6 to store the original and the changedinformation. After expiration of the retention period, the data must be deleted in accordance with § 113 para 11 of theTelecommunications Act within one month. The contents of the communication and data requested websites mayunder § 113a TKG, section 8 can not be saved. For data security refers to § 113a para 10 of theTelecommunications Act in the telecommunications sector and due diligence requires that the access to this dataonly specially authorized persons shall be reserved.

6In addition to storage under § 113a TKG is for providers of telecommunications services in accordance with § 96 of

the Act to continue the ability to store telecommunications traffic data and use to the extent necessary for the

purposes specified therein. After the end of a telecommunications link these data must be used according to § 96para 2 sentence 1 of the Telecommunications Act, in essence, as far as they are needed for determining the feesand the billing of the participants (§ 97 para 1 sentence 1 TKG), to create an itemized bill (§ 99 para 1 sentence 1TKG), as required for the detection, localization and removal of faults or defects in telecommunications systemsrequired (§ 100, paragraph 1 TKG), and to provide information about the owner of connections, from whichthreatening or harassing phone calls went out (§ 101 para 1 sentence 1 TKG).

7§ 113a TKG is:

8§ 113a

9Storage requirements for data

10(1) Anyone providing publicly available telecommunications services to end users, is requiredto save him from his service in the use of traffic data generated or processed in accordancewith paragraphs 2 to 5, six months in the country or in another Member State of the EuropeanUnion. Anyone who publicly available telecommunications services to end users provides,without actually generating traffic data, or process, must ensure that the data is stored inaccordance with Clause 1, and the Federal Network Agency, upon request, indicating whocollects this data.

11(2) The provider of publicly available telephone services to save:

12First the phone number or other identifier of the calling and called party, and in case of anyorder or other collaborating port forwarding settings,

13Second the beginning and the end of the connection by date and time, indicating theunderlying time zone,

14Third in cases where, in the context of telephone service different services are used,information about the used service,

154th in the case of mobile telephone services further comprises:

16a) the international mobile subscriber identifier for the calling and the called terminal,

17b) the international identification of the calling and the called terminal,

18c) the designation by the calling and the called terminal at the beginning of the connectionused radio cells,

19d) In the case of prepaid anonymous services, the first activation of the service by date, timeand name of the radio cell

205th in the case of internet telephony services and the Internet Protocol address of the callingand called party.

21Sentence 1 shall apply accordingly in the transmission of a text, multimedia or similarmessage, but taking instead of the information under sentence 1 No. 2 of the times ofdispatch and receipt of the message store.

22(3) The provider of services of email store:

23First when sending a message, the identifier of the electronic mail and the Internet Protocoladdress of the sender and the identifier of the electronic mailbox of each recipient of themessage,

24Second upon receipt of a message in an electronic mailbox, the identifier of the electronicmailbox of the sender and the receiver of the message and the Internet protocol address ofthe sending telecommunications system,

25Third with access to the electronic mailbox whose ID and the Internet Protocol address of theperson using it,

264th the dates referred to in paragraphs 1 to 3 uses of the service date and time, indicating theunderlying time zone.

27(4) The provider of Internet access services and save:

28First the use of the subscriber for an Internetassigned Internet Protocol address,

29Second a unique identifier of the connection, via which Internet use,

30Third the beginning and the end use of the Internet under the assigned Internet Protocoladdress by date and time, indicating the underlying time zone.

31(5) If provider of telephone services referred to in that provision, traffic data referred to in § 96para 2 purposes save even or record when the call goes unanswered or because ofinterference of network management is unsuccessful, the traffic data are also in accordancewith this provision store.

32(6) Any person who provides telecommunications services and this is changing according tothe records that this provision is to store the original and the new disclosure obligation andthe timing of the transfer of this information by date and time, indicating the underlying timezone.

33(7) Any person who operates a mobile network to the public is bound to the stored under thisprovision designations of radio cells collected in well data, which give rise to the geographiclocations of the respective radio cell serving radio antennas and their main beam directions.

34(8) The contents of the communication and data on referring sites by virtue of this provisioncan not be saved.

35(9) The storage of the data referred to in paragraphs 17 shall be made so that requests forinformation of the authorized bodies can be answered immediately.

36(10) The obligor under this provision has on the quality and the protection of stored traffic datain the field of telecommunications due diligence to be observed. Under which he shall taketechnical and organizational measures, that access to the stored data is possible only for thispurpose by him specially authorized personnel only.

37(11) The obligor under this provision, the stored data solely on the basis of this provision isdeleted within one month after the expiry of the period referred to in paragraph 1 or to ensurethe deletion.

38b) § 113b TKG governs the purposes for which authorized pursuant to § 113a TKG data will be used. He

distinguishes between the transfer of authority to allow this use to perform their tasks, and use bytelecommunications service providers themselves to supply information pursuant to § 113 TKG, in particular relatingto the ownership of Internet connections.

39aa) § 113b sentence 1, sentence 1 TKG governs the purposes for which may transmit the data to the

telecommunications company authorities. The conditions under which these may in turn use the data should beregulated by federal or state law provisions of specific legislation. § 113b sentence 1, sentence 1 TKG provides thatthe storing obligor those data that are stored solely on the basis of the retention requirement under § 113a TKG,exclusively for the prosecution of criminal offenses (No. 1), to prevent serious risks to public safety ( may transmitNo. 2) and the performance of intelligence tasks (No. 3) to the appropriate authorities.

40The transmission of data to the relevant body must be made at their request under § 113b sentence 1, sentence 1

TKG only to the extent provided in the relevant statutory provisions of the trade laws with reference to § 113a TKGexpressly arranged in a particular case.

41The professional legal basis for authority to use the stored under § 113a TKG data for law enforcement is that of

the complainants in the proceedings 1 BvR 263/08 and 1 BvR 586/08 attacked § 100g StPO. For security andperformance of duties of the intelligence services now refer § 20m of the Federal Criminal Law (hereinafter: BKAG)as amended by the Act to address the threats of international terrorism by the Federal of 25 December 2008 (Federal Law Gazette I p 3083 ) and various state law provisions to § 113a TKG, allowing the official use of thestored data under this provision.

42Stored in a permissible way telecommunications traffic data could, however, before entry into force of § 113a TKG

to have law enforcement, security or performance of intelligence tasks are used. That was paragraph 1 StPO §100g, as amended by Article 1 of the Law amending the Code of Criminal Procedure of 20 December 2001 ( BGBl IS. 3879 , hereinafter § 100g StPO aF) is suspected of a crime of considerable importance or of an offensecommitted by a terminal of the telecommunications offense on the basis of a judicial order an obligation of serviceproviders to provide information via telecommunications connection data before. Also approved as Article 34b para 2no 1 of the Law on the Duties and Powers of the Bavarian State Police (Police Duty Law, hereinafter BayPAG) asamended by the Act to Amend the Police Act and the jobLaw Parliamentary Control Committee of 24 December2005 (GVBl p. 641) or § 8 paragraph 1 sentence 1 No. 4 of the Act on Cooperation between the federal and stategovernments on matters of constitutional protection and the Federal Agency for State Protection (FederalConstitution Protection Act, hereinafter BVerfSchG) as amended of the Act to supplement the Terrorism Act of 5January 2007 ( Federal Law Gazette I page 2 ) to security or to meet the intelligence services over existingtelecommunications connection data information obtained.

43

bb) § 113b sentence 1, sentence 2 TKG, the use of the stored under § 113a TKG to include other than those in §113b sentence 1, sentence 1 TKG these purposes but out of principle. It can however be an exception in the waythat they may be used by service providers and to provide information pursuant to § 113 of the Act.

44§ 113, paragraph 1 TKG allows authorities to call up socalled customer and inventory data in accordance with § §

95 and 111, the Telecommunications Act, in particular of telephone numbers, port names, and names and addressesof port owners. § 113b sentence 1 clause allows 2 TKG it to the service providers, information about the owners ofsocalled "dynamic" Internet Protocol addresses (hereinafter IP addresses) grant. IP addresses are not in the currentstate of development of a port is normally assigned to be a socalled "static" IP addresses, but assigned to theInternet users, only for the duration of each access to the Internet as a dynamic IP addresses. About the owner ofthe port that was used from which a particular dynamic IP address at a particular time is, therefore, can only provideinformation to be given when the traffic data can be analyzed, which provide information about which port thespecific IP address for relevant time, was assigned. This allows § 113b sentence 1, sentence 2 TKG for the datastored under § 113a TKG.

45The prevailing view were traffic data to provide information about the holder of dynamic IP addresses to § 113

paragraph 1 TKG be used even before the entry into force of § § 113a and 113b TKG (cf. LG Stuttgart, Decision ofJanuary 4, 2005 13 Qs 89/04 , NJW 2005, p 614 <614 f>; LG Hamburg, decision of 23 June 20051 Qs 43/05 ,MMR 2005, p 711 <712 f>; Sankol, MMR 2006, p 361 <365>; aA LG Bonn, Decision of 21 May 200431 Qs 65/04 ,DuD 2004, p 628 <628 f>, Karlsruhe Higher Regional Court, judgment of 4 December 2008 4 U 86/07 , MMR2009, 412 <413 f>; Baer, ૩૩Guide to computer evidence, 2007, p 148, para 212; Bock, in: Geppert / Piepenbrock /contactor / Schuster, Beck. 'Commentary on the shear TKG, 3rd edition 2006, § 113 para. 23f.) Accessed it wasonly in accordance with § 96 of the Act of stored traffic data. The possibility of identifying the holder of a dynamic IPaddress via an information pursuant to § 113 paragraph 1 TKG was therefore dependent on whether such data weresaved at the time of the request yet.

46Importance is the identification of the holder of IP addresses as the copyright notice. Should the rights holders to

record the IP addresses where copyright violations are committed on the Internet, the law enforcement authoritieswith requests for information pursuant to § 113 paragraph 1 TKG identify individual subscribers, against which cando the owners and having considered the criminal acts then civil law. While conceding § 101 paragraph 2 sentence 1No. 3 of the Copyright Act ('the Copyright Act) as amended by Article 6, point 10 of the Act to improve enforcementof intellectual property rights of 7 July 2008 ( BGBl I S. 1191 ) under their copyrights under certain conditions,become injured as a civil right of access to the telecommunication services vendors. This may provide thisinformation under § 101 para 9 of the Copyright Act on the basis of a warrant under use of telecommunicationstraffic data. However, this is a throwback to the data stored under § 113a TKG data excluded (see OLG Frankfurtam Main, Decision of 12 May 2009 11 W 21/09 , MMR 2009, page 542 <544> references; Hoeren, NJW 2008, pp.3099 <3101>; Baker, in: Rensen / Brink, lines of jurisdiction of the Federal Constitutional Court, 2009, p 99 <111 f>,footnote 49).

47Information referred to in § 113 para 1 sentence 1 TKG be granted to the extent necessary for the prosecution of

criminal offenses or misdemeanors, to prevent threats to public safety or order or for the performance of intelligencetasks.

48cc) § 113b TKG is:

49§ 113b

50Using the data stored under § 113a

51The obligor under § 113 may solely on the basis of the retention requirement under § 113a of

the data stored

52First to prosecute crimes,

53Second to avert serious threats to public safety or

54Third to fulfill the statutory duties of the constitutional protection of federal and stateauthorities, the Federal Intelligence Service and the Military Intelligence

55transmitted to the competent authorities at their request, to the extent provided in therespective statutory provisions with reference to § 113a and the transmission is placed in anindividual case, and for other purposes with the exception of one provision of informationpursuant to § 113, he must not use the data. § 113 paragraph 1 sentence 4 shall applyaccordingly.

56The Telecommunications Act § 113b of the regulation referenced in § 113 TKG provides in relevant part:

57§ 113

58Manual procedures for information

59(1) Any person who provides businesstelecommunications services or assists, has in eachcase to the competent authorities shall promptly upon request, information about the chargesunder § § 95 and 111 data, as necessary for the prosecution of criminal offenses ormisdemeanors, to respond to threats to public safety or order or to fulfill the statutory dutiesof the constitutional protection of federal and state authorities, the Federal IntelligenceService or the Military is required. Information about data by which to access devices ornetwork used in this or in storage facilities will be protected, particularly PIN or PUK has,pursuant to sentence 1 of the obligor pursuant to a request for information pursuant to § 161para 1 sentence 1, § 163 para 1 Code of Criminal Procedure, the data collection provisions ofthe police laws of the federal or state governments to prevent threats to public safety ororder, § 8 paragraph 1 of the Federal Constitution Protection Act, the relevant provisions ofthe State Constitution Protection Act, § 2 paragraph 1 of the Federal Intelligence Service Actand § 4 be distributed to other public or private bodies that data not be disclosed, to give oneof the MADlaw.. Access to data that are subject to telecommunications secrecy is permittedonly under the conditions of this relevant statutory provisions. Providing information about theissuer has to be true to its customers and third parties to disclose.

60(2) ...

61c) § 100g para 1 sentence 1 StPO regulate the collection of telecommunications traffic data for law enforcement

purposes. Law enforcement agencies can then initially, as stipulated in § 100g StPO aF access to traffic data,which saved the telecom companies on the basis of § 96 of the Act. In addition, § 100g StPO now allows thecollection of under § 113a TKG precaution saved data. Here are directed against the constitutional complaints in theprocess 1BvR 263/08 and 1 BvR 586/08.

62Specifically, it allows § 100g para 1 sentence 1 StPO § 113a TKG referring to the law enforcement authorities,

without the knowledge of the person concerned to collect traffic data to the extent necessary for the investigation of

the facts or discovering the whereabouts of the accused. Is this true only if justified certain facts to the suspicionthat someone as a perpetrator or a participant an offense designated by or in specific cases considerableimportance, especially a 100a in § paragraph 2 StPO offense committed, attempts to commit or has a criminal hasprepared or that someone as a perpetrator or a participant has committed an offense by means oftelecommunication.

63The data collection may under § 100g para 2 sentence 1 in conjunction with § 100b para 1 sentence 1 and 2 StPO,

except in exigent circumstances will be arranged only by the judge. The order may be directed in accordance with §100g para 2 sentence 1 in conjunction with § 100a paragraph 3 StPO only against the accused persons, or against,or take them because of certain facts is that they are specific to the suspect or receive messages originating from itor pass, or that the accused used their connections.

64When committed by means of telecommunications crime, the traffic data collection is in accordance with § 100g

para 1, sentence 3 Code of Criminal Procedure only if the investigation of the facts or the determination of thewhereabouts of the accused hopeless otherwise would, and the collection of data in proportion to the importance ofthe matter stands. This limitation was the legislature on the grounds of proportionality required because the trafficdata collection was obtained by the storage requirement according to § 113a TKG associated expansion of the totalvolume of data on intervention intensity (see Bundestag document 16/5846, p 52).

65Of the measures according to § 100g para 1 sentence 1 StPO, the person in accordance with § 101 paragraph 4,

sentence 1 StPO is informed. Their judicial review, he may, within two weeks of notification (§ 101 para 7 sentence2 StPO). In certain cases, a notification under stay (§ 101 para 4 Code of Criminal Procedure), in other cases theycan be reset (Code of Criminal Procedure § 101 para 5). A longterm deferral under § 101 para 5 Code of CriminalProcedure requires, unlike the waiver of a notice under § 101 para 4 Code of Criminal Procedure by a court.

66§ 100g StPO is:

67§ 100g

68(1) If particular facts justify the suspicion that someone as a perpetrator or a participant

69First is a criminal offense of considerable importance in the individual case, especially one in§ 100a paragraph 2 designated offense committed, committing, in cases where the attempt ispunishable, has attempted or prepared by a crime or

70Second an offense committed by means of telecommunications,

71then any be made without knowledge of the affected traffic data (§ 96 para 1, § 113 of theTelecommunications Act), to the extent necessary for the investigation of the facts or thedetermination of the whereabouts of the suspect is. In the case of sentence 1, No. 2, themeasure is only allowed if the investigation of the facts or the determination of thewhereabouts of the accused would be pointless otherwise and the collection of data inproportion to the importance of the matter stands. The collection of location data in real timeis only in the case of sentence 1 No. 1 admissible.

72(2) § 100a and § 100b para 3 paragraphs 1 to 4, sentence 1 shall apply accordingly.Notwithstanding § 100b para 2 sentence 2 No. 2 in the case is enough of a crime ofconsiderable importance spatially and temporally sufficiently specific designation oftelecommunications, if the investigation of the facts or the determination of the whereabouts

of the accused would be difficult otherwise hopeless or significantly .

73(3) If not, the collection of traffic data in the telecommunications service provider, it isdetermined after the completion of the communication to the general provisions.

74(4) On measures under paragraph 1 shall be prepared in accordance with § 100b para 5 ofeach year a table are indicated in the contract:

75First the number of cases in which action under paragraph 1 have been carried out;

76Second the number of arrangements of measures under paragraph 1, distinguished by initialand extension orders;

77Third each underlying cause offense, broken down by section 1 sentence 1 No. 1 and 2;

784th the number of recent months were queried for the traffic data under paragraph 1,calculated from the date of the arrangement;

795th the number of measures that have remained inconclusive, because the requested datawere not available in whole or in part.

80Second Directive 2006/24/EC of the European Parliament and Council, the implementation of the challenged

regulations as they relate to the prosecution to serve, was adopted by the Council on the basis of Article 95 votingagainst Ireland and Slovakia (see Council document 6598/06 ADD 1 of 27 February 2006, p 4), after the EuropeanParliament a submitted by France, Ireland, Sweden and Great Britain on draft article 31, paragraph 1, point c, andArticle 34 paragraph 2 letter b EUV in the entry into force of the Treaty of Lisbon, as amended (hereinafter TEU aF) rejected based Framework Decision on the retention of telecommunications data (see Council document 8958/04dated 28 April 2004) had (see parliamentary document P 6 TA [2005] 0348).

81a) The Directive builds on the fact that telecommunications traffic data are a valuable tool in the prosecution of

criminal offenses, particularly in the areas of organized crime and terrorism (see recitals 7 to 10 of Directive2006/24/EC) and that some Member States regulations on the retention of such data would adopt that differedgreatly from each other (see paragraph 5 of Directive 2006/24/EC). The thus created legal and technical differencesaffect the internal market for electronic telecommunications, because the providers of telecommunications serviceswith different requirements for data to be stored and the storage time were facing (see paragraph 6 of Directive2006/24/EC).

82b) The validity of Directive 2006/24/EC, both as to its compatibility with Community fundamental rights (see

Klesczewski, in: Festschrift for Gerhard Fezer 70th birthday, 2008, p 19 <24 f>; Klug / Reif, RDV 2008, p 89 <91ff>; Rusteberg, VBlBW 2007, p 171 <176>; Westphal, EuZW 2006, p 555 <558 f>; Zoeller, GA, 2007, pp. 393 <410et seq >; Advocate General Kokott, Advocate of July 18, 2007 Case C275/06 ECR 2008, I271 <276>, paras 82 Promusicae ) as well as in relation to the undrawn basis of competence. European Community called into question(see grid / Schnabel, MMR 2007, p 411 <412 f>; Jenny, CR 2008, p 282 <285>; Klesczewski, in: Festschrift forGerhard Fezer 70th birthday, 2008 , pp. 19 <22 ff>; Klug / Reif, RDV 2008, p 89 <91>; LeutheusserSchnarrenberger, ZRP 2007, p 9 <11 ff>; Rusteberg, VBlBW 2007, p 171 <173 f>; Westphal, EuZW 2006, p 555<557 f>; Zoeller, GA, 2007, p 393 <407 et seq>).

83By judgment of 10 February 2009, the Court dismissed an action for annulment under Article 230 of the Treaty of

Ireland (see ECJ, judgment of 10 February 2009 Case C301/06 ), which was based on the fact that thepredominant purpose of the Directive to facilitate the prosecution of criminal offenses and that therefore the legalbasis only the unanimity which implied provisions of the EU Treaty old version on police and judicial cooperation, inparticular Article 30, Article 31, paragraph 1, point c, and Article 34 paragraph 2 letter b EUV aF would be considered(see action on 6 July 2006 Case C301/06 OJ C 237 of 30 September 2006, p.5). Here, the Court stated explicitlyclear that the decision does not have a possible breach of Community fundamental rights to the object (see ECJ,judgment of 10 February 2009 Case C301/06 ., Para 57).

84c) Pursuant to Article 1 paragraph 1 Directive 2006/24/EC Directive aims to harmonize the provisions of the

Member States concerning the obligations of providers of publicly available electronic communications services or ofa public telecommunications network operators for the retention of telecommunications data to ensure that the datafor the purpose of the investigation, detection and prosecution of serious crime, as defined by each Member State inits national law, are available. When adopting the Directive, the Council stated to the Member States have to definethe term "serious crime" in Article 2, Paragraph 2 of the Council Framework Decision on the European arrest warrantand the surrender procedures between Member States (2002/584/JHA ) of 13 June 2002 (OJ L 190 of 18 July 2002,page 1) the criminal offenses and offenses with the use of telecommunications facilities to be considered appropriate(see Council document 6598/06 ADD 1, p 4). The use of the data sets for the tasks of security or intelligenceservices is not the policy.

85According to Article 3 paragraph 1 Directive 2006/24/EC requires Member States must ensure that stored in Article

5 of Directive 2006/24/EC on data in a listed stock, which according to Article 6 of Directive 2006 / 24/EG a periodof at least six months to two years from the date of the communication to be determined. Under Article 4 Directive2006/24/EC, Member States must ensure that the retained data will be passed only in certain cases and inaccordance with its domestic law to the competent national authorities. Each Member State shall specify theprocedures and conditions for access to data in accordance with the requirements of necessity and proportionalitymust be observed.

86Article 7 of Directive 2006/24/EC requires Member States to ensure that are observed in relation to the data to be

retained on certain minimum standards of data security. In addition, the rules in Directives 95/46/EC and2002/58/EC applicable (see recitals 15 and 16 of Directive 2006/24/EC). Guarantee under Article 8 of Directive2006/24/EC, Member States shall ensure that the stored data and other information required to be forwardedimmediately upon request to the competent authorities. Under Article 13 of Directive 2006/24/EC, Member Statesshall also ensure that the measures taken to implement the provisions of Chapter III of Directive 95/46/EC providingfor judicial remedies, liability and sanctions in view of the data processing according to Directive 2006 / 24/EG befully implemented. No regulation meets the policy about who should bear the cost of data storage.

87Third § 100g StPO is moreover important for the Council of Europe Convention on Cybercrime ( Federal Law

Gazette II, S. 1242 , 'the Convention on Cybercrime) importance (cf. Bundestag document 16/5846, pp. 27 f and50). The Convention requires not only the creation of substantive criminal law to combat computer crime, but also tocertain criminal procedure rules. In particular, under Article 16 of the Convention, the competent authoritiesauthorized to order the immediate safety of traffic data. Persons in whose control are such data must be obliged tosecure the short term and whole, to allow competent authorities to obtain their transfer (socalled Quick Freezing). Asimilar provision was unnecessary for the legislature, however, because the data is stored frozen due to theextensive storage under § 113a TKG already been drawn up (see Bundestag document 16/5846, p.53).

884th At the request of the complainant in the proceedings 1BvR 256/08, the Federal Constitutional Court by order of

11 March 2008 a temporary injunction is issued, will be allowed after the § 113b sentence 1 No. 1 of theTelecommunications Act restricted pending a decision on the merits only applied (see BVerfGE 121, 1 ). By order of28 October 2008 has extended the interim order to the effect that could also be made ૩૩of § 113b sentence 1 No. 2and 3 of the Telecommunications Act to the main decisionmaking with use restrictions (see BVerfGE 122, 120 ). Inaddition, the federal government was ordered to report for each successive period of several months on the practicalimplications of the measures provided for in § 113a TKG Data storage devices and the interim order for the

prosecution. The Federal Government is that for the periods 1 May 2008 to 31 July 2008, from 1 August 2008 to 1March 2009 and from 1 March 2009 to 1st September 2009 complied.

II

89First The complainant in the proceedings 1BvR 256/08 are opposed to the § § 113a and 113b of the Act. They

allege the violation of Article 10, paragraph 1, Article 12, paragraph 1, article 14, paragraph 1, Article 5, paragraph 1and Article 3 paragraph 1 GG. Which have joined with the same argument in the run as Case 1 BvR 508/08 processmore than 34,000 applicants.

90a) The constitutional complaint was admissible.

91aa) The complainants 1) to 3) and 5) to 8 used) as a highschool teachers, lawyers, managers, accountants and

certified public accountant and investigative active journalist home and work various telecommunications servicessuch as fixed lines, mobile phones, Internet services and email accounts . They would not be reasonable tocomplain first before the competent courts against the telecommunications companies.

92The complainant was developing to 4) and drive the software for a commercial Internet privacy software. The work

is done in conjunction with other independent operators will use their software on their servers. While pursuing thecomplainant himself also a publicly accessible server anonymization. The anonymity service is provide as a result ofthe challenged norms is no longer economical. Also, it would suffer the loss of their customers because they couldnot because of the retention trust to remain anonymous. In fact, the storage requirement a professional ban coming.The storage requirement it concerns itself, present and immediate, since it could not be expected to respond by theirfailure to comply with the risk of fines or criminal proceedings.

93bb) The admissibility of the constitutional complaint is not contradicted, that the challenged provisions were

intended to implement the Directive 2006/24/EC. The federal legislature is incompatible with the Directive2006/24/EC, if the data stored under § 113a TKG data should be used not only for serious crimes, but also securityand performance of intelligence tasks.

94The Federal Republic of Germany is also not obliged to implement the Directive 2006/24/EC. This is contrary to

Article 95 and of Community fundamental rights. It violates the right to respect for private life and correspondenceunder Article 8 ECHR and leads to a disproportionate interference with the protection afforded by Article 10 ECHRfreedom of expression. The Directive should therefore not be used in Germany. At least the constitutional complaintis admissible, because the challenged norms for an annulment by the European Court of Justice for a preliminaryruling under Article 234 EC Treaty (now Article 267 TFEU), whose implementation is sought examined in its entiretybased on the fundamental rights of the Basic Law could be. Holding, the Court not to Directive 2006/24/EC invalid,the Federal Constitutional Court to declare them unconstitutional as competence and the contested inapplicable § §113a and 113b TKG be discarded.

95b) The constitutional complaints were well founded. If it were a storage of data on stocks, which is

unconstitutional. Let there be now possible to determine all the communication partner of a person in the last sixmonths. The storage of the radio cells, will enable the phone in the area, virtually uninterrupted movement profiles.The storage of the IP address it in future permit to track the Internet usage patterns of the past six months. Incontrast, nothing indicated that the storage of affecting measurable clearance rate or crime rate.

96aa) The challenged provisions violated Article 10 paragraph 1 GG. The data to be stored fell within the scope of

telecommunications secrecy. The Internet falls under Article 10 paragraph 1 GG while also going as far as it used asa medium of mass communication. With the § § 113a, 113b TKG reasonable interference with the secrecy oftelecommunications is not justified.

97(1) guaranteeing a proper criminal justice system can not justify the retention. In the area of ૩૩cybercrime issue in

the first place by assets. As far as telecommunications equipment would be used only as an aid in the commissionof traditional crimes, legal protection of all types were affected. The suitability of data retention for combatingorganized crime or the prevention of terrorist attacks would be considered extremely low.

98General preventive effects of retention are not expected to seriously. In the field of law enforcement just decided

milder powers of intervention are appropriate as the defense against specific hazards. Data that had been won torespond to threats of legal protection for the most likely, not be used to prosecute minor offenses. A secondary useis permitted only if the collection of data and to the purpose for which details are given of secondary use, isproportionate. Which will not be taken into account. Advanced investigative powers of law enforcement authoritiescould increase the clearance rate at most slightly. Whether this leads to a reduction in the crime rate is extremelyquestionable.

99The suitability of the retention of data for protection of legal rights is uncertain. Although it prevents that

communications are not allowed to understand why, because their circumstances are not saved. However, it isunclear to what extent there needs to store data. In any case, a variety of communications data for billing purposeswill be stored and evidence for up to six months. Criminal groups took advantage of opportunities the other hand,anonymous prepaid plans such as telecommunications or Internet cafes.

100(2) As compared to the retention of less drastic means get the quickfreezing process into consideration, which

concerns the protection of all remaining stored traffic data of a person. In very exceptional cases is also the locationof the store all at some point the available traffic data possible (Global Freezing).

101(3) The severity of the interference with Article 10 paragraph 1 GG derives from the fact that all people are

affected, the telecommunications services to the public would take to complete. The storage of suspicion regardlesssuccesses. The mere possibility that data could be needed for purposes of law enforcement or security does notjustify the intervention. The data retention enables the creation of telecommunications and motion profiles and havelarge variance. This is all the more weighty, as telecommunications taking place in the expectation of completeconfidentiality.

102A generalized, overall supervision in the form of a comprehensive collection of telecommunications links, as it

represents the retention is, even the greatest dangers to defend against unconstitutional. The probability that thestored data would be needed later to security or law enforcement purposes, be negligible and could not justify such aserious surgery. The retention personality enables images with unprecedented accuracy. The communication ofcontent data are quite revealing. Access to the circumstances of the telecommunications weigh no less heavily thanon the communication content. It enables comprehensive personal and behavioral profiles. Traffic data provided awealth of information about social relationships.

103The retention as increases the risk of wrongly convicted or suspended investigations are innocent, and the risk of

data abuse. Traffic data may be selectively used against unpopular persons and were suitable for the control ofindividuals and groups as well as for industrial espionage. Only the reticles of the data storage effectively protectagainst abuse.

104The retention affect impartiality which is essential for democracy in communication. The protection of human

dignity requires a degree of unobserved communication especially in the context of special relationships of trust. Thedamage that arises through the surveillance of citizens, would not be outweighed by the associated efficiency gains.The retention have reduced the development of countermeasures and could ultimately result in the amount ofavailable data even telecommunications. On the other hand, the increasing digitization, the decrease of the storedtraffic data for billing purposes, the same even without the retention of more than.

105This is disproportionate, because the expected benefit in a significant proportion to their disadvantages for patients

and society as a whole stand. The protection of legal rights would improve in a few cases. With a reduction in crimelevels was not expected. In view of the importance of other personal data for law enforcement threatens a slipperyslope.

106bb) The impugned provisions also infringe Article 12 paragraph 1 GG. The § § 113a and 113b TKG attacked a

disproportionate effect on the professional practice of freedom of commercial providers of telecommunicationsservices and the professional freedom of members of trust professionals.

107So it touches the relationship of trust between lawyer and client, where it can be revealed by analysis of

telecommunications traffic data, the attorneyclient relationship. The retention of the shrink from contact withtelecommunicative specialized consultants, because it farreaching conclusions about health and mental health,religion or financial circumstances may be considered. Journalists threatened with the loss of informants. Thisnegative effect prevails over any measurable public interest. Given the small number of cases in which it wasimportant to communicate with professional secrets, concerns the protection of legal interests are guaranteedwithout retention.

108Also with regard to the service provider violates the proportionality of data retention requirement. A scheme under

which the consequent capital costs must be repaid does not exist. In the absence of adequate compensationarrangements also made the cost of managing, processing and transmission of storage data to the competentauthorities of the Inpflichtnahme telecommunications company but was unacceptable. Without adequatecompensation to them should the performance of duties of law enforcement and security are not imposed as a coretasks of the state.

109cc) If equipment previously used by telecommunications service providers as a result of retention could not be

used to attack the § § 113a and 113b TKG also similar in the confiscatory property guarantee of Art 14 para 1sentence 1 GG one. This is not compatible without adequate compensation with article 14 paragraph 1 GG.

110dd) § § 113a and 113b TKG also contrary to Article 5 paragraph 1 GG. They violated the freedom of expression,

information and broadcasting freedom. The more expensive the telecommunications data retention. This is forcingless wealthy citizens, businesses and organizations to restrictions. In addition, providers and users would bedeterred by the state in particular critical information. The impairment of the freedom of information stand there notprevent nonrequested web pages due to § 113a TKG should be saved. Provider of telemedia often stored inviolation of the Telemedia Act, the IP addresses of users. It had the state authorities in accordance with § 15paragraph 5, sentence 4 in conjunction with § 14 para 2 TMG access. Of views, information and broadcasting areconstitutive of a liberal democracy. Given the effect on overall social information exchange and its only limited valuegrab a disproportionate effect on the retention of Article 5 § 1 Basic Law.

111ee) § § 113a and 113b TKG eventually hurt the general principle of equality under Article 3, paragraph 1 GG in more

ways than one.

112This applies first of all, as far as successes for the exchange of information via telecommunications networks, but

not for spatiallydirect exchange of information, storage of communications data. Given the high level of interventionof this differentiation was not particularly retention justified because in the range of spatial and direct communicationoften would find other evidence.

113It also violated Article 3 para 1 Basic Law, that would indeed captured the use of information resources on the

Internet, but not that of traditional mass media such as magazines, books and television. That mass communicationis particularly prone to damage over the telecommunications networks, there is no compelling evidence. An

unjustified difference in treatment was also that the retention does not use computers not telecommunicativedetected. Similarly, Article 3 para 1 Basic Law had been violated because the legislature had not justified except onthe choice of milder agents such as technical, structural and enlightening prevention measures, or the quickfreezingmethod.

114Nor were the difference in treatment between the telecommunications and electronic information exchange and the

postal system embodied as a distanced exchange information, the unequal treatment of telecommunicationsundertakings to postal organizations, the unequal treatment of the use of telecommunications services over the useof other services and the unequal treatment of telecommunications companies to other companies such as banksand airlines constitutionally justified.

115Furthermore, violates the equal treatment of small telecommunications companies to the general principle of

equality, because this would be a group of typical cases without sufficient cause much more strain.

116Not be justified to Article 3 paragraph 1 GG finally be the cooptation without compensation of private telecom

companies for public purposes. The criteria for the admissibility of a special levy to finance function had not beenmet. The prevention of threats and punishment of crimes are the general tasks that need to be funded from taxrevenues and not the companies and their customers are likely to be imposed.

117Second The complainant in the proceedings 1BvR 263/08 turn out against § § 113a and 113b TKG § 100g StPO

also compared, insofar as it relates to the collection of the stored under § 113a TKG. They allege a violation ofArticle 1, Section 1, Article 2, paragraph 1 in conjunction with Article 1, Section 1, Article 10 paragraph 1 and Article19 paragraph 2 GG.

118a) The constitutional complaint was admissible.

119aa) The complainants are lawyers, a high school teacher, a journalist, a former finance chief justice, a graduate

student and member of the German Bundestag, or Parliament of a country. The complainant 3) is now Minister ofJustice.

120Each of them take multiple providers to complete. They took advantage private, freelance or their political activities

landlines, mobile phones, Internet access and email accounts and are therefore affected by the storage of their datatelecommunications.

121bb) That the selfstorage successes by a private, stand the admissibility of constitutional complaints cited above.

For they would immediately placed by the statutory provision of § § 113a and 113b of the Act.

122cc) It is not reasonable for the complainants, who follow the filing of constitutional complaints to each of the due

process of law.

123dd) The constitutional complaints are at least allowed, unless the legislature, in transposing the Directive

2006/24/EC of national constitutional law contrary, although it remains scope for implementation of its compliancewith permit, or if it went beyond the rules prescribed by the Directive. This is regarding storage purposes, the dataused to justify crimes, the abandonment of precise rules and procedures related to the use authorized bodies of thecase.

124ee) Moreover, the Directive 2006/24/EC ultra vires and could unfold in Germany has no legal effect. Also decide

whether an act of the European Community in breach of Article 1 of the Basic Law and could therefore claim in

domestic law has no validity, only the Federal Constitutional Court. A submission to the European Court has nocause. Insofar as the Federal Constitutional Court is not entitled to consider, decide on the validity of Directive2006/24/EC itself a submission to the European Court of Justice was to be aroused. The Directive 2006/24/EC wasadopted without a legal basis and with Community fundamental rights, in particular with Article 8 ECHR,incompatible.

125b) The constitutional complaints were well founded.

126aa) Directive 2006/24/EC was ineffective. It was adopted on the basis of Article 95, even though they do not the

establishment or functioning of the subject have, but measures of police and judicial cooperation within the meaningof Article 29 et seq EUV aF

127bb) The retention under § § 113a and 113b TKG violates human dignity. In a free society should not anyone use a

communication tool, as a potential criminals or troublemakers will be dealt with. Give a free society without trust in aconfidential communication is not there. There must be a core area of ૩૩personal life be left in which the individual isfree from government monitoring, control or influence. With the retention of the state constructed an infrastructure todestroy the confidence of citizens in a free communication and can allow more monitoring in the future. This iscontrary to human dignity and the principles of constitutional democracy.

128cc) § § 113a and 113b TKG disproportionately interfered with the right to informational selfdetermination under

Article 2, paragraph 1 in conjunction with Article 1 paragraph 1 GG.

129The storage according to § 113a TKG verdachtslos successes and, more generally. The stored data is allowed to

create personal profiles. The stay of the user of a mobile phone to track leave for the last six months. There is noprovision for the deletion of the core area of ૩૩private life of data concerning hit. The providers are not required todocument the transfer of data and the transmitted data set to characterize.

130§ 113b TKG does not satisfy the principle of certainty. As a lump sum purposes only prosecuting crimes against

serious threats to public safety and the performance of intelligence tasks are mentioned. It is not enough that themore detailed specification of the purpose of intervention in the way legal access standards successes. Because ofthe encroachment on fundamental rights successes already with the storage of data. According to thecommandment of the clarity of purpose must be determined accurately the storage. Since the countries are solelyresponsible for the access arrangements, the use of the data is completely unmanageable.

131The surgery stand in the face of his severity in proportion to the benefits achievable. The retention let not expect a

significant gain for the fight against crime.

132dd) The contested provisions also violate the secrecy under Article 10 of the Basic Law in its essential content.

133ee) The decision latitude, which would leave the Directive 2006/24/EC, are not filled in conformity with the

Constitution. § 113b TKG go beyond the purpose of the Directive where the stored data would be provided to allintelligence purposes. § 100g StPO define the group of offenses which could justify the retrieval of stored data, notunique. It remains open when an offense is also in the individual case is of considerable importance. In contrast, itcame as long as the legal community ever consider significant in fact, and is standard for any future authority todetermine separately whether their purpose was given mandatory under European law and whether it is consistentwith national constitutional law. § 100g StPO let the retrieval of traffic data for any offense committed by means oftelecommunication to go so far and repel the purpose by the Directive, terrorist offenses.

134Third The complainant in the proceedings 1BvR 586/08 are opposed to the § § 113a and 113b of the Act and §

100g StPO. They allege the violation of Article 10 paragraph 1 and Article 2 para 1 in conjunction with Article 1paragraph 1 GG.

135a) The constitutional complaint was admissible. The complainants Members of the German Bundestag, and

members of the group Alliance 90/The Greens, who are also parttime as a lawyer or a doctor working be yourself,and immediately present in their right under Article 10 paragraph 1 GG, and their right to informational selfdetermination affected.

136Nor can the scheme since the implementation of Directive 2006/24/EC belasse considerable leeway to be

reviewed extensively by the German fundamental rights. Necessarily be fixed and only the types of categories ofdata and the minimum retention period of six months. Implementation scope existed regarding the storage and usesof all authorized locations, access conditions and procedures for the allocation and the requirements for datasecurity. Where Member States provide that, in the limits of Article 15, paragraph 1 Directive 2002/58/EC of thesecurity and the fulfillment of the tasks of the intelligence services use other than law enforcement, they weresubject to full constitutional control. The determination of serious crimes, the prosecution successes to the retention,lies in the hands of Member States. Article 7 of Directive 2006/24/EC lay down minimum requirements, the moreextensive data protection requirements in the national constitutional law is not blocked. Finally, the financing of theretention in the Directive is not regulated.

137A complete review of the constitutional provisions on data retention is also possible if the Directive 2006/24/EC is

invalid, the European Court of Justice realize the invalidity of the Directive or if a review of the competence of theEuropean Community to adopt the policy exception by the Federal Constitutional Court even am considering. Avalidation template could be based in particular on a violation of Community fundamental rights.

138b) The constitutional complaints are well founded. The challenged provisions violated Article 10 paragraph 1 GG.

This protects the confidentiality of the circumstances of the communication process. In its scope therefore fell under§ 113 para 2 TKG to store data and telephone traffic under § 113a TKG, section 3 and 4 to store email traffic andInternet access information. The fact that the Internet and mass communication takes place, the freedom ofbroadcasting traditionally has been assigned, does not preclude this. That individual communication could be taughtfrom rich, in order to trigger the protection of fundamental rights.

139The regulations on data retention intervened in the scope of Article 10 GG. The government intervention will begin

with the traffic data retention requirement under § 113a TKG. He continued with the approved under § 113b TKGtransmit traffic data to government authorities. More acts are to evaluate intervention and use of data by theauthorities entitled to receive information and the sharing of information with other authorities or private.

140Be adequately defined § 100g StPO Article 1 No. 1, because it covers infringements of considerable importance in

the individual case and concretizing the § 100a paragraph 2 StPO designated offenses linked to. Critical to assesswhether § 100g StPO 1 No. 2 in terms of section 1 sentence 2 § 100g StPO. When data collection was caught in aproportion to the importance of the matter is not visible to the citizen with the necessary clarity. The problem is thedetermination of § 113b TKG. In the field of security and intelligence services is not possible to predict to whatextent should access the enforcement agencies to supply data.

141The retention also contrary to the principle of proportionality. Effective law enforcement is indeed a legitimate

purpose. Also, did not deny the appropriateness and necessity of data retention. The quickfreezing process is notequally well suited, because it was irrelevant, if not traffic or were no longer available. The retention, however, isinappropriate. Traffic data could be substantial conclusions about the communication or movement behavior. Due toits automatic analyzability they were for grid search methods, and strategic surveillance by the intelligence servicesare particularly suitable. They provided investigative leads and allowed social, political or economic relationshipnetworks to be reconstructed. Comprehensive personality profiles could be created. Particularly stressful had theVerdachtslosigkeit of storage and its exceptional spread. Considered to be beyond the effect on overall social

behavior and the democratic discourse and abuse concerns.

142§ 100g StPO go about implementing Directive 2006/24/EC beyond what is necessary, because the retrieval of

stored data according to § 113a TKG can generally also be due to crimes committed via telecommunications. Evenmediumrich from crime to access the retained data. This go too risk of being exposed to unwarranted suspicion,making it the subject of investigations to be burdensome. The data collection was made in secret. § 100g Paragraph2 in conjunction with § 100b and § 101 StPO grant only later, weakened by a restrictive legal notification practice.The effectiveness of the judges of title is disputed. The existing access ways are usually been sufficient. Whenconsidering alternative methods of investigation such as the quickfreezing process fall adequacy assessment isnegative.

143§ 113b sentence 1 No. 2 of the Telecommunications Act opens up access to the data already stored anlasslos

significant threats to public safety. Intelligence Surveillance measures were taken in advance of specific hazardsassociated with significantly reduced legal protection. Give restrictions on the lawful interception of MPs not. Giventheir Vorwirkungen on the behavior of citizens and the democratic discourse, the rules were unreasonable under §113b sentence 1 No. 2 and 3 of the Act.

144Professional secrecy were not protected separately. Particularly prejudicial in this WOULD make to physicians and

not solely as a criminal defense lawyers from. It also lacked sufficient structural requirements for data backupservice providers. This entails considerable risks of abuse. Even more inappropriate is the use of data by privateenforcement of civil claims, as it enables § 113b sentence 1, sentence 2 TKG. As could be determined in this wayonly the owner of ports, the port owner, but does not necessarily agree with the Internet users, whether in pursuit ofa much larger range of onlookers expected.

145The obligations under § 113a TKG, para 10, to observe the necessary care and telecommunications, through

technical and organizational measures to ensure that the stored data are accessible only specially authorizedpersons, will not further concretised. Data security will be guaranteed not sufficient. The weight of the interventionwould not be outweighed by its added value. Especially with organized crime and terrorism, he was the lowest,since the offender refusing to pay the power to subvert storage, which is easily possible. The repercussions ofstorage on the democratic discourse and the dangers of a data breach could not be sufficiently reduced by limitingthe uses.

III.

146The constitutional complaints, the Federal Government, the Federal Administrative Court, the Bundesgerichtshof,

the Federal Commissioner for Data Protection and Freedom of Information and Privacy Commissioner on behalf ofthe countries have taken the Berlin Commissioner for Data Protection and Freedom of Information status.

147First The federal government considers the constitutional complaint inadmissible in part and in any event without

merit.

148a) Not allowed are the constitutional complaints, unless they were directed solely against § § 113a and 113b of the

Act.

149aa) These are not subject to the inspection powers of the Federal Constitutional Court, if they meet the mandatory

requirements of the Directive 2006/24/EC. Extent of discretion conferred existed, the federal law implementingorientation of the measures provided for in Directive 2006/24/EC regulation minimized. An erupting act is said not,because it's not about the division of powers between the European Community and the Member States, but only goto the one in the European Union. At European level there is finally sufficient fundamental rights protection. Aviolation of human dignity is also not clear.

150bb) The complainants were not given the primacy of Community law complaints authority. § 113b sentence 1 No. 1

of the Act and § 100g StPO did not go beyond the limits of the Directive 2006/24/EC storage purposes. In thedefinition of serious offenses are considered appropriate means of telecommunications equipment also committedcrimes. The Directive 2006/24/EC admit the extent of the purpose of storage to use for security and intelligence taskfulfillment. § 113b sentence 1 No. 2 and 3 of the Telecommunications Act to the extent it merely contains a useother legal provision. This should be alone in the constitutional complaint procedure is not capable of beingchallenged, however, because they do not affect fundamental rights concern, the excess of the going by Directive2006/24/EC even arranged complaints. An additional complaints could result only from power standards, authorizeda further use of the stored data. § 113b TKG does not contain such provisions. The regulated there rather arestricted purposes, only the possible uses of data. The Telecommunications Act § § 113a and 113b have alsoberufsregelnde no trend in the force exerted by the complainants about professions as a lawyer or journalist. Article14 of the Basic Law is not affected. The storage requirement does not shorten the property rights of the companiesconcerned, but an independent but set mandatory behavior. A violation of freedom of expression is excluded fromthe outset. The storage according to § 113a TKG was neutral opinion.

151cc) The applicant's constitutional complaint to 4) in Method 1 BvR 256/08 fail on the principle of subsidiarity. It will

not make clear that no relief was possible by the ordinary courts.

152b) In any case, the constitutional complaints are unfounded.

153aa) § 113a TKG was constitutionally unobjectionable.

154(1) The regulation encroaches within the scope of Article 10 GG. It, however, go only a requirement for private

storage of certain data with the aim of enabling a subsequent access. Thus, § 113a TKG distinguishes categoricalstandards of competence for public use of the stored data. § 113a TKG constituted a moderate encroachment onArticle 10 paragraph 1 GG dar. He brings about only that the data for six months, a cancellation of the personsconcerned were withdrawn. The stored data do not relate to communications content. They came only in responseto another qualified competence standard in the knowledge of the state. Finally, the storage is no secret successes.The data to be stored and the duration of storage are defined clearly and conclusively.

155Purpose of § 113a TKG was to adapt the fight against terrorism and serious crime in the conditions of modern

communication techniques. § 113a TKG would be suitable. It prevents that § 100g StPO by the increase in flatrates, and the resulting decrease in accordance with § 96 of the Act of stored data, and by the steady increase inInternet use by offenders lose their footing.

156The analysis of traffic data is indispensable for the prosecution. In particular, it could be evidence of crimes

committed when, for stays of suspects in crime scene area, to be won first and Nachtatverhalten of suspects, thesuspects in connection with each other on the course of escape routes and to identify other suspects. Especially forthe prosecution of drug crime, the provision of location data is significant. Traffic data to come in the verification ofsuspects or submissions in discovering the whereabouts of accused importance. The elucidation of the distributionof child pornographic images on the Internet can practically only be based on traffic data. When a gang or criminaloffenses committed professional knowledge of communication skills for the investigation of organizational structuresand serial crimes is essential. Against the appropriateness of the data storage does not speak the way to workaround it.

157§ 113a TKG was also required. The quickfreezing process is not equally effective. It could hold only those data

which are stored in any way. It makes sense if it is only when it refers to a nearcontemporary facts.

158Finally, § 113a TKG was also appropriate. The Anlasslosigkeit conclude the adequacy of storage, not from the

outset. Their spread will not say anything concrete about the associated stress. The collection of personal data is tostore not automatically unconstitutional. The data would be stored by private companies for a particular purpose, andonly because of further powers from the state standards noted. The data stored under § 113a TKG data were indeedto draw conclusions about the personality of the person concerned, but had only limited sensitivity. They do notconcern the content of communication in terms of personality and were not relevant beyond existing regulations forother data to be stored. The store also successes openly. The obligation to maintain information about whether theGerman law of the Commercial Code, the tax code or the Banking Act known. Constitutional limits was developedby the Federal Constitutional Court only for the query facts. The store itself is, moreover, but probably notunreasonable. However, the data must be limited inquiry in a qualified way. The storage period of six months leaveby the conditions justifying the pursuit of specific crimes. An intimidating effect is not produced by § 113a TKG.Decisive is not the subjective perception of the norm addressees, but a true understanding of standards.

159(2) the storage for the telecom service provider costs violated neither Article 12 nor Article 14 of the Basic Law.

Article 14 Basic Law does not confer a general protection of assets. § 113a TKG, but neither the substance nor theorganization of the rights of the complainant concerned of their companies. The devaluation of the technical facilitiesare unsubstantiated statements made. The freedom of occupation will not be affected. The plaintiffs were to practicetheir profession without the challenged regulation is not different. Only the service provider would be burdened withadditional duties. Recourse to fulfill a public mission to redeem himself nor from any claim for compensation.

160(3) The scheme was compatible with Article 3 paragraph 1 GG. Telecommunications and direct communication are

not comparable. Direct communication and electronic communication could not be saved to the same extent. Thedifference in treatment between telecommunications and postal services is justified. Postal communication wasslow to use for a crime less suitable as telecommunications. Large and small telecommunications companies wouldnot be treated differently. Prior to unequal economic impact of the relevant protected liberties, not the generalprinciple of equality. An inequality is said not illegal special levy.

161(4) The constitutional requirements for data security are met. § 109 para 1 Telecommunications Act requires the

service provider to take appropriate technical measures or other measures taken to ensure the privacy, protection oftelecommunications secrecy and protection of telecommunications and data processing systems againstunauthorized access by employees and third parties. Operators of telecommunications facilities are required under §109 para 3 TKG, submit to the Federal Network Agency, a security plan that will describe the technical measuresand other protective measures for the fulfillment of obligations to data security. It was to update and rectify therequest of the Federal Network Agency. The service provider would have to be observed according to § 113a TKG,para 10 in the telecommunications sector due care and limit access to data through special appropriations.Violations of the secrecy and privacy requirements are administrative fines to prosecution under § 148 TKG orcriminal under § 149 para 1, No. 1618 of the Act. § 115 TKG allow the Agency to enforce the data protection rules.Finally, the company would be subject to controls of the Federal Commissioner for Data Protection and Freedom ofInformation.

162bb) § 113b TKG was constitutional. It restricts the storage purpose and be sufficiently precise. The use of the data

directed to other statutory standards, the determination of a separate analysis needed. As compared to the lowercontent monitoring of telecommunications surgery, the use of data security under § 113b sentence 1 No. 2 of theTelecommunications Act should not be subject to the threshold of immediate concern for most senior legal interests.Judge reservations are to be regulated in the respective enabling rules. The transmission of data on performance ofintelligence functions under § 113b sentence 1 no 3 TKG is not objectionable. Within certain limits, even withoutoccasion of telecommunications content control for intelligence purposes had been assessed as constitutionallypermissible (reference to BVerfGE 100, 313 <358 ff> ).

163cc) was also constitutionality of § 100g StPO. The possibility of criminal proceedings traffic data query in its

present form was approved. A comparison, intensive intervention in the secrecy of telecommunications lies inaccessing under § 113a TKG stored traffic data is not also because more data were available. In view of the contentcompared with the surveillance of telecommunications lighter weight of the traffic data collection, it is logical that §

100g StPO less stringent requirements for the admissibility of data collection as § 100a StPO imagine.

164Insofar as § 100g would link para 1 No. 1 of the Code of Criminal Procedure § 100a of the criminal offenses and

paragraph 2 StPO also an offense of considerable importance in a particular case require, the Federal ConstitutionalCourt has recognized this as a sufficiently precise. Also § 100g 1 No. 2 StPO is safe. The choice of means ofprosecution depended on the ability to solve the crime in question at all. The deceptive § 100g 1 No. 2 and § 100gsection 1 sentence 2 StPO bill, introduced by means of telecommunications crimes committed during the retrieval ofdata traffic on the reservation lack of alternatives and identification of a further test of proportionality. An even furtherrestriction of access possibilities hereby relieve a whole range of communications by law enforcement, even thoughthe criminal justice enjoy constitutional status. § 100g StPO not violate the core area of ૩૩private life. Thetelecommunications traffic data that relate to regardless of the ability to create with the help of communication andmovement profiles, not in an intensive way.

165Second The Federal Administrative Court sees in the challenged provisions of an interference with Article 10

paragraph 1 GG, whose justification is dubious. The in § 113b sentence 1 TKG these uses are so broad that, in thetime of storage was predictable, should be used for what purpose the data. It follows that infringement of theprohibition on the collection of personal data to be retained or not yet determinable indeterminate purposes are. Thebasic law of limitation is also not inconsiderable weight. The storage requirement covers data with high personalrelevance, the major conclusions about the personality and personal circumstances of the user, the socialenvironment and its motions as well as the nature of the content of communication allowed. Another option is thecreation of personal profiles. The data storage can have serious consequences in the event of criminal proceedingsfor the individual. Misuse of data is possible. The store had a huge mass appeal. Their spread could cause asubstantial intimidation effect. On the other hand, the data would be deleted in many cases, without having beensubmitted to government agencies. The uses are not limited to the protection of highranking legal interests. § 113bsentence 1 No. 2 of the Telecommunications Act does not conclusively show that legal protection could justify theuse of data. § 113b sentence 1 number 3 of the Telecommunications Act, refers to a variety of federal and state lawtask descriptions. Perhaps the data are thus intended to protect interests that could not justify their retention in thepast engaged in the secrecy of telecommunications.

166Third The Federal Court has by the Chairman of the 1st Criminal Division and one of the investigating judge

pointed out that had been in offenses committed by means of telecommunications data, the identification of theperpetrator would have made so far at the time of the request already cleared regularly. When Internet useinferences were excluded on the content of experience. Due to the prevailing level of flat rate contracts, the data lineis often 24 hours will be maintained daily. In this case, are derived from the data stored in most cases not evenmore information about the frequency and duration of Internet use. In email traffic, especially the storage of the IPaddress is required to have prior to the introduction of data retention only under certain conditions on the terminationof the connection may be saved. Since the IP addresses had been deleted in the past few years, after a day or two,a prosecution of property crimes or acts of child sexual abuse is usually not been possible. Without retention ofoffenders on the Internet there is hardly any risk of detection. Let there be a legal vacuum. The President of theFederal Court pointed out that the traffic data were only indicative effect and in need of support by other findings.Areas of social behavior were not already so go areas, because aside from going to their preventive monitoring.

1674th The Federal Commissioner for Data Protection and Freedom of Information holds the eventfree data storage

according to § 113a TKG unconstitutional. From their unconstitutionality follow the provisions of § 113b of thetransmission of the Act. § 100g StPO is unconstitutional because the threshold is defined using unreasonably low.At the same contravention of the provisions of Article 8 and 10 ECHR.

168The general authority for the retention was not adequately defined. The uses are not limited to achieve precise and

limited. The prosecution of offenses pertaining to terrorism and organized crime will be improved not sustainablebecause the offender affected groups have a variety of ways to work around data retention.

169Traffic data from the communication behavior were more intense. Particularly sensitive are data that relate to

communication with professional secrets, and it therefore needed for the differentiating regulations. The sensitivity ofthe data to be stored due to technical innovations to take on. Traffic data allowed conclusions about behaviors andinterests, and farreaching insights into the movement and communication patterns. They reflected the socialnetwork of those concerned. The membership of parties, trade unions and citizens' initiatives could become clear.Together with information about the profession or business activity of the other party would come from traffic data todraw conclusions on possible discussion topics. Time and frequency of connections allowed conclusions on theintensity of contacts. It could complete personality and sociograms images are created. Confidence in the use ofmodern means of communication is affected by long term data retention. Risks of abuse would be eliminated as faras possible by law. The Telecommunications Act neither commit to a separated storage of the data stored under §113a TKG to a more secure encryption. It contains no guidelines for assigning access permissions, logging ofaccesses and the examination of historical data on individual requests.

170Is far too inadequate use of data for law enforcement purposes. Access to retained data could at best for the

prosecution of serious crimes are concerned. The conditions can be waived under which a notification may be toovague and not afforded the required individual assessment. Moreover, a judicial review of the reticle of notificationsis not provided for adequately. Regarding the use of data storage and security for the performance of intelligencetasks there was a risk of too low a threshold retrieval. Was inappropriate and that § 113b TKG, the use of under §113a TKG IP addresses stored to determine the underlying person pursuant to § 113 TKG enables, because this isalso permissible for the prosecution of offenses.

1715th The Berlin Commissioner for Data Protection and Freedom of Information provides by § § 113a and 113b TKG

violated the secrecy of its essential content. In addition, these regulations were contrary to the prohibition on theretention undetermined or not yet determinable purposes. In any case they allowed but a disproportionate restrictionof telecommunications secrecy. In addition, there is no specific purpose. § 113 sentence 1, sentence 2 TKG, theuse of stored traffic data to give information pursuant to § 113 TKG enables to all regulatory authorities. Misuse ofdata by private is hard to prevent. § 113a TKG paragraph 6 prevents the users to surf anonymously usinganonymizing services on the Internet. The protection of special trust relationships remain unconsidered. Given theseriousness of the encroachment on fundamental rights, the quickfreezing process had to be tested as analternative. Even the order of the fundamental rights careful implementation of Directive 2006/24/EC is ignored if theuse of the stored data is already available for the pursuit of simple offenses and to address the threats will beapproved for low conservation interest. § 100g StPO is disproportionate. § 100g paragraph 2, sentence 2 StPO leavewith major criminal offenses a spatially and temporally sufficiently specific enough designation oftelecommunications, if the investigation of the facts is difficult otherwise hopeless and major. This extensive trafficdata views are possible, which might affect the rights of thousands of citizens. Constitutionally problematic is alsotrue that the legislature might create in § 101 para 4 and 5, Code of Criminal Procedure notification open spaces.

1726th The knowledgeable informants Constanze Kurz, Prof. Dr. Felix Freiling, Prof. Dr. Andreas Pfitzmann, Prof. Dr.

Alexander Rossnagel, Prof. Dr. Christoph Ruland, the Federal Commissioner for Data Protection and Freedom ofInformation, the Berlin Commissioner for Data Protection and Freedom of Information , the Federal Ministry ofJustice with the participation of the Federal Ministry of Economics and Technology and the Federal Ministry of theInterior, the complainant in the proceedings 1 BvR 256/08 and 1 BvR 263/08 and the Federal Association forInformation Technology, Telecommunications and New Media (BITKOM), the Association of German InternetEconomy (eco) and the Association of Telecommunications and ValueAdded Services Association (VATM) havecommented on technical, factual and legal questions of the court. These related to the telecommunications trafficdata retention debtor, by means of telecommunications offenses committed, the provision of information pursuant to§ 113 TKG, to ensure the retention data against unauthorized access and possible legal aspect of the use of thisdata. In the opinion of the Federal Ministry of Justice have been involved through the Federal Ministry of Economicsand Technology, the Federal Network Agency and the Federal Ministry of the Interior, the Federal Criminal PoliceOffice, the Federal Agency for State Protection and the Attorney General.

1737th In addition, the association of business telecommunications users eV (TELECOM eV), the Association of

German Book Trade Association and the Association of Music Industry Association expressed its opinion.

IV

174At the hearing, have expressed themselves: the complainant, the Federal Government, the Federal Criminal

Police, the Federal Network Agency, the Bavarian State Government, the Federal Commissioner for Data Protectionand Freedom of Information, the Berlin Commissioner for Data Protection and Freedom of Information, asknowledgeable informants Prof. Dr. Dr. hc HansJörg Albrecht, Constance Short, Prof. Dr. Felix Freiling, Prof. Dr.Andreas Pfitzmann, Prof. Dr. Alexander Rossnagel, Prof. Dr. Christoph Ruland, the Federal Association forInformation Technology, Telecommunications and New Media (BITKOM) The Association of German InternetEconomy (eco), the Association of Telecommunications and ValueAdded Services Association (VATM), theAssociation of German Book Trade Association and the Federal Association of Music Industry

B.

175The constitutional complaints are admissible.

I.

176First The complainants allege allowable as a violation of Article 10 paragraph 1 GG. They use various personal and

business telecommunications services such as telephone services, in particular, the electronic mail and Internetservices, and claim to be violated by the storage and intended use of their traffic data in its basic right to maintainsecrecy of telecommunications. Since article 10 paragraph 1 GG protects the confidentiality of the circumstances oftelecommunications (cf. BVerfGE 67, 157 <172>, 85, 386 <396>, 120, 274 <307> ; established case law) is thatsuch a breach by the challenged provisions possible.

177The challenged provisions relate to the complainant, immediately, and present themselves. Although the storage

requirement is directed to § 113a TKG not affected as users of the complainant, but to the service provider.However, these are, without a decision space (see BVerfGE 107, 299 <313 f> ) for storing essential data of thecomplainant obliged. § 113a TKG thus leads to a direct and immediate storage of data for the complainant in § 113bsentence 1 TKG intended purposes.

178At an immediate selfconcern is lacking in terms of § 113b of the Act and § 100g StPO not because these

regulations only develop on the basis of further enforcement record effects and it is not clear whether and to whatextent is communicating the complainant will be affected. If the person acquired any knowledge of the lawenforcement records, the last statement to be touched with a certain probability of such measures. This is especiallysignificant if the measures have a large variance and third parties may also collect random (see BVerfGE 109, 279<307 f>, 113, 348 <363>, 120, 378 <396 f> ). Thereafter, the complainants have expressed their own concern andimmediate enough. Given the considerable storage period of six months and the large scatter of the data collected, itis not unlikely that during the transmission and use of the data according to § 113b of the Act and § 100g StPO alsoapplies to individuals who did not give rise to corresponding measures. Statements by the complainant himselfwould be accused of a crime which are so in support of the selfconcern is not required (see BVerfGE 109, 279<308>, 113, 348 <363>, 120, 378 <396 f> ). Nor do they demonstrate that I am responsible for significant threats topublic safety or to pursue activities that affect the task group of the intelligence services.

179Second The constitutional complaint of the complainant to 4) in Method 1 BvR 256/08 is also permissible with

regard to Article 12 paragraph 1 GG, if she turns against the obligations associated with the storage of technical andfinancial burdens. As an anonymity service provider that operates at the same time also a publicly accessible webserver, they generally meet the requirements of § 113a TKG, are so far without compensation or compensation rulesprovided. Since the failure to comply with these obligations is reinforced with a fine (see § 149 para 1 No. 36, para 2TKG), it is not unreasonable, in violation of § 113a TKG to await execution file and then search against thisprofessional judicial (cf. BVerfGE 81, 70 <82> ). She is so affected by the storage required immediately, and presentthemselves in their professional freedom.

II

180The constitutional complaints are not inadmissible to the extent the challenged regulations adopted pursuant to

Directive 2006/24/EC are.

181However, the Federal Constitutional Court's jurisdiction has control over the application of Community or now EU

law, which is the basis for any acts of German courts and authorities within the jurisdiction of the Federal Republicof Germany claimed, in principle, of not checked this right is not the standard of fundamental rights of the Basic Lawas long as the European Communities (or today, the European Union), in particular the European Court of Justice,effective protection of fundamental rights and ensure generally that by the Basic Law respectively as requiredunconditionally fundamental rights protection is important to essentially the same, since the essential content offundamental rights generally guarantees (cf. BVerfGE 73, 339 <387>, 102, 147 <162 f> ). These principles alsoapply to domestic legislation, the mandatory requirements of a Directive into German law. Constitutional complaintsare directed against the use of a binding law in this sense, the European Union, are strictly prohibited (see BVerfGE118, 79 <95>, 121, 1 <15> ).

182The applicant can rely on the fundamental rights of the Basic Law, however, to the extent called to the legislature

as in the implementation of EU law is freedom, that is, by Union law is not determined (see BVerfGE 121, 1 <15> ).Moreover, the constitutional complaints are present but also permissible if the challenged provisions are based onpolicy provisions that have a mandatory content. The complainants contend that it lacked the Directive 2006/24/ECon a Community legal basis of competence and it is contrary to European Grundrechtsverbürgungen. They seek,therefore, among other things, without being able to do this directly in the face of her against the implementation oflegislation addressed constitutional complaint before the competent courts, a presentation by the FederalConstitutional Court to the European Court of Justice to give preliminary ruling under Article 267 TFEU (ex Article234 TEC) declares void the policy and paving the way for freely doing a review of the challenged provisions of thestandard of German fundamental rights. In any case, in this way an examination of the challenged provisions of thestandard of fundamental rights of the Basic Law after the request of the complainant is not precluded from theoutset.

C.

183The constitutional complaints are justified in essence. The challenged provisions violate the plaintiffs' fundamental

right under Article 10 paragraph 1 GG. A submission to the European Court of Justice is not an option, since it is nota possible precedence of Community law matters. The fundamental rights guarantees of the Basic Law are a adifferent design Implementation of Directive 2006/24/EC cited above.

184Unfounded, the applicant's constitutional complaint to 4) in Method 1 BvR 256/08, insofar as these claims

infringement of Article 12 paragraph 1 GG.

I.

185The constitutional complaints are no reason for a preliminary ruling before the European Court of Justice under

Article 267 TFEU. Although it would a submission by the Federal Constitutional Court (cf. BVerfGE 37, 271 <282> )are, in particular, if the interpretation or validity of Community or Union law are in question, the priority claimedbefore the national law and its implementation by the Federal Constitutional Court generally not the standard offundamental rights of the Constitution is tested. However, such a template can only be acceptable and necessarywhen it comes to the interpretation or validity of EU law. This is not the case.

186The effectiveness of Directive 2006/24/EC and therefrom may result therefrom primacy of Community law over

German fundamental rights are not relevant to the decision. The content of the directive leaves the Federal Republicof Germany for the design of the form prescribed in its retention of telecommunications traffic data is a wide

discretion. The Directive requires Member States but to the operators of publicly available electroniccommunications networks and communications services for storage of virtually all telecommunications traffic datafor a period of at least six months, impose (Article 1, 3, 5 and 6 of Directive 2006/24/EC). Its provisions are,however, mainly due to the limited selfstorage requirements and do not govern access to data or their use by theauthorities of the Member States. In particular, they harmonize neither the issue of access to information by therelevant national law enforcement authorities, the question of the use and exchange of information between theseauthorities (see ECJ, judgment of 10 February 2009 Case C301/06 Rn. 83). Based on the minimum requirementsof the Directive (Article 7 and 13 of Directive 2006/24/EC), it also lies with the Member States to take the necessarymeasures to ensure data security, transparency and legal protection.

187This content is the policy without violating the fundamental rights of the Basic Law to be implemented. The

constitution prohibits such storage is not under any circumstances. Rather, it can also be independent of aneventual supremacy of Community law in accordance with the stipulations of the fundamental rights of the BasicLaw permitted arranged (see below IV). An examination of the challenged provisions in the overall scale of theGerman basic rights does not get them into conflict with the Directive 2006/24/EC, so that their effectiveness andpriority is not important.

II

188The challenged provisions engage Article 10 paragraph 1 GG.

189First Article 10 paragraph 1 GG guarantees the secrecy of telecommunications, which is the intangible transfer of

information to individual recipients by means of telecommunications (see BVerfGE 106, 28 <35 f>, 120, 274 <306 f>) in front of a notice by The public authorities shall protect (see BVerfGE 100, 313 <358>, 106, 28 <37> ). Thisprotection covers not only the content of communication. But protected the confidentiality of the circumstances ofthe communication process, including in particular whether it has conducted when and how often between whatpersons or telecommunications equipment telecommunications traffic or being tempted (cf. BVerfGE 67, 157 <172>,85, 386 < 396>, 100, 313 <358>, 107, 299 <312 f>, 115, 166 <183>, 120, 274 <307> ).

190The protection afforded by Article 10 paragraph 1 GG is not only the first access, and content with the public

authority takes note of telecommunications. Its protective effect also extends to the information and data processingoperations, which are linked to the acknowledgment of protected communication processes, and on the use that ismade ૩૩of the acquired knowledge (see BVerfGE 100, 313 <359> ). An encroachment on fundamental rights, eachinspection, recording and recovery of communications data and any analysis of its content or other use by the publicauthorities (cf. BVerfGE 85, 386 <398>, 100, 313 <366>, 110, 33 <52 f> ) . In the collection of telecommunicationsdata, their storage, their comparison with other data, their analysis, their triage for further use or transmission to thirdparties of their own interventions are thus depending on telecommunications secrecy (see BVerfGE 100, 313 <366f> ). Consequently, in the arrangement in relation to communications companies to collect data telecommunications,store and transmit it to government agencies, each an encroachment on Article 10 para 1 Basic Law (see BVerfGE107, 299 <313> ).

191This comes from Article 2 para 1 in conjunction with Article 1 paragraph 1 GG following right to informational self

determination in addition to Article 10 of the Basic Law does not apply. Referring to the Basic Law Article 10includes telecommunications, a special guarantee, which displaces the general rule and result from the specialrequirements for the data that is obtained by interfering with the secrecy. In this respect, however, can theconditions under which developed the Federal Constitutional Court under Article 2, paragraph 1 in conjunction withArticle 1 paragraph 1 GG, largely transferred to the more specific guarantees of Article 10 of Basic Law (seeBVerfGE 100, 313 <358 f> ).

192Second a) in § 113a paragraph 1 TKG imposed on service providers of telecommunications traffic data storage

interferes with the secrecy of telecommunications. This applies primarily for the storage requirements concerning

telecommunications services pursuant to § 113a Section 25 of the Act and in connection therewith pursuant to §113 para 6 and 7 of the Act. The extent the records that provide information on whether, when, where and how oftentaken between which telecommunications connections or record has been tried. This is particularly true for thestorage of data services to the electronic mail pursuant to § 113a TKG para 3, whose confidentiality is alsoprotected by Article 10 para 1 Basic Law (see BVerfGE 113, 348 <383>, 120, 274 < 307> ). That can intercept emails technically easy changes to its confidential character and nothing for protection. An interference with Article 10paragraph 1 GG reasons for the storage of Internet access such data in accordance with § 113a para 4 of the Act.Although the Internet provides not only the recording of individual communication, which falls under the protection oftelecommunications secrecy, but also to participate in mass communication. Since a distinction between individualand mass communication without the protection of fundamental rights contrary thereto connection with the contentsof each transmitted information is not possible, can be seen already in the storage of the Internet as such datarelating to an intervention, even if details of the visited Internet pages not included (see Gusy, in: v. Mangoldt / Klein/ Starck, GG, Vol 1, 5th edition 2005, Article 10 para 44; Hermes, in:. Dreier, GG, Vol 1, 2nd edition 2004, Article 10para. 39).

193The engaging quality of the § 113a TKG is not affected by the fact that the storage required by this rule is not

executed by the state itself, but by private service providers. Because these are taken only as assistants to do thejob by state authorities to complete. § 113a TKG, the private telecommunications companies to store data requiredsolely for the performance of work by state agencies for purposes of law enforcement, security and the performanceof intelligence tasks in accordance with § 113b TKG. It assigns the state associated with the storage impairment offundamental rights to directly, without the storage company with duty to the extent there remains a scope, the datashall be stored so that requests for information of the authorized public agencies can be met without delay inaccordance with § 113a paragraph 9 of the Act. Under these conditions, the storage of the data is legally attributableto the legislature as a direct interference with Article 10 para 1 Basic Law (see BVerfGE 107, 299 <313 f> ).

194b) encroachments on fundamental rights in Article 10 paragraph 1 GG are also in the rules for data transmission in

§ 113b sentence 1, sentence 1 TKG. Although this provision opens in itself does not use the stored under § 113aTKG data, but the law specifically refers to other standards to be created demand. However, it is the basic rule, maybe used for what purposes the data. They released this regard, the telecommunications companies from the rest oftheir existing obligation of confidentiality. That the data ultimately used only once in the tiered mesh of rules ondifferent levels of their standard set of rules will not alter the fact that the definition of purposes and permission touse part of the data transmission and control are so far engaged in character. Again, it is irrelevant that § 113b TKGtransfers the data relates to the part of private service providers. The proposed transfer is based on a statutoryprovision and thus directly linked to an act of fundamental rights under Article 1, paragraph 3 GG public authority is asovereign arrangement requires an individual basis and made to authorities. It is thus legally be regarded as anencroachment of the state.

195c) an encroachment on Article 10 paragraph 1 GG also due to § 113b sentence 1 sentence 2 in conjunction with §

113 para 1 of the Act. After that, authorities from service providers information about inventory and customer data inaccordance with § § 95, 111 Telecommunications Act require that service providers can only use the under § 113aTKG, paragraph 4 to determine the data stored. Regardless of whether and to what extent general information inaccordance with § 113 TKG is an encroachment on Article 10 paragraph 1 GG or whether the extent principle alonethe right to informational selfdetermination under Article 2, paragraph 1 in conjunction with Article 1 para . 1 BasicLaw is to be considered, at least for information pursuant to § 113b sentence 1, sentence 2, § 113 para 1 affirmativeTKG an interference with telecommunications secrecy under Article 10 paragraph 1 GG. For it is here the use of thestored under § 113a TKG, and thus by an interference with Article 10 paragraph 1 GG data obtained. Anysubsequent use of data, which were once collected in the form of an interference with Article 10 paragraph 1 GG isalways to be measured against this fundamental right (cf. BVerfGE 100, 313 <359>, 110, 33 <68 f>; 113, 348 <365>). Again, it may not be important that this is not legally required use by the public sector itself, but is done byprivate agencies in fulfillment of that request.

196d) any interference with Article 10 paragraph 1 GG § 100g StPO ultimately justified. It allows law enforcement

agencies, the stored under § 113a TKG to allow for storage of the obligor and forward to use. § 100g para 1

sentence 1 StPO itself and the exercise of that authority as acts of public access, therefore, also a force within thescope of Article 10 paragraph 1 GG.

III.

197Meet formally with the challenged provisions are no objections. They satisfy the statutory reservation of Article 10

paragraph 2 sentence 1 GG, and are covered by federal jurisdiction.

198First Limitations of the telecommunications secrecy may be placed only on the basis of a law under Article 10

paragraph 2 sentence 1 GG. No doubt, subject firstly to the extent § 113b of the Act and § 100g StPO, which isprovide a legal basis for the adoption arrangements in each individual case, because of their access to the data possibly in conjunction with other provisions. Constitutionally unobjectionable so far is also § 113a TKG, which is tostore the data does not refer to caseby arrangements, but even those directly prescribed. Article 10 paragraph 2sentence 1 GG limitations of telecommunications secrecy is also directly contrary to the law by not (cf. BVerfGE 85,386 <396 ff> ).

199Second The federal government does not lack a legislative competence. The § § 113a, 113b TKG find their

competence basis in Article 73 paragraph 1 GG No. 7, § 100g StPO are found in Article 74 Paragraph 1 No. 1,Article 72 of the Basic Law first

200Article 73 Paragraph 1 No. 7 of the Basic Law only entitled to directly control the technical aspects of creating a

telecommunications infrastructure and information transmission by means of telecommunications equipment. Notincluded are the standard rules, which are directed to the transmitted content or nature of the use oftelecommunications (see BVerfGE 113, 348 <368>, 114, 371 <385> ) and about a telecommunications surveillancefor the purpose of obtaining information provide for duties of law enforcement or security. Such regulations are withregard to the legislative powers allocated to the respective area of law, for the purpose of the monitoring carried out(see BVerfGE 113, 348 <368> ).

201The § § 113a and 113b are of the Telecommunications Act power to regulate the telecommunications law,

however, also detected as part of the herewith connected to data protection provisions of factual connection.Absence of an express conferral of power is the right of privacy in principle within the competence of the states. Afederal responsibility for its control is of factual connection, however, insofar as the federal one to him on legislationassigned matter regulate judiciously can not, without the data protection laws are regulated (see BVerfGE 3, 407<421>, 98, 265 <299> , 106, 62 <115>, 110, 33 <48> , settled case law, the privacy law, see Simitis, in: Simitis,BDSG, 6th ed, 2006, § 1, para 4).. This is for § § 113a, 113b TKG the case. These relate to the provisions of theTelecommunications Act on Data Protection and normalize in connection with the regulation of the technicalconditions of the transfer of information each has to comply to the use of the provision of telecommunicationsservices produced or processed data. They tie in directly to those situations that fall within the scope of thelegislation matter of telecommunications. Because of this close relationship between technological transfer processand the resulting data can provide the necessary data protection laws regulating their use only as a unit made ૩૩by thefederal legislator who has the power to regulate the transmission process. Otherwise there would be a risk ofinconsistency causing disintegration of the technical and legal data protection regulations for data processing.Accordingly, the Telecommunications Act contains the provisions of § § 113a and 113b of the Act and about thesecrecy in § § 88 et seq Telecommunications Act and in § § 91107 TKG extensive domainspecific data protectionregulations, which kompetenzielle legality so far as far as can be seen not was called into question.

202The range for the federal government can meet this competence base those regulations that are necessary to a

civil law or regulation of the use of data. In particular, it may provide for the provisions that are necessary so thatunder § 113a TKG provided data storage and transmission of data to law enforcement and emergency responseagencies and intelligence services and their use for providing information pursuant to § 113 TKG the basic legalrequirements of Article 10 para . meet a GG. Since for encroachments on Article 10 paragraph 1 GG, that its

purpose is specifically determined range, precise and clear standards (see BVerfGE 100, 313 <359 f>, 110, 33<53>, 115, 320 <365>, 118 , 168 <187 f> ), this includes the competence to areaspecific, precise and clearregulatory standards of the purpose of storage. The legislation extends federal jurisdiction in this regard but only asfar as is necessary for dataprotection point of view as well as related constitutional requirements. Theauthorizations to data retrieval itself can not support the federal government, therefore, on Article 73 Paragraph 1 No.7 of the Basic Law. He needs to own a title or skills, the decision left to the countries here.

203§ § 113a, 113b TKG carry the bill in principle. They confine themselves solely to create obligations by storing and

transmission rules state the conditions for access to the data. Filling their own arrangements to leave on the otherhand, is data retrieval. Without prejudice to the substantive question whether the federal government uses here hassufficiently limited in scope (see below VI and CV 5 3 b), are here to raise no objections to competencylaw.

IV

204Substantive constitutional, the interference with the secrecy of telecommunications, if they serve legitimate public

purposes and meet the rest of the principle of proportionality (see BVerfGE 100, 313 <359> are), that is to achievethe purpose, appropriate, necessary and reasonable (see BVerfGE 109, 279 <335 et seq>, 115, 320 <345>, 118, 168<193>, 120, 274 <318 f> ; established case law).

205A sixmonth eventfree retention of telecommunications traffic data for qualified uses in connection with law

enforcement, security and the tasks of the intelligence services, as it is, § § 113a, 113b TKG order, then with Article10 of the Basic Law is not simply incompatible. The legislature may pursue such a regime legitimate purposes forthe attainment of such storage in accordance with the principle of proportionality is appropriate and necessary. Onesuch store is lacking in terms of proportionality in the strict sense of the beginning of a justification capability. In oneconfiguration to the specific weight of the inherent in this procedure makes due allowance, falls one withoutoccasion storage is not already the telecommunications traffic data, as such, the strict prohibition of storing data onstorage in the jurisprudence of the Federal Constitutional Court (cf. BVerfGE 65, 1 <46 f>, 115, 320 <350>, 118, 168<187> ).

206First The more effective law enforcement, maritime security and the fulfillment of the tasks of the intelligence

services are legitimate purposes that an intervention can in principle justify the secrecy of telecommunications (seeBVerfGE 100, 313 <373, 383 f>, 107, 299 <316>, 109 , 279 <336>, 115, 320 <345> ). This is an illegitimate, theprinciple of freedom of the Article 10 paragraph 1 GG selftranscending goal is not already in it, should thattelecommunications traffic data is backed anlasslos precaution. Article 10 paragraph 1 GG does not prohibit anyprecautionary collection and storage of data at all, but protects against unreasonable design of such a data collectionand especially against this boundless economic determination of goals. It is strictly forbidden, only the storage ofpersonal data to be retained, vague and not definable purposes (cf. BVerfGE 65, 1 <46>, 100, 313 <360> ). Aprecautionary measure without occasion, data storage is only permitted in exceptional cases. It is subject, both interms of their justification, and in its design, particularly in relation to the proposed uses, particularly stringentrequirements.

207Second A precautionary measure without occasion retention of telecommunications traffic data for later

transmission to the eventrelated charge of law enforcement or security authorities or to the intelligence agenciesmay look at the legislature to achieve its objectives, as appropriate. There are hereby created educationalopportunities that would exist otherwise, and given the increasing importance of telecommunications for thepreparation and perpetration of crimes in many cases are promising. It is irrelevant whether the regulations createdby the legislator will be able to reconstruct completely all telecommunications links. Although ensuring such a datastorage may not require all telecommunications connections reliably specific port takers can be assigned, and somecriminals storage by the use of hotspots, internet cafes, foreign Internet phone service or running under false namesregistered prepaid cellphones may be the suitability of a the arrangements are not countered. This does not requirethat the control objective is actually achieved in each individual case, but merely requires that the purpose ofachievement is encouraged (see BVerfGE 63, 88 <115>, 67, 157 <175>, 96, 10 <23>, 103, 293 <307> ).

208Third The legislature may assess a sixmonth retention of telecommunications traffic data as required. Less

restrictive means to enable as wideranging educational activities are not evident. A comparably effectiveeducational opportunity is not particularly in the socalled quickfreezing process, is located at the the place ofanlasslosgeneral storage of telecommunications data storing in individual cases only and only to the date on whichthis instance because of a certain suspicion specific reason consists. Such procedures may capture the data fromthe period prior to the placement of their storage only if they are still present, is not as effective as continuousstorage, which ensures the existence of a complete data set for the last six months.

2094th A sixmonth retention of telecommunications traffic data as provided in § 113a TKG scope is not unreasonable

from the outset in the strict sense.

210a) However, it is at such a store is a very serious engagement with a range of variation, as the legal system does

not know yet: It covers the entire period of six months, virtually all telecommunications traffic data of all citizenswithout linking to an attributable reprehensible conduct, a Abstract only dangerous or otherwise qualified situation.The storage refers to everyday behavior, which in everyday life for the elementary and participate in social life in themodern world can no longer be left out. Basically, any form of telecommunications is excluded in principle from thestore. While the system can result in occasional gaps that prevent each and every telecommunications link can bereconstructed individualizing as under certain circumstances when using hotspots, confusing private networks orservice providers in nonEuropean countries. A regular alternative for the citizens opened this, though. Thelegislature tried, rather, in principle, capture all telecommunications links so that users can be identified as widely aspossible.

211The strength of the data is far reaching. Depending on the use of telecommunications services of the parties

concerned can already from the data itself gain insights into the social environment and the individual activities ofall citizens and especially if they serve as starting points for further investigation. Although with atelecommunication traffic data storage, as provided in § 113a TKG, only the connection data (time, duration, andports involved the location in the mobile telephony) is held, but also the content of communication. From thesedata suggest, however, in a comprehensive and automated analysis to move into the private sphere into reachingsubstantive conclusions. Addressees (whose membership of certain occupational groups, institutions or interestgroups or the services they provide), date, time and location of telephone conversations permit if they are observedover a longer period, in combination, provide detailed information about social or political affiliations, and personalpreferences , inclinations and weaknesses of those whose connection data are analyzed. There is no confidentialityprotection is not far. Depending on the use of telecommunications in the future and increasing density, such astorage permit the creation of meaningful movement and personality profiles virtually every citizen. In terms ofgroups and associations, the data also may allow the detection of internal control structures and decision processes.

212A storage, the grounds for such uses normally permits and to allow in certain cases, a serious interference. Of

weight is also here that regardless of whatever materially from design regulated the use of data increases the risk ofcitizens, will face further investigation, without having to have even given rise to it. It suffices, for instance, at aninopportune time in a particular cell or had been contacted by a particular person to be, to be exposed to a largeextent come under investigation and explanation pressure. Also, the abuse potential associated with such datacollection exacerbate the harmful effects. This is especially true because of the multitude of different privateproviders in which the telecommunications data is stored. Have been given the number of storage obligor is thenumber of those large, have access to such data and have. Since the storage requirement mitbetrifft smaller serviceproviders, the security comes from abuse regardless of all possible and necessary efforts of legislators in view oftheir performance due to structural limitations. This is reinforced by the fact that the demands put forward at the datamanagement and data transmission to the authorities a high degree of technical mastery and sophisticated software,which combines an inherent risk of vulnerabilities and the risk of manipulation by interested parties. Special attentiongiven to storage of telecommunications data further in that they themselves and the intended use of the stored dataof the victims not immediately noticed, but also detect compounds that are included under confidentialityexpectations. This without occasion, the retention of telecommunications traffic data is likely to cause a diffuselythreatening feeling of Beobachtetseins that may affect the impartial exercise of fundamental rights in many areas.

213b) Despite the extraordinary spread and the weight is associated with their engagement to the legislature to

introduce a sixmonth storage requirement, as provided in § 113a TKG, absolutely not constitutionally prohibited.However, it corresponds to the case law of the Federal Constitutional Court that the state has a collection ofpersonal data to be retained undetermined or not yet determinable purposes is prohibited constitutionally strictly (cf.BVerfGE 65, 1 <46>, 100, 313 <360>, 115, 320 <350>, 118, 168 <187> ). To such an a priori prohibited form of datacollection is at a precaution eventfree storage of the telecommunications connection data is not in any case. If theyare for specific purposes, such storage may be incorporated into a meet the appropriate legal intervention design(see below video) but also the requirements of proportionality in the narrower sense.

214aa) is decisive for this first, that the proposed retention of telecommunications traffic data is not implemented

directly by the state but by a commitment from the private service provider. The data is merged so that the storageis not itself, but remain divided on many individual companies and assist the state as a whole is not directlyavailable. This is especially what is necessary to ensure that the arrangements and technical measures, no directaccess to the data. The retrieval of data by government agencies is only in a second step and is now closer to casebasis for legally established criteria. The design of the can for retrieval and further use of the stored data whileempowering provisions to ensure that the storage is not too vague or are not identifiable purposes. It can and mustbe guaranteed with the arrangement of such a storage requirement that an actual knowledge acquisition and use ofthe data are limited in standard clear form in a way is that the weight of the extensive data collection into account,and the retrieval and the actual use of the data on those that are required part of the data collection is limited. Theseparation of storage and retrieval supports both the structurally by statutory design closer to ensuring end transparency and control of data usage.

215bb) A sixmonth retention of telecommunications traffic data also highlights not already proved the principle of

Article 10 paragraph 1 GG as such, it violates neither the core of human dignity (Article 1, Section 1 GG) nor itsessential content (Art. 19, para . 2 GG). It remains, despite its extraordinary length or limited effect. Thus, thecontent of telecommunications of which is recessed to the traffic data limited storage. The storage period is alsolimited. Although a storage period of six months, given the scale and significance of the data stored very long andlies at the upper limit of what is capable of justification under the proportionality considerations. After its expiry, thecitizens could rely on their data if they were not retrieved from exceptionally weighty occasion be deleted and noone is reconstructed.

216cc) The storage of telecommunications traffic data for six months is as even as a measure that would capture a

total of communications or activities of the citizens generally applied. Rather, it ties in more limited ways ofmaintaining the importance of telecommunications in the modern world and to respond to the specific risk potentialassociated with this. The new telecommunications means to overcome time and space in a way incomparable toother forms of communication and generally to the exclusion of public perception. They facilitate communication andthus also the covert action of criminals and also allow dispersed groups of a few people to come together and worktogether effectively. By virtually resistancefree communication, a pooling of knowledge, readiness to act andcriminal intent is possible, which provides security and law enforcement with new kinds of tasks. Some crimes takeplace immediately with the help of new technology. Integrated into a conglomerate of technically nurmehrcommunicating computers and computer networks such activities well beyond the observation. At the same timethey can establish new types of threats such as attacks on the telecommunications of third parties. Areconstruction of the telecommunications links is therefore just for effective law enforcement and security is ofparticular importance.

217In addition, there is in terms of telecommunications data for lack of public visibility and no social memory, which

is, as in other areas, allowed to reconstruct past events on the basis of random memory: telecommunications datais either removed, and then completely lost or saved, and are thus fully available. Therefore, the legislature indeciding how much to delete such data or storage have to make a balance of interests and consider the interests ofstate involvement. This can also include in its considerations, that the spread of certain forms of contract fortelecommunications services providers (such as the increase in flat rates) for application of a strict deletionrequirements for telecommunications traffic data, which are not required for the contract, reducing the availability of

such data. Also in this respect can the precautionary saving of telecommunications traffic data are based on factorsin the characteristics of modern telecommunications have a specific reason.

218Conversely, should the storage of telecommunications traffic data is not seen as a step towards a legislation that

was aimed at the greatest possible coverage of all the precautionary saving for the prosecution or risk preventionuseful data. Such legislation would be inconsistent regardless of the design rules of use, from the outset with theConstitution. The constitutional safety precaution, an eventfree storage of telecommunications traffic data impliesrather that this is an exception. You may not result in combination with other existing files to the constructability ofvirtually all activities of citizens. Relevant to the justification of such storage capacity is so particular that they arenot done directly by government agencies, not covering the content of communication and that the store is called byits customers websites by commercial service providers strictly prohibited. The introduction of telecommunicationtraffic data retention can thus not serve as a model for the creation of additional precautionary measure eventfreedata collection, but compels the legislator when considering new storage obligations or privileges in view of all thevarious existing data collections to be more cautious. May be that the freedom of exercise of citizens not coveredtotally and registered on the constitutional identity of the Federal Republic of Germany (see part of the constitutionalidentity of title BVerfG, decision of the Second Senate of 30 June 2009 2 BvE 2/08 etc. juris, marginal. 240), forthe observance of which the Federal Republic must be used in European and international contexts. Precautionarystorage of telecommunications traffic data is the scope for further eventfree data collection also differ on how theEuropean Union should be considerably lower.

219dd) In summary, a sixmonth retention of telecommunications traffic data is in the legislature in § 113a para 18

TKG extent provided under present circumstances is not unreasonable from the outset. For their safety, however,the constitutional requirement that the design of storage and use of data to the specific weight of such storage takesappropriate account.

V.

220The design of a precautionary telecommunications traffic data storage, as provided in § 113a TKG is subject to

specific constitutional requirements, particularly in terms of data security, the extent of data use, transparency andlegal protection. Only if there is to sufficiently demanding standards and clear rules are in place, lying in the storageof such intervention is proportionate in the narrower sense.

221First A storage of telecommunications traffic data in the scope of § 113a TKG requires the implied warranty of a

high standard of data security.

222Given the scale and potential significance of the jobs created with such databases is the data storage security for

the proportionality of the challenged provisions of great importance. This is especially true because the data isstored in private service providers who act under the conditions of efficiency and cost pressures, while having onlylimited incentives to ensure data security. They deal privateprinciple and are not bound by specific duties. At thesame time the risk of illegal access to data is large, because, given its eclectic explanatory power can be attractivefor a variety of actors. Commandments is thus a particularly high standard of security that goes beyond the generalconstitutionally required level for the storage of data telecommunications. Such requirements shall be either the datasecurity for the storage of data and for their transmission; also calls for effective safeguards to ensure the erasure ofdata.

223In remarks at the hearing and in written comments on this procedure from a wide range of expert page of tools to

increase data security has been identified. Called as a separate storage of under § 113a TKG to store data onphysically separate and the Internet decoupled computers connected to an asymmetric cryptographic encryptionunder separate custody of the keys, the specification of the fourperson rule for accessing the data with advancedmethods of authentication for access to the keys, the audit trail of access to the data and its deletion and the use ofautomated error correction process and plausibility. In addition to such technologybased instruments and the

creation of information requirements for data breaches, the introduction of strict liability, or a strengthening ofcompensation claims has been called for moral damages, in order to create incentives for the implementation of aneffective data protection.

224The Constitution does not purport detail exactly what Sicherheitsmaßgaben are given in detail. The result must be

a standard to ensure that specific guarantees in regard to the characteristics of the jobs created by a precautionarytelecommunications traffic data storage data sets a particularly high level of security. This includes ensuring thatthis standard for example by resorting to simple legal right figures like the state of the art (see Heibey in:Rossnagel, manual data protection law, 2003, p 575, para 19, p 598, para 145;.. Tinnefeld / Ehrmann / Gerling,Introduction to the Data Protection Law, 4th edition 2005, p 628) at the level of developmentoriented andprofessional discussion of new knowledge and insights continually receives. Accordingly, provided that the storagecompany with duty to adapt their measures thereon verifiable for example on the basis of periodic refreshingsecurity policies. The potential danger arising from the databases in question allows it not to subject the describedsecurity requirements of a free assessment of general economic factors. If the legislature a blanket retention oftelecommunications traffic data invariably requires, it is one of the necessary conditions that the affected vendorscan not only fulfill their duty to store, but also the corresponding requirements for data security. Building on theexpert opinions, it is obvious that in principle the current state of discussion, a separate storage of the data, asophisticated encryption, a secure access regime, using about the foureye principle and an audit trail must be takento ensure the safety the data to ensure constitutionally adequate.

225Necessary legal arrangements that such a particularly high level of security in a qualified way, at least pretend the

merits of clear and binding standards. It is up to the legislature, the technical specification of the given scale toentrust a supervisory authority. The legislator has taken to ensure that the decision is not about the nature andextent of the precautions to be taken ultimately uncontrollably lies in the hands of their telecommunications provider.The demands to be differentiated either by technical regulations provide a general way or in general, and then fleshout in a transparent manner by binding individual decisions of the supervisory authorities in respect of individualcompanies possibly upgraded to various standard levels. Constitutionally, continue to be offered to the public atransparent control, involving the independent data protection officer (see BVerfGE 65, 1 <46> ) as well as abalanced system of sanctions, which also attaches to breaches of data security is a reasonable weight.

226Second A retention of telecommunications traffic data, as provided in § 113a TKG is to continue to advance

legislation for use of this data. The relative configuration of these decisions using rules not only about theconstitutionality of these provisions establishing a separate procedure itself, but acts on the constitutionality of thestore already returned as such. According to the jurisprudence of the Constitutional Court, the conditions for datause and its extent in the relevant legal principles are more narrowly defined the heavier the weight of the storageoperation located. Reason, purpose and scope of the intervention and the appropriate action limits are regulated bythe legislator areaspecific, precise and standard clear (see BVerfGE 100, 313 <359 f>, 110, 33 <53>, 113, 29 <51>, 113, 348 <375>, 115, 166 <191>, 115, 320 <365>, 118, 168 <186 f> ).

227The use of a anlasslos systematic storage of virtually all telecommunications traffic data collected databases

accordingly subject to particularly stringent requirements. In particular, this is not the same extent constitutionallypermissible, such as the use of telecommunications traffic data that service providers depending on the particularoperational and contractual conditions partly influenced by the customers can save in accordance with § 96 of theAct. Given the inevitability of, completeness, and thus increase the validity of six months as a precautionsystematically collected their traffic data retrieval has a much greater weight. Since an evaluation of these data deepinto the private lives of penetrating conclusions and possibly detailed personal and allows motion profiles that can sofar not be assumed without further assume that the use of this data is generally less weight than a contentbasedtelecommunications monitoring (for interrogation under the old law cf . BVerfGE 107, 299 <322> ). Rather, the use ofsuch data can only be regarded as proportionate if it is particularly highranking public interests. The use of the datais therefore immensely important tasks for the protection of legal interests into account, that is, to punish crimes thatthreaten the immensely important legal interests or to defend against such threats to legal goods.

228

a) For the prosecution, it follows that a retrieval of the data, at least the suspicion is justified by certain factspresupposes a serious crime. What offenses should be covered from this, the legislature finally set with theobligation to store data. He comes here to an area of discretion. He can either use existing catalog or create yourown catalog, as to offenses for which telecommunications traffic data are particularly important to detect. Thequalification of a crime must be difficult but in the criminal law provisions in particular about by the punishment find an objectified expression (see BVerfGE 109, 279 <343 et seq, especially 347 f> ). A general clause or only thereference to serious criminal offenses ranging from no other hand.

229About the abstract definition of a relevant offense catalog, the legislature must ensure that recourse to the

precaution saved telecommunications traffic data is permitted only if in individual cases pursued offenseseriousness (see BVerfGE 121, 1 <26> , to serious criminal offenses meaning see BVerfGE 107, 299 <322> ;particularly serious offenses referred to in Article 13 paragraph 3 GG cf. BVerfGE 109, 279 <346> ) and the use ofthe data is proportionate.

230b) The security is to use the data in question to limit equally effective. To open the data access by reference to

catalogs of certain crimes, they are unable to serve the data used (see BVerfGE 122, 120 <142> ), is not a viablecontrol technology. She takes the requirements for the degree of legal protection and clarity of their risk leads touncertainty, if indeed pose offense even mere preparatory acts and threats of legal protection under penalty. Instead,offer to take immediate legal right to the goods in terms that justify their use of data protection should, as well as theintensity of the threat of legal interests that must be achieved as a threshold for this intervention. Such a rulereflects the character of the security as protection of legal rights and guarantees an immediate connection with theultimate goal, which is to justify the encroachment on fundamental rights.

231The balance between the weight results of the data storage and use of past intervention and the importance of

effective security to ensure that a release of precaution saved telecommunications traffic data only to respond tothreats to life, limb or liberty of a person, to the existence or the security of the federal or state or may be admittedto avert a common danger (see BVerfGE 122, 120 <141 et seq> ). The legal basis for authority in this respect shouldat least actual evidence of a specific threat to the protected legal interests require. This requirement means thatsufficient general assumptions or empirical propositions not to justify access to the data. Rather, certain facts mustbe established which support the prediction of a real danger. It requires a far situation where in some cases there isa reasonable probability that in the foreseeable future without government intervention caused the damage to safetyunder the standard by certain persons. The relevant observations of the Senate regarding the requirements for onlinesearches are here accordingly (see BVerfGE 120, 274 <328 f> ). The real risk is determined by three criteria: theindividual case, the proximity of the transformation of a danger than an injury, and the reference to individual personsresponsible. The interrogation of stored data as a precaution, however, can be justified even if not yet be ascertainedwith reasonable certainty that the danger will arise anytime soon, if certain facts indicate a danger in a particularcase for a supremely important right. The facts must allow for one to conclude on an at least by its nature,concretised and temporally foreseeable events, secondly, that certain people will be involved, as to their identity, atleast as much is known is that the measure was targeted against them and they can be concentrated. In contrast tothe weight of the encroachment on fundamental rights is not sufficiently taken into account when the actualintervention event is still largely moved to the front end of a not yet foreseeable in detail specific danger to safetyunder the standard.

232c) The constitutional requirements for the use of data security authorizations apply to all intervention with

preventive objectives. They are thus made ૩૩for the use of information by the intelligence services. Since theimpairment is by engaging in all these cases the same for those affected, there is no reason to regard theserequirements, agencybased differentiation, such as between police authorities and other authorities entrusted withpreventive tasks such as constitutional protection authorities. The police and domestic intelligence authorities havedifferent responsibilities and powers have and make the followup with a different depth of penetration can be, for theweighting of using precaution coverage and longterm stored telecommunications traffic data basically irrelevant (seeBVerfGE 120, 274 <329 f> ) . Although able to discriminate between the different agencies with authorizationspreventive tasks before the Constitution endure (see BVerfGE 100, 313 <383>, 120, 274 <330> ). However, thelegislature also exists for the regulation of the individual powers of security agencies, whose mission is to advance

education, subject to the constitutional requirements that arise from the principle of proportionality (see BVerfGE120, 274 <330 f> ). These lead to the present case to ensure that both in terms of the protected legal interests aswell as to the corrective action limit to be observed in this particular demands on the data are used.

233There is no reason why these requirements should not apply for the completion of the intelligence services.

Although limiting the role of intelligence services generally to the collection of information to inform the government.This reduces the weight of the intervention to the extent that it connects itself to the individual citizens about thedanger of being observed is not beyond the danger of further measures ATTACHING thereto. At the same timereduces the weight this way but also to justify such interventions because of mere information, the government cannot legally protected injury to be prevented. This is possible only through followup of the competent securityauthorities, the constitutional limitations on the use of data must not be undermined by further use of powers in therun. A special loading effects of such interventions to the citizens is, moreover, that not only the particularengagement in the secrecy of telecommunications, as such, covered usually happens, but almost made the entireactivities of the secret intelligence services. Powers of these services to use the precautionary areawidetelecommunication traffic data stored to convey the feeling of being watched uncontrollable in a special way todevelop sustainable and intimidation effects on the perception of freedom.

234The Senate is aware that it would eliminate the use of the precautionary telecommunications traffic data stored on

the part of the intelligence services in many cases. This is due to the nature of their duties as prior information anddoes not constitute a constitutionally intolerable event, the drawbacks of the principle of proportionality resultingrequirements for an encroachment of this kind (see BVerfGE 120, 274 <331> ).

235be d) Limiting the use of data for specific purposes must be ensured for the use of the data according to their

retrieval and transmission to the authorities and retrieving flanked procedurally. It should be ensure by law that thedata will be analyzed immediately after delivery and, if they are irrelevant for the purposes of the investigation, willbe deleted (see BVerfGE 100, 313 <387 f> ). Moreover, it is necessary to provide that the data will be destroyedafter it for the specified purposes are no longer required, and that there is a log is made ૩૩(see BVerfGE 100, 313<362>, 113, 29 <58> ).

236The telecommunications traffic data lose their protection mediated by the Basic Law Article 10 not by a

government agency that has already become aware of them. The requirements of the fundamental right to a clearearmarking therefore relate to the sharing of data and information to other agencies. This purpose, however, does notchange. They require, however, a separate legal basis, which in turn is sufficient constitutional rights (see BVerfGE100, 313 <360>, 109, 279 <375 f> ). A disclosure of the information telecommunication traffic data to other agenciesmay be prescribed by law accordingly only if they are to perceive purpose for which access to these data would alsobe directly admissible (see BVerfGE 100, 313 <389 f>, 109, 279 < 375 f>, 110, 33 <73> ). This is to monitor theforwarding authority (see BVerfGE 100, 313 <395 f> ). This can be earmarked to ensure only if it appears after theacquisition is that it is data that is stored as a precaution anlasslos. The legislature has therefore to arrange for thisinformation labeling requirements (see BVerfGE 100, 313 <360 f> ).

237e) Constitutional limits may eventually also result in terms of volume of data to retrieve. Thus distinguished as

proportionality point of many gradations between the various requests for information, such as whether they involveonly a single telecommunications connection, they aim to promote the transfer of data from only one cell at a giventime, they are only related to the communication between individuals may be limited to a certain period or aparticular form of communication and here also the location data to include or exclude, or whether they aim tocomplete transmission of the data of a person to create a movement or as detailed personality profile. Also, it canmake in view of the engagement weight make a difference whether be interposed in the transmission of data filtersthat certain communication lines for the protection of special trust relationship sorted out.

238Given the high thresholds that apply under the above provisions already in principle for the use of

telecommunications traffic data stored as a precautionary measure, the legislature in the immediate control of thevolume of data has, however, use some discretion. In particular, it is also generally free of him, such a

proportionality considerations to leave the decision on the arrangement of a data retrieval appointed judge in theexamination of each case. Constitutionally, offered as a corollary of the principle of proportionality, however, at leastfor a small circle of confidentiality dependent on specific telecommunications links provided a general prohibition oftransmission. Has to think about in connection to or from persons, authorities and organizations in social or religiousareas that offer basically remain anonymous callers completely or predominantly by telephone counseling inpsychological or social distress, and which themselves or their employees to the extent other confidentialityobligations subject (cf. § 99 para 2 TKG).

239Third Relatively a precaution without occasion retention of telecommunications traffic data and their use is still only

when the legislature meets reasonable precautions to ensure transparency of data use and to ensure effective legalprotection and effective sanctions.

240a) The conditions of the constitutionally acceptable use of data obtained through such storage requirements are

part of the transparency. As far as possible must be done using the open data. Otherwise, it generally requires atleast one subsequent notification of individuals. Failing this exceptionally well, the need for nonnotification of ajudicial decision.

241aa) A precautionary measure without occasion retention of all telecommunications traffic data for six months,

among other reasons such a serious procedure, because it can cause a feeling of constant being watched, theyallowed in an unpredictable way deep insight into the private lives without recourse to the data for the citizens isdirectly felt or seen. The individual does not know what government agency which knows about him, but I know thatmany authorities, including maximum personal can know about him.

242The legislature needs to diffuse the threat, which can receive the data stored this way, catch by effective

transparency rules. Rules for informing the utilizations of data collection or victims are generally the basicinstruments of data protection of basic rights (see BVerfGE 100, 313 <361>, 109, 279 <363 f>, 118, 168 <207 f>,120, 351 <361 f> ). For the use of extensive and diverse data sets of a meaningful eventfree precautiontelecommunications traffic data retention requirements have to be high so far. You have to take the job, a decreaseto comply with the ignorance of the actual relevance of the data resulting threat, unsettling counter speculation andto provide the parties an opportunity to put such measures into the public discussion. For other such requirementsfrom the requirement for effective legal protection under Article 10 paragraph 1 GG in conjunction with Article 19paragraph 4 of the Constitution are derived. Without knowledge of those affected may neither illegitimacy of the useof the Data nor any right to cancellation, rectification or satisfaction will be maintained (see BVerfGE 100, 313<361>, 109, 279 <363>, 118, 168 <207 f>; 120 , 351 <361> ).

243bb) The requirements of transparency is one of the principle of openness of the collection and use of personal data.

The use of data without the knowledge of the person concerned is constitutionally permissible only if it is otherwisefrustrated the purpose of the investigation, which is used for data retrieval. For security and performance of theduties of the intelligence agencies, the legislature may accept this in principle. In contrast, comes in the context oflaw enforcement and an open collection and use of the data into account (cf. § 33 paragraph 3 and 4, Code ofCriminal Procedure). Investigations are carried out here to some extent with other knowledge of the accused and inhis presence (see, for example, § § 102, 103, 106 StPO). Accordingly, the person in front of the query or transfer ofhis data must be notified in principle. A secret use of the data may only be provided if it is placed in individual casesand judicial.

244As far as the use of the data is secret, the legislature has the duty to provide at least a subsequent notification.

This should ensure that those to which a data query whether as suspects, police or liable third parties directlyrelated, has put at least in retrospect, to have knowledge in principle. Exceptions may provide for consideration bythe legislature in constitutionally protected legal interests of third parties. However, they are to be limited to what isstrictly necessary (see BVerfGE 109, 279 <364> ). Possible exceptions to the notification requirements inconnection with the prosecution, about if the disclosure would result in the interference with the secrecy oftelecommunications to the fact that this fails its purpose, if the notification can not be done without risk to life and

limb of a person or if their predominant concerns an interested person opposed, for example because of thenotification of a measure that has had no further consequences, the fundamental right of intervention would stilldeveloping (see BVerfGE 100, 313 <361>, 109, 279 <364 et seq> ). If there are compelling reasons to also excludea subsequent notification, this is to confirm judicial and check at regular intervals (see BVerfGE 109, 279 <367 f> ).Correspondingly, it requires a refinement of the notification obligations also with regard to the use of data for securitypurposes or missions of the intelligence services.

245Constitutionally, in contrast, are not offered comparable strict notification duties to persons whose

telecommunications traffic data was also detected only by chance and are not themselves the focus of regulatoryaction were. Such party may give it in the analysis of telecommunications traffic data on a large scale, withoutbecoming aware of their shortterm data leave traces or consequences for the person concerned must have. Anotification can be compared to deepen them in individual cases, but the intervention (see BVerfGE 109, 279 <365>; BVerfGK 9, 62 <81>). In these cases, a notification can generally be avoided even if the victims were notsignificantly affected by the measure and it is apparent that they have no interest in being notified. Requires ajudicial confirmation of this decision is not considering it.

246b) The relative configuration of a precautionary storage of telecommunications traffic data and their use requires

further ensuring effective judicial protection and adequate sanctions.

247aa) To ensure effective judicial protection is a query or transmission of such data in principle be placed under

judicial authority.

248According to the jurisprudence of the Constitutional Court, may be constitutionally required preventive control by an

independent body to determine measures that cause a serious encroachment on fundamental rights. This isespecially true if the encroachment on fundamental rights and secretly made ૩૩for the person concerned is notimmediately perceptible (see BVerfGE 120, 274 <331> ). For the interrogation and transfer of telecommunicationstraffic data, this may be the case. Given the weight of the inherent in this procedure, the margin of the legislaturereduced to the extent that such action is basically to make it subject to judicial order. Judges, because of theirpersonal and material independence and their exclusive binding to the law the rights of victims in each case the bestand safest true (cf. BVerfGE 77, 1 <51>, 103, 142 <151>, 120, 274 <332> ). An exception is made ૩૩under Article 10,paragraph 2, sentence 2 Basic Law for the control of interference with the freedom of telecommunications by theintelligence services. This can take the place of preventive judicial review which also specifically related to theparticular measure control by one member appointed by the national representative body or subsidiary body contact(cf. BVerfGE 30, 1 <21> ).

249Lawmakers have a commandment to combine preventive judicial review in a specific and clear standard form with

strict requirements on the content and reasoning of the court order (see BVerfGE 109, 279 <358 f> ). It follows alsothe requirement of a sufficiently substantiated justification and limitation of the query of the coveted data, whichallows the court only to exercise effective control (see BVerfGE 103, 142 <160 f> ). Only on this basis, and thecourt ordering must be formed independently make a judgment on whether the requested use of the datacorresponds to the statutory requirements. This careful examination of the triggering conditions is required by lawincluding in particular the intervention threshold. The decision of the court order must be justified in content.Moreover, the data to be transmitted in accordance with the principle of proportionality must be described sufficientlyselective in a clear manner (see BVerfGE 103, 142 <151> ), so that the service provider must not make their ownsubstantive examination. This may only be based on clear arrangements for data transmission required and justified.

250The effectiveness of control, it also means that the data resulting from the arrangement of the telecommunications

companies can be filtered out as a third party bound and sent to storage, the authorities say that is not a directaccess to the data is opened. In this way, the use of the data on the interaction of various actors referenced andlinked to each other in controlling decisionmaking structures.

251

bb) offered Constitutionally, is also opening a legal protection mechanism for subsequent monitoring of the use ofthe data. If an interested party prior to the operation had no opportunity to put before the courts against the use oftelecommunications traffic data is to defend him a judicial review to open later.

252cc) Finally, is a proportionate design requires effective sanctions for violations. Would also serious violations of

international telecommunications secrecy as a result remain unpunished, with the consequence that the protection ofpersonal rights, even if it is found in Article 10 paragraph 1 GG is a particular expression, would wither in the face ofthe intangible nature of this right (see Federal Constitutional Court, Order of the 1st Chamber of the First Senate of11 November 2009 1 BvR 2853/08 juris, paragraph 21,. BGHZ 128, 1 <15>), this would contradict thecommitment of public authorities, which detail the development of his personality to allow (cf. BVerfGE 35, 202 <220f>, 63, 131 <142 f>, 96, 56 <64> ) and protect it from threats by a third party legal personality (see BVerfGE 73, 118<210>; 97, 125 <146>, 99, 185 <194 f> ; BVerfGK 6, 144 <146>). This may be particularly the case whenunauthorized data obtained should be used largely unhindered or unauthorized use of data for lack of materialdamage on a regular basis would remain without the satisfaction of serving victims compensation.

253The legislature has in this regard, however, a degree of latitude. He may in particular take a look at the extent to

which such arrangements fit into the overall scheme of criminal procedure law or the applicable tort law. In thatregard, he must bear in mind that for serious violations of personal rights according to current law already prohibiteduse both on the basis of an assessment (see BVerfGE 34, 238 <248 et seq>, 80, 367 <375 f>, 113, 29 <61 > ;BVerfGK 9, 174 <196>; BGHSt 34, 397 <401>, 52, 110 <116>) and a liability for moral damages may be justified(cf. BVerfGE 34, 269 <282 285 f> ; BVerfGK 6, 144 <146 f>; BVerfG, Order of the 1st Chamber of the First Senateof 11 November 2009 1 BvR 2853/08 juris, paragraph 21; BGHZ 128, 1 <12>).. In deciding whether it needs inthis regard further regulations, it is therefore not prevented from observing, first, whether the seriousness of theviolation of privacy, in the unauthorized acquisition or use of this is frequently in question data, even on the basis ofcurrent law of the case law in the constitutionally required due account is taken.

2544th Less stringent constitutional stipulations only apply to an indirect use of precaution, the data stored in the form

of official information claims against service providers in terms of the connection holders of certain IP addressesthat they have to determine, using the data retained. The creation of such an inquiry demands is independent oflimiting legal protection or crime catalogs a total of more extensively acceptable than the query and use oftelecommunications traffic data itself

255a) For information about the holders of certain IP addresses to be used for the determination of telecommunications

traffic data must be stored as a precaution, must not be given on constitutional grounds the otherwise applicable tothe use of such data very strict conditions.

256Of importance is this the one that the authorities themselves, no knowledge of the received data to be stored as a

precaution. The authorities called in the context of such information does not accept the claims as a precautionanlasslos stored data itself, but only receive personal information about the owner of a particular port, which wasdetermined by the service providers, drawing on these data. It is the strength of the data severely limited: the use ofthe precautionary stored data alone leads to the inquiry, which port owner was declared under a wellknown, asotherwise determined IP address on the Internet. Such information has its formal structure to a certain similarity withthe query of the owner of a phone number. Its cognitive value remains selective. Systematic exploits over anextended period of time or the creation of personality and movement profiles can not be achieved solely on the basisof such information.

257Is significantly different to that used for such information from the outset only a fixed small segment of data, its

storage may be arranged by themselves at much lower conditions. A dynamic storage only the informationnecessary for such Internet data to identify IP addresses could have been a lot less stressful than the weight ofnearly complete storage of data from all telecommunications links. From the interaction of these factors shows thatare applicable to the use of telecommunications traffic data stored as a precaution otherwise applicable requirementsfor such information is not equally.

258b) However, the justification of regulatory information requirements for the identification of IP addresses significant

weight. With it, the legislature acts on the conditions of communication on the Internet and limits the extent of theiranonymity. On this basis, in conjunction with the systematic retention of Internet data to a large extent the identityof Internet users are determined. If individuals can see the damage to the Internet to register their IP addresses andmake a complaint or determine if the agency itself IP addresses assigned to this particular port owners and theunderlying communications are individualized with considerable probability.

259The assignment can be an IP address to a connection holder from the weight for the person concerned ago,

despite a certain similarity with the identification of a phone number can not be equated. Telephone numbers arepermanently assigned as an identifier shared between users, so that a search of its owner is also possible,regardless of specific telecommunications records. In contrast, an inquiry has been about the connection owner of adynamic IP address is also required in the information used and by which that port from that IP address at aparticular time. In addition, the phone number to private parties can be suppressed without difficulty, while the IPaddress can be obfuscated in principle only with the use of anonymizing services. Also, the possible ego relevanceof a query of the owner of an IP address other than the owner of a phone number: even the extent of contacts withmanagement, which are each made by calling Internet pages is new, it more meaningful than a phone numberretrieval. Also, the knowledge of a contact with a website to another substantive significance: As the content ofwebsites other than that the phone conversation spoken word electronically secured and longer can be called again,it can be with her reconstructed often reliably identify which object is the Communicating set apart has. Theindividualization of the IP address as the "phone number of the Internet" is at the same time revealing the content ofcommunication. The current distinction for the phone call connection of external data and call content resolves itselfhere. Individualized, the visitors to a particular site using the information about an IP address, you know not onlywho he had contact, but usually knows the contents of the contact.

260Of course, conversely, an increased interest in the possibility of being able to communicate on the Internet

connections for protection of legal rights or to protect the legal system to assign the respective actors. Given theincreasing importance of the Internet for the most diverse areas and processes of everyday life also increases therisk of its use for criminal offenses and violations in a variety of art in a constitutional democracy, the Internet maynot form a legal vacuum. The possibility of an individual assignment of Internet contacts for violations of somesignificance is therefore legitimate for the legislature. Insofar as relevant information from service providers under thecurrent technical conditions under which IP addresses primarily for the particular session ("dynamic") are assignedto, telecommunications traffic data is analyzed, this raises no fundamental objections to thus. Nor can thelegislature to ensure a reliable assignment of these addresses over time the provision of appropriate data or providean extensive recourse to the extent data kept by the service provider. It has a margin of discretion here.

261c) Accordingly, the legislature of such information independently of limiting legal protection or crime catalogs for the

prosecution of criminal offenses allow for the security and the performance of duties of the intelligence services onthe basis of the general way Encroachment appropriations (see Bock, in: Geppert / Piepenbrock / contactor /Schuster, Beck'scher commentary on the Act, 3rd edition 2006, § 113 para 7; Graulich, in:. Arndt / Fetzer / Scherer,Telecommunications Act, 2008, § 113 para 8).. Regarding the action limits, however, ensure that information can notbe obtained out of the blue, but only because a sufficient initial suspicion, or whether a specific threat to eachindividual case based on fact. The requirement of an economy based on factual evidence in the real risk is paid forthe intelligence services as well as for all to respond to threats to public safety and order authorities. The legal andfactual basis of the appropriate requests for information are to be recorded. A judge must be reserved in contrast tosimilar information not be provided.

262The considerable weight of the intervention of such information allows not, however, these generally and

unconditionally accept and to monitor or prevent any offenses. The abolition of the anonymity of the Internet requiresat least a legal interest affected, by the legal system is usually a highlighted importance is attached. This includesinformation relevant to prosecution or prevention of offenses is not complete. It must, however, to the extent and insome cases particularly weighty offenses act which the legislature must expressly designate.

263Also, there is no reason to take back for the identification of IP addresses the principle of transparency (see above

CV 3). The interested party that can go into the control from using the Internet anonymously, has in principle theright to know when and why this anonymity has been lifted. Accordingly, the legislature has at least providenotification obligations as and when thus the purpose of the information will not be thwarted or otherwise overridinginterests of third parties or the individuals themselves to the contrary. As far as waiver of notice in accordance withappropriate statutory provisions of exception, the reason is to make this record. Requires confirmation of a judicialwaiver of notice is not in contrast.

2645th The constitutionally required, ensure data security, and the proportionality requirements of a sufficient standard

clear restrictions on data use is an integral part of the arrangement of the retention requirement and therefore theresponsibility of the federal legislature that imposes the obligation. In contrast, the responsibility is directed to thecreation of selfretrieval systems and for the development of the transparency and legal protection provisions of therespective professional capacities.

265a) Except as shall be determined in connection with the obligation of service providers into a precautionary

measure eventfree retention of telecommunications traffic data about data security, this responsibility is an integralcomponent of the storage requirement and hereby legally connected, follow the federal government pursuant toArticle 73 Paragraph 1 No. 7 GG . For this purpose, in addition to the regulations for security of stored data alsoinclude provisions for security of data transmission, and this is to ensure protection of the trust relationship (seeabove CV 1 and CV 2 e).

266The federal government also is responsible to ensure the constitutional requirements as appropriate, sufficiently

precise limitation of the uses of the data that is tracked with the storage. The reason is this ineradicable in theconstitutional context of data storage and use, as it is settled case law of the Federal Constitutional Court, arestored data must from the outset only to specific, domainspecific, accurate and standardized with clearly definedpurposes, so as to ensure sufficient already in the storage, that the data will be used only for purposes that justifythe weight of data storage. A lock can not be justified as such abstract, but only insofar as it serves sufficientlyweighty, specifically designated purposes (cf. BVerfGE 65, 1 <46>, 118, 168 <187 f> ). In contrast, it isinadmissible, regardless of such purposes to create a data pool of storage, its use as needed and leave the politicaldiscretion of the subsequent decision of various government bodies remains. In such a case, the constitutionality ofstorage might lack sufficiently predictable and limited purposes at the time of lying in the store procedure not yet beassessed. Their significance for the citizen would neither predictable nor limited in accordance with the principle ofproportionality. This material combination of storage and use of data as a critical link between engagement andjustification must also in the interplay between federal and state governments are not broken. The competence toensure this linkage grows, the federal government under Article 73 paragraph 1 GG No 7 of factual connection (seeabove III C 2).

267The restrictions to the federal government in connection with the storage arrangements accordingly be taken to

determine the qualifying conditions for use of the data for the purpose of law enforcement, security or the preventionof danger by the intelligence services is developed according to the above provisos. Here, too, the necessaryarrangements are to maintain the fencing in the further use of the data, especially in the form of identification andlogging requirements.

268b) In contrast, the federal government falls with the arrangement of the storage requirement and not simply the

responsibility about whether and to what extent can be used effectively on the data within the limits specified by himpurpose. The adoption of rules that govern the retrieval of data itself is not fundamentally a federal matter, butdepends on the general legislative powers. After that, the authorization will not be to retrieve the data based onArticle 73 paragraph 1 GG No. 7, but is based on each of those skills to create standard, which governs thelegislation for the use of data tracked tasks (see BVerfGE 113 , 348 <368>, 114, 371 <385> ). In the field ofmaritime security and the tasks of the intelligence services, the responsibility so widely among countries. Other thanensuring the constitutionally required limitation of the uses that must be regulated uno actu with the storage for the

data protection laws clamping of intervention and justification, and may require more than just recall authorizing theprotection of other constitutional requirements that apply to the use of data such as in particular the arrangements fornotification of individuals and to ensure effective legal protection following legislative acts of the country be left. Theresponsibility for the constitutionality of these regulations require that these direct itself to the extent

VI.

269The challenged provisions do not meet these requirements. Although § 113a TKG does not contradict that reason

the basic right to protection of telecommunications secrecy under Article 10 paragraph 1 GG, because the range ofthe storage requirement would be in accordance with § 113a paragraph 1 to 7, 11 TKG disproportionately from theoutset. However, the regulations are in line for data security, for the purposes and to ensure transparency of datause and for nonlegal constitutional requirements. So there is a lack of the proportionality principle for thecorresponding development of the system as a whole. § § 113a, 113b of the Act and § 100g StPO, as far as thisallows the retrieval under § 113a TKG data to be stored are therefore compatible with Article 10 paragraph 1 GGdoes not.

270First § 113a TKG is unconstitutional not only because of its reach. The legislature may assess arranged with his

duty of storage, which extends anlasslos in paragraphs 1 to 7 on nearly all the traffic data publicly availabletelecommunications services, as for more effective law enforcement and risk prevention, appropriate, necessary andproportionate in the narrower sense (see above C IV). Despite their reach is the regulation on the amount of datacollected her limited yet sufficient. The contents of telephone conversations, faxes and emails may as § 113a TKGSection 8 clarifies explicitly stored as little as the website or service that a user has contacted the Internet. Also, thelegislature in accordance with § 113a paragraph 1, 11 TKG six months and a subsequent deletion is determinedthereon within one month of a constitutionally acceptable nor storage duration. Also at this time can not find thattargets the scheme in conjunction with other provisions to amounts or to create a comprehensive data collection ingeneral to the widest possible constructability of any activities of citizens. Significant extent the validity of the dataprotection law otherwise wellpervading principle of data economy and numerous deletion obligations to prevent thelegislature to allow the emergence of preventable data collections are always investigated. Are important forassessing the extent this particular instance, § § 11 et seq TMG, which basically require the service provider to theTelecommunications Act does not erase the data required for settlement (see § 13 par 4 No. 2, § 15 TMG) ૩૩and thuspreventing even in relation to private economic incentives that internet use is recorded in the general commercialcontent and data collections that will be reconstructed. § 113a TKG, so can not be understood as an expression of ageneral public pension data for the purpose of law enforcement and risk prevention, but despite its size, a limitedexception that tries the special challenges of modern telecommunications for law enforcement and security intoaccount.

271Second In contrast, there is a lack of data collection for such a constitutionally required ensuring a very high safety

standards. § 113a Section 10 TKG statuiert respect only the undetermined constant duty, through technical andorganizational measures to ensure that access to the stored data is possible only specially authorized persons, andotherwise refers only to the telecommunications sector in general due diligence. This lack of a provision thatcontributes to the particularly high demands on the security of comprehensive and meaningful data collectionaccording to § 113a TKG bill. The cause for the referenced § § 88 and 109 TKG ensure such safety standard is notparticularly high, but allow their wide application in accordance with, a variety of relativities. This applies in particularto § 109 of the Act. Thus, under § 109 para 1 TKG to meet any service provider appropriate technical measures orother measures to protect the secrecy of telecommunications and the telecommunications and data processingsystems against unauthorized access. To determine the appropriateness of use is made to § 109 para 2 clause 4 ofthe Telecommunications Act (see Klesczewski in: Säcker, Berlin's commentary on the Act, 2nd ed, 2009, § 109para 12.). After the measures are appropriate when the necessary technical and economic burden is proportionate tothe importance of protected rights. Based on the criteria developed above, thus the specific requirements for theprotection of stored according to § 113a TKG data are not sufficiently guaranteed. The legally prescribed standard of"reasonable technical precautions or other measures" required only to "consider" the state of technical development(see § 109 para 2 sentence 2 TKG; Klesczewski in: Säcker, Berlin's commentary on the Telecommunications Act, 2ed, 2009, § 109 para. 13), and puts the safety requirements in indefinite permanent manner in the general economic

considerations to the individual case. Moreover, the detailed specification of this standard is left to the individualtelecommunications providers, which have to provide their services under the conditions of competition and costpressures.

272A specification of these requirements is not ensured in the form of ordinances or by the supervisory authorities. In

particular, § 110 of the Telecommunications Act does not guarantee the validity of reasonable safety standards.Although in the context of this standard to be created by sublegal regulations (see § 110, paragraph 2 and 3 of theTelecommunications Act) aspects of data security can be also detected. Primarily determined by technicalobjectives and standard in this regard neither content standards nor does it the aspect of data security butotherwise it contains. Incidentally, two years after entry into force of the storage requirement of § 113a TKG, one ofthe new regulation takes account of adjustment telecommunications monitoring regulation does not occur.Accordingly, it is also in December 2009 in accordance with § 110 para 3 sentence 3 of the TelecommunicationsAct on the website of the Federal Network Agency published (see Federal Network Agency, Official Journal 2009, p4706) technical guidelines for the implementation of legal measures for the surveillance of telecommunications andinformation requests for Traffic data (TRTKÜV) pursuant to § 110 para 3 TKG take effect until one year after thisadjustment (Index 1 <Regelungsbereich> TRTKÜV, Part B, TR1 <Grundsätzliches> TKÜV).

273Sufficient data security is ensured not to § 109 para 3 of the Act. Although the standard requires that operators of

telecommunications facilities to identify safety officer and to create a security policy must submit to the FederalNetwork Agency. Even then, the concept when changing the underlying "facts" to adapt and resubmit. However, soa very high standard of safety is not guaranteed reliable. Thus detected, the system operator rule alone, but not theentire target audience of § 113a TKG, which also includes other service providers. In addition, referring to § 109 para3 TKG material only to the requirements of § 109 para insufficient 1 and 2 of the Act. It is also not guaranteedsufficiently clear standard form a continuous and controllable adjustment of security standards at the level oftechnological development. Is not clear so far whether § 109 para 3 sentence 4 of the Telecommunications Act alsorequires an adjustment to the technical development of protective measures and to continue developing the legalsafety standards. In any case, there is a lack of commitment to the continuation of a periodized approach to securitythat could allow an effective control in this regard.

274The lack of adequate safety standards in the Telecommunications Act § 9 BDSG can also compensate in

conjunction with the accompanying nonconditioning. Notwithstanding their sometimes abstract high standardsremain the norm, which is anyway only secondarily applicable (cf. Fetzer, in: Arndt / Fetzer / Scherer,Telecommunications Act, 2008, before § 91 para 10; Klesczewski in. Säcker, Berlin to commentTelecommunications Act, 2nd ed, 2009, § 91 para. 15), too general to draw together in a sufficiently specific andreliable way to ensure the very high safety standards under § 113a TKG data to be stored.

275Overall, a very high safety standard under § 113a TKG for the data to be stored is not guaranteed in a binding norm

and clear form. Neither the storage requirement, the expert of the respondents in the present process as the coreelements of these instruments (separate storage, asymmetric encryption, foureyes principle combined withadvanced methods of authentication for access to the keys, audit trail of access and deletion) set enforceable norare they imposed other measures that ensure an equivalent level of safety. Also, there is a lack of a balancedsystem of sanctions, the violation of data security is no less weight to a violation of the storage duties itself is thefines for failure to comply with storage requirements considerably wider than that for the breach of data security (see§ 149 paragraph 2 sentence 1 in conjunction with § 149 para 1 No 36 and 38 TKG). The constitutional requirementsfor the safety of data collection, similar to that created by § 113a TKG enough applicable rules, not so.

276Third The provisions concerning the transmission and use of data sufficient under § 113b sentence 1, sentence 1

TKG not the constitutional requirements.

277a) incompatible with the developed from the principle of proportionality standards are the first regulations on the use

of data for law enforcement.

278aa) § 113b sentence 1 No. 1 of the Telecommunications Act in connection with § 100g StPO does not meet the

very strict conditions under which alone is allowed under § 113a TKG stored data be used. Although the legislaturehas with these rules, a differentiated and in their interaction according to Article 74 Paragraph 1 No. 1 and Article 72paragraph 1 GG made final purpose of the data used for law enforcement. The legislature makes it for the use of thedata, however, meet similar requirements as previously for the collection of telecommunications traffic data werethat the service provider must store in accordance with their operational and contractual requirements in a morelimited extent, and for individuals through contracts partially avoidable under § 96 of the Act . This reflects the veryserious surgery, which is a precaution in the eventfree data storage and systematic of § 113a TKG, insufficientaccount.

279Already § 100g para 1 sentence 1 No. 1 Code of Criminal Procedure does not guarantee that may be general and

in specific cases only serious crimes rise to a collection of relevant data, but can regardless of any final catalog generally suffice major criminal offenses . Certainly remains § 100g para 1 sentence 1 No. 2, sentence 2 StPO backbehind the constitutional stipulations, regardless of their severity by any means of telecommunications offensescommitted pursuant to a general consideration as part of a proportionality test can suffice as a possible trigger of adata query . With this system, the stored under § 113a TKG data are of practical use in relation to all offenses. Theiruse thus loses in light of the ongoing importance of telecommunications in everyday life, their exceptional nature.The legislature is limited to not more on the use of the data for the prosecution of serious crimes, but is this all about and thus also on the European law given objective data storage, which is also limited itself solely to theprosecution of serious criminal offenses without the inclusion of risk prevention far out. Although use of these data,especially for the prosecution of offenses committed by means of telecommunications be very useful, so thatcomplicate the elucidation of their limitation in some cases may prevent or even. It is, however, in the nature of theguarantee of Article 10 paragraph 1 GG and the related requirements of proportionality, that not every measure thatis useful for law enforcement and in some cases also may be required constitutionally permissible. Conversely, inconsequence of this the relevant requirements of telecommunications in the area of ૩૩lesser crimes are not beingconsidered for legal vacuum: the information required under § 113 para 1 of the TKG, the lawmakers even underthe indirect use of the stored under § 113a TKG to educate provide for all offenses (see above CV 4 c). Similarly,thereby recourse according to § 100g StPO remains on otherwise than in accordance with § 113a TKG storedtelecommunications traffic data possible.

280bb) is not the constitutional requirements § 100g StPO continue to the extent that it permits in principle, a data

retrieval without the knowledge of the person concerned (§ 100g para 1 sentence 1 StPO). The constitutionalrequirements regarding the transparency of the data using a secret enable collection of data stored under § 113aTKG only if it is placed on compelling reasons required by law closer to concrete form and judicially.

281cc) The design of the notification requirement is not sufficient to fully comply with the above stipulations

developed. However, the scope of the proposed notification requirements as such is subject to no constitutionalobjection. § 101 para 1, 4 and 5, Code of Criminal Procedure provides, in accordance with the jurisprudence of theFederal Constitutional Court (see BVerfGE 109, 279 <363 ff> before) less stringent regulations, the principle of asubsequent notice to the affected constitutionally viable in balancing bring in exceptional individual cases conflictingpredominant concerns. It is not objectionable so far in particular, that are to notify concerned, on which the datarequest is not related, according to § 101 paragraph 4, sentence 4 Code of Criminal Procedure is not in every case,but only in accordance with an assessment. As part of this balance can and must be indirectly affected by theinterests sufficiently into account.

282May have insufficient contrast, the rules for judicial review in cases where a notification can be omitted. § 101 para

6 Code of Criminal Procedure provides for judicial review only for the postponement of the notification pursuant to §101 paragraph 5 StPO before, but not for the waiver of a notification pursuant to § 101 para 4 of Criminal Procedure.This reflects the high priority of alert for a transparent use of data stored under § 113a TKG does not sufficientlyaccount. To the extent that a data request is directly related to traffic data for a particular person, may be waived thesubsequent notification only after a judicial review of the relevant exemption reasons. At one such control is lackingin those cases should not be required in those of a notification pursuant to § 101 paragraph 4, sentence 3 Code of

Criminal Procedure because the predominant concerns of an affected person.

283dd) In contrast, judicial review of the data retrieval and data sharing is guaranteed even in a manner consistent with

constitutional requirements. The collection of the stored under § 113a TKG data required under § 100g para 2sentence 1, § 100b para 1 sentence 1 StPO, the order by the judge. The court order authorizing the authorities not toa direct access to the data, but requires the service provider, it's in an intermediate step to filter out the stipulationsof the arrangement and to be transmitted. Furthermore, there is according to § 101 para 1, para 7 sentence 2 to 4Code of Criminal Procedure, the possibility of having a judicial review of the legality of bringing the action. Thatthese rules ensure effective legal protection is not total, is not apparent.

284Not regulated sufficiently clear norm, however, the statutory provisions to the formal requirements of the court

order. § 100g Paragraph 2 in conjunction with § 100b para 2 Code of Criminal Procedure regulates only minimumrequirements of the operative part of the remainder, the general duty to give reasons applies to decisions under § 34StPO. The legislature should consider a new regulation on whether it would be helpful to the strict requirements for astatement of reasons for judicial orders (see BVerfGE 103, 142 <151>, 107, 299 <325>, 109, 279 <358 f> ) by togive a special and differentiated instruction reprint. In any case it must be ensured by law, that the amount of data tobe transmitted in the order in a manner consistent with the proportionality principle and sufficiently selective for theservice provider is clearly described.

285b) The challenged provisions do not satisfy the constitutional requirements with regard to accessing and using the

stored under § 113a TKG data for security and for the tasks of intelligence services. § 113b sentence 1 No. 2 and 3of the Telecommunications Act satisfies the requirements of a reasonable limit already uses its system to not. Thefederal legislature is satisfied here with a sketch in just generalizing, the task areas for which data retrieval will bepossible, without specifically naming the uses. He leaves the concrete rather later legislation, especially legislationby the states. He is his responsibility for the constitutionally required to limit the uses do not. If he orders thestorage of telecommunications traffic data, it is up to him at the same time, the necessary constitutional justificationfor their uses and intervention thresholds and to ensure the necessary followfencing provisions set binding. Suchdeterminations do not contain § 113b sentence 1 TKG. Rather, the obligation of service providers for preventiveretention of all telecommunications traffic data and also the release of these data for use by the police and theintelligence services under nearly the entire task one created for a wide range and unlimited uses open data pool, onthe only by gross objectives limited in each case on its sole discretion, the legislature can be accessed at bothfederal and state governments can. The provision of such a settlement to end its open data pool picks up thenecessary connection between storage and storage purposes and is not compatible with the Constitution (see aboveCV 5 a).

286Can not be criticized is in contrast to in § 113b TKG no overarching rules on notification requirements, or to judicial

review in case of using the stored under § 113a TKG data are included for purposes of security and the performanceof duties by the intelligence services. While such regulations are constitutionally indispensable. The federallegislature could this with the retrieval of data related arrangements, as the particular design of the trade laws andleave it where appropriate, through state laws.

287c) The development of the use of the stored data according to § 113a TKG is also disproportionate to the extent as

is provided for the transfer of any protection of trust relationships. At least for a narrow circle of dependent specialconfidentiality telecommunications links, such protection is necessary in principle (see above CV 2 s at the end).

2884th Finally, also satisfies § 113b sentence 1, sentence 2 TKG, the indirect use of the stored under § 113a TKG

data for information provided by the service provider according to § 113 Paragraph 1 provides for the Act, not in allrespects with the requirements of proportionality.

289After the abovedeveloped standards, it is subject, however, no constitutional objection that the legislature in §

113b sentence 1, sentence 2 TKG information about the connection owner of certain of the authorities is already

known IP addresses are not under the most stringent conditions required for a direct consultation of the according to§ 113a TKG data must be considered. There can be no objection to the extent that, under § 113b sentence 1,sentence 2 TKG in conjunction with § 113 para 1 TKG such information without prior judicial authorization for theprosecution of crimes of all kinds and generally allowed for the tasks of security and intelligence services are . Notquite clear, however, the regulation regarding the required action limits. In a constitutional interpretation, they canhowever understand the effect that § refers 113 paragraph 1 TKG to the respective professional regulatoryintervention principles and to access the data at least a sufficient reasonable suspicion in accordance with § § 161,163 Criminal Procedure Code or a real risk in terms of police general clauses requires (see Bock, in: Geppert /Piepenbrock / contactor / Schuster, Beck'scher commentary on the Act, 3rd edition 2006, § 113 para 7; Graulich, in:.Arndt / Fetzer / Scherer, Telecommunications Act, 2008, § 113 para. 8). The intervention threshold of the realdanger, the rule in a constitutional interpretation and requests for information for the intelligence services areremoved.

290Likewise, by way of constitutional interpretation can track any abuse of the provision to circumvent the § 100g

StPO are met. § 113b sentence 1 clause authorizes 2 in conjunction with § 113 para 1 TKG verfassungsgemäßemin understanding not to open polling the port authorities to owners, the telecommunications links that are not known.Instead, he allowed according to its justification in the laws which have been expressed towards goal only toindividual information, the authorities previously known IP addresses (see Bundestag document 16/6979, p.46). Thelegislature may consider necessary under the new rules, if he sees an opportunity to clarify this law. Theunconstitutionality of § 113b sentence 1, sentence 2 in conjunction with § 113 para 1 TKG is not so far observed.

291Under proportionality considerations largely to § 113b sentence 1, sentence 2 in conjunction with § 113 para 1 TKG

is to the extent that it can generally be sufficient for the prosecution of offenses such queries. Although thelegislature is barred by the above stipulations do not always developed, such information is particularly important incases of misdemeanor laws in use (see above CV 4 c). However, this requires clear standards of specialregulations that are presently lacking. Unconstitutional § 113b sentence 1, sentence 2 in conjunction with § 113 para1 of the TKG also is the extent that there are no rules to notification of individuals. Pursuant to § 113 para 1sentence 4 TKG, the debtor must protect information to those affected silence, and also provide information from therequesting authority is no guarantee notification. This meets the constitutional requirements for a transparent use ofdata stored under § 113a TKG not (see above CV 3 a).

2925th In summary, neither the statutory requirements for data security or the requirements set forth for use of the

data according to § 113b sentence 1 No. 1 of the Telecommunications Act in connection with § 100g StPO § 113bsentence 1 No. 2 and 3 of the Act and § 113b sentence 1, sentence 2 TKG the constitutional requirements. Thus, itlacks the same time the storage requirement under § 113a TKG itself to a constitutionally plausible justification. Thechallenged provisions are generally not compatible with Article 10 paragraph 1 GG hence compatible.

VII

293In contrast, the challenged provisions regarding Article 12 paragraph 1 GG, as far as to decide in this proceeding

on this, subject to any constitutional concerns. The complainant 4) in the process 1BvR 256/08 is not covered bythe challenged provisions and the financial burden associated with this violated their professional freedom.

294First The imposition of retention obligations relating to the complainant, at least insofar as they also own a publicly

available anonymizing server operates is, however, an attack on their professional freedom dar. As a commercialprovider of an anonymity service they can rely on the professional freedom under Article 12 paragraph 1 GGappointed. The regulation has objectively berufsregelnde trend. The storage requirements are addressed to thoseservice providers that provide publicly available telecommunications services usually paid for end users (see § 113a,Section 1, § 3 No. 24 TKG) and thus to service providers who offer services in any case typically for commercialpurposes.

295

During the procedure, it is a profession regulation. This is regulated under § 113a TKG storage and in § 113bsentence 1, sentence 1 TKG a transfer duty representing himself as a technical stipulations for the provision oftelecommunications services. Goes wrong, however, the argument that the duty of storage WOULD againstanonymizing services as a career choice control, because a final anonymization could no longer be offered. Althoughregulation is not a career choice be considered only if access is limited to a legal career, but even if the reasonableexercise of a profession is made ૩૩virtually impossible (cf. BVerfGE 30, 292 <313> ). However, the storagerequirement leads to § 113a TKG, paragraph 6 does not mean that anonymization services generally can not beoperated. The anonymizing services can continue to offer their users, without identifying possible to surf the IPaddress through a private on the Internet. They enable users to have a static (and therefore open) IP address to hidetheir identity and protect other users from hackers or other illegal access. Repealed the anonymity only to theauthorities, while even then only if according to the strict conditions for the immediate use of the stored under § 113aTKG traffic data, a data retrieval is exceptionally permitted. Therefore be held that only customers whose anonymityis against the interest in these most serious cases, investigating authorities. The offer of an anonymisation servicedoes not become a total invalid.

296Second The reasoned by the imposition of storage obligations intervention is constitutionally justified. It is not

unreasonable in terms of technical complexity or in terms of the associated financial burdens.

297Interventions in the profession of freedom must be justified by sufficient reasons for the common good (cf.

BVerfGE 94, 372 <390>, 101, 331 <347>, 121, 317 <346> ). Basically sound reasons of public interest sufficient (cf.BVerfGE 7, 377 <405 f>, 16, 286 <297>, 81, 156 <189> ; established case law). Even here, the requirements of theprinciple of proportionality, that is, the intervention must be to achieve the engagement objectives appropriate,necessary and proportionate in the narrower sense. These conditions are fulfilled here.

298a) The storage and transmission requirements to legitimize themselves in terms of invasion and occupation, the

freedom from the goal of a more effective law enforcement, maritime security and the tasks of the intelligenceservices. They are based on reasonable grounds that the public interest, for their promotion, they are suitable. A lessintrusive regulation which is not as effective and economical for the public sector is evident. As thetelecommunications traffic data will not occur since the privatization of the telecommunications sector in the state,this in turn is a direct storage is not in a position. A transfer of all the connection data to the State so that the storecarries himself ruled, because of the associated risks both for the protection of telecommunications secrecy and forthe security and integrity of the data. The necessity does not apply to damage to the profession by imposing costburdens or costly obligations not only because the financing would be the task in question from tax revenues for thevictims of a less restrictive means (see BVerfGE 81, 156 <193 f>, 109, 64 <86> ). Less restrictive means are notthose that merely shift a cost burden (see BVerfGE 103, 172 <183 f>, 109, 64 <86> ).

299b) The imposition of the duty of storage seems to affected service providers typically are not overly burdensome.

300aa) The storage requirement exceeds the limit of admissibility by the technical effort, which they demanded the

service providers. Since moving to the relevant service provider in the telecommunications market, they havealready a high level of technical mastery in the field of telecommunications data collection, storage and processinghave. About these capabilities must also small enterprises in this sector. Moreover, at least a majority of under §113a TKG data to be stored is already concerned by the telecommunication companies are temporarily stored fortheir own purposes. Demanding organizational requirements to ensure data security arise not only from the storagerequirement of § 113a TKG, but no matter already the subject of the offered services of the companies concerned.To that extent the imposition of specific obligations under § 113a TKG not disproportionate in technical andorganizational expertise.

301bb) the storage requirement is disproportionate and not in relation to the financial burden that the firm derives from

the storage requirement of § 113 of the Act and the obligations thereto Unbind sequence ends as ensuring datasecurity. This is particularly unacceptable, not because private companies would thus entrusted with public dutiespermitted. A categorical distinction between "state functions" and "private duties" with the result of fundamental

inadmissibility of enslavement for public purposes by private individuals at their expense can not be found in theConstitution. Rather, the legislature has broad discretion, to ensure that duties of common interests, he has imposedon the private course of their work (see BVerfGE 109, 64 <85> ). Basically, he can load and measures to safeguardpublic interests that are in need of regulation as a result of commercial activities, the relevant market actors imposein order to integrate the associated costs in this way in the market and the market price. The legislator is not limitedto, a private company to be in service only if their professional activities may have an immediate impact in terms ofdirect threats or hazards that are at fault. Rather, the extent sufficient enough property and responsibility of proximitybetween the profession and the obligation imposed (cf. BVerfGE 95, 173 <187> ).

302Then there are the storage requirement for the costs incurred burdens no fundamental objections. The legislature

moved this way, the costs associated with the storage in accordance with the privatization of thetelecommunications sector as a whole in the market. Just as the telecommunications company of the newopportunities to use telecommunications technology to make a profit, they must also assume the costs for thecontainment of the new security risks associated with telecommunications, and process them in their prices.Obligations imposed on companies are closely related to the services they provide and may even be provided assuch only by them. Also here are not imposed on individual service providers offering special case by case basis,but designed in a general form the framework for the provision of telecommunications services. It is therefore notconstitutionally objectionable if the companies have this then also bear the costs principle. But the common good sorequires no specific objective to provide a cost for this replacement (cf. BVerfGE 30, 292 <311> ). A law thatregulates the business activities in such a way that private individuals in the exercise of their professionalobligations imposed on it regularly affects a large number of people is not already considered disproportionate whenindividuals affected unreasonably burdened, but only when it is at affects a larger group violated the principle ofproportionality (cf. BVerfGE 30, 292 <316> ). Have that the cost burdens in this way, choking effects is notsubstantiated raised still recognizable.

303In this respect, to consider further whether or not in terms of specific groups of cases (cf. BVerfGE 30, 292 <327>

) or special situations from the perspective of proportionality hardship cases are given. For each case arises fromthis to what the complainant to 4) in Method 1 BvR 256/08 no. In particular, it has also in terms of anonymity aboutthe services a sufficiently from the other telecommunications companies exceeding pollution either for themselves orfor other providers of those services covered by concrete numbers to understand. Only under this condition could bebut found to exceed the legislative maneuver space for the enslavement of anonymizing services. As long as theassessment is made ૩૩by the legislature only by conjecture and allegations in question, the Federal ConstitutionalCourt does not examine this issue (see BVerfGE 114, 196 <248> ).

304No fundamental concerns about possible remaining cost burden is also subject to the reporting obligation pursuant

to § 113b sentence 1 No. 1 of the Telecommunications Act in connection with § 100g StPO, for which the legislaturea compensation scheme has provided (see § 23 para 1 Judicial Remuneration and Compensation Act). Theenvisaged compensation claims are not the subject of these proceedings.

VIII

305Also incidentally arise from the fundamental rights, as far as the violation is alleged allowed no large requirements

in the challenged provisions.

IX.

306The violation of the fundamental right to protection of telecommunications secrecy under Article 10 paragraph 1 GG

leads to the nullity of § § 113a and 113b of the Telecommunications Act and § 100g para 1 sentence 1 StPO, whensuch traffic data may be collected pursuant to § 113a TKG. The challenged norms are therefore subject toascertainment explain the violation of fundamental rights null and void (cf. § 95 para 1 sentence 1 and § 95 para 3sentence 1 of the FCC). Accordingly, the interim result of the arrangement of 11 March 2008 and 28 To October2008 from the service providers in the context of requests for information collected for the time being but not deleted

immediately transmitted to the requesting authorities, but saved telecommunications traffic data. You may no longerbe sent to the requesting entities.

307The decision on costs is based on § 34a para 2 FCC.

308The decision was taken unanimously in terms of European law issues, the formal constitutionality and the

compatibility of the precautionary principle telecommunications traffic data storage with the Constitution in the result.In assessing the extent of § § 113a and 113b of the Telecommunications Act as unconstitutional, it is the result of 71 votes and in terms of other substantive issues, so far as appears from the dissenting votes, adopted by 6:2 votes.

309That the regulations under § 95 para 3 sentence 1 of the Federal Constitutional Court is to declare null and void

and contrary not only to the Constitution, the Senate decided by a 44 vote. Accordingly, the rules are not applied toa limited extent on an interim basis on, but it remains at the statutory standard result of the annulment.

Paper HohmannDennhardt BrydeGaier Eichberger SchluckebierChurchyard Masing

Dissenting Opinion of Judge Schluckebierto the judgment of the First Senate of 2 March 2010

1 BvR 256/08 1 BvR 263/08 1 BvR 586/08

310I can not as a result of the decision and in many parts of the grounds of the considerations outlined below agree.

311The retention of traffic data writes to the Senate the action of a particularly serious interference with the

fundamental right under Article 10 GG. In my opinion, such a procedure is indeed attach special importance: it turnsout, however, compared to contentbased surveillance of a significantly lower severity (I.). I think the caused by thestorage of traffic data and the criminal procedural law access control intervention also in view of the legislators'objectives, notably the Enlightenment and of offenses which are in some cases of considerable importance, or viatelecommunications committed, however, difficult aufklärbar are constitutionally in principle justified. The underlyingregulations are looking for I apprehend the proportionality test in the strict sense, a particular appropriateness andreasonableness test was essentially (see II). The only exceptions are the substantive requirements to ensure thesecurity of data to be stored and transmitted in telecommunication traffic data, to the extent I agree with the majorityof the Senate, in any case take up again below. The legal consequence statement would be based on theassessment of the majority of the Senate of the annulment of the challenged provisions in sight, to my mind was, itshould have been according to the Senate adopted interim measures until a new regulation for further deemsapplicable (see III.).

I.

312The Senate majority sees the storage of traffic data for a period of six months from the service providers is a very

serious violation of the fundamental right under Article 10 paragraph 1 GG. I do not agree with this weighting.

313The secrecy of telecommunications protects the contents and the circumstances of the communication prior to a

notice by the public authority (see BVerfGE 100, 313 <358>, 106, 28 <37>, 107, 299 <312 f> ). Write to theobligation of private service providers to store (§ 113a TKG) intervention quality, because the providers' auxiliaries ofthe state "were and this was therefore attributed to store wins, so for the evaluation of the intensity of the

intervention, the fact of particular importance that before a possible access by the public authorities, the traffic dataexclusively in the sphere of private service providers remain. You are in the hands of the contractor to whom theservices claim Participants meet brings in any contract of this kind presupposed basic trust, that will treat anyway,first of operational and accounting reasons resulting data strictly confidential and ensure their protection. Moreover,the potential for the state of the art adequate level of data security is guaranteed, absent thus each objectified basisfor the adoption of a eingriffsintensivierenden intimidation effect, or as the verdict put it "feeling of the constantbeing watched" and "vague threat". In addition, the recording is not secret, but because the law made ૩૩known. Itssubject is not the content of telecommunications. As far as the traffic data allow limited conclusions on such contentor would allow the creation of motion pictures and social profiles, this concerns the question of the proportionality ofthe relevant regulations as well as access to proportionality requirements of the law on the application level. Be thatthose in individual cases intrusive uses in existence according to weighty reasons, it does not justify them asexceptional cases, as they prove on the whole, attach decisive importance to the weighting of the store and thisfully be used.

314The Senate has already, in its judgment dated 12th March 2003 ( BVerfGE 107, 299 <322> ) for publication of call

data telecommunications, which referred to telephone conversations, pointed out that the weight of the intervention there by the call behind the back to stay in communication contentbased telephone surveillance, of course, butstill great be. Although the present case is given in view of the widespread impact of the retention requirement andforethought a special case design. However, it must in the weighting of the intervention maintained is still anoticeable distance from such a very serious surgery, such as those in the acoustic surveillance of private homes orat the online search of information technology systems, but also in the content monitoring and evaluation oftelecommunications through direct access of state organs and where there also unlike here is particularly acuterisk that the absolutely protected core area of private life is concerned. The collection of traffic data of alltelecommunications contacts with the private party without notice by the public authority and subject to strictsubstantive requirements separately provided possibility of their regular way on the right application level byordering judges reviewed and strictly limited query on procedural, backed measures such as those provided forthe collection according to § 100g StPO are based on the other hand from the perspective of the individualconcerned basic entity not in this way overweight encroachment on fundamental rights that would justify this rate as"very serious" and thus be classified as one of the größtdenkbaren interference with fundamental rights. After anintervention is due to the storage of the private provider that can be characterized as very overweight. Thisdifferentiation will win her more importance when assessing the reasonableness of the challenged provisions.

II

315The challenged provisions of the duty of storage and collection of traffic data for law enforcement purposes are

contrary to the assessment of the Senate majority not unreasonably, they are the victims and therefore relativelywell unreasonable in the strict sense.

316First The regulations satisfy the need for adequacy and reasonableness as sufficient discharge of the

proportionality principle into account. Based on an overall balance between the severity of the procedure in Article 10paragraph 1 GG, and the weight of the reasons justifying it turns out that the legislature has maintained resultingfrom this bid limits.

317The principle of proportionality requires the strict sense that the severity is not the procedure for a total

consideration must be out of proportion to the weight of it justifiable reasons (cf. BVerfGE 90, 145 <173>, 92, 277<327>, 109, 279 <349 ff>, 115, 320 <345> ). In the tension between the duty of the state for protection of legalrights and interests of individuals in protecting his guaranteed by the constitutional rights it is primarily the task ofthe legislature to reach in an abstract way to balance the conflicting interests (see BVerfGE 109, 279 <350 >, 115,320 <346> ). He is there what the approach, the Senate majority proceeds terminology an assessment anddesign freedom.

318When evaluating the constitutional adequacy of the scheme is the starting point to consider that fundamental rights

are not exhausted in it to ward off state intervention. Power of their objective legal dimension follows from them theduty of the state to protect citizens from attacks. This duty to protect includes the duty to take appropriate measuresto prevent the violation of property, if they possibly explain to assign responsibility for them and restore peace to thelaw (cf. Jutta Limbach, AnwBl 2002, p 454). In this sense, is one of ensuring the protection of citizens and theirfundamental rights and the foundations of the community and preventing crime at the same time as the awarenessof the important conditions for peaceful coexistence and the carefree use of fundamental rights by the citizens.Effective investigation of crimes and effective security are therefore not per se a threat to the freedom of citizens,however, is not permitted without measure or limit. They are offered under the appropriate and reasonable to protectthe use of fundamental rights and protect the legal interests of individuals. The citizen must be in the right state toeffective protection by the state can leave the same as the protection against the state (see Di Fabio, NJW 2008,421 <422>). Accordingly, the Federal Constitutional Court of the state as composed of peace and order might bedescribed, and he acknowledged to be guaranteed security of its citizens as a constitutional value, associated withothers in the same rank and indispensable, because the institution of the state derives also on their justification (cf.BVerfGE 49, 24 <56 f>, 115, 320 <346> ).

319The balancing of conflicting interests by the legislator who has to create the legal basis for the investigation of

crime and security, is to take into account that individuals are 'reasonable in its community orientation andcommunity bondage some damage to the protection of legal rights and protection of fundamental rights of othercitizens, but also serve as its own protection (cf. BVerfGE 4, 7 <15>, 33, 303 <334>, 50, 166 <175> ). Also in viewof the fact must be given to the legislature a design space for the incumbent compensation, in order to both protectthe liberties of the subjects of fundamental rights, on the other hand, to create, but those legal framework, theeffective protection of fundamental rights and legal interests of citizens against injury and the elucidation ofpunishable by appropriate and reasonable means facilitate effective.

320Second The legislature has the duty to save the telecommunication traffic data for a period of six months, the end

use of control and survey control in the criminal proceedings he held constitutionally rightful design framework. Theoutgoing of the challenged provisions impairment for those affected by the traffic data storage telecommunicationsubscribers in respect of protected rights and legal protection is not unfair and unreasonable, on the opposite side ofthe tofind balance is the legislative weight to the protection of the injured through criminal legal interests ofindividuals and the community and the corresponding risks defense in an age very farreaching expansion ofelectronic communication, which often leave little trace. It looks, in principle, the majority of the Senate soaddresses these concerns, however, only when considering the question of the appropriateness and necessity of theregulations, provides it, however, not explicitly to a reasonableness test, the affected interests really is "to eachother in a relationship."

321a) the legislature when abstract balance between the right in question estates and interests in the tension between

"freedom and security" first rightful design space (see BVerfGE 109, 279 <350>, 115, 320 <346> ) is determined bythe nature of the objects of regulation and the reality of the scheme should be fair, with marked. Therefore, thepurpose and effectiveness of the regulations when assessing the appropriateness and reasonableness of taking inthe view.

322The legislature has fundamentally reformed the law on the revision of telecommunications surveillance and other

undercover investigative measures and the implementation of Directive 2006/24/EC of the system of criminalprocedure covert investigation methods. He has been based in a very careful way to be expert opinions, anextensive discussion of the law, but also advice on the prosecutorial and police practice (cf. Bill Bundestagdocument 16/5846, p.1). In parliamentary procedure is carried out an extensive consultation of experts (see theminutes of the 73rd and 74th meeting of the Legal Committee of the German Bundestag, 16th electoral period, on 19and 21 September 2007). The aim was also to be implemented by then, this law of the Federal Constitutional Court.The law was finally adopted by a very large majority (see plenary of the Bundestag, 16th electoral term, 124thmeeting on 9 November 2007, pp. 13009 (D), see also the contribution by Federal Justice Minister Brigitte Zypries,supra, plenary p 12 994 f). The legislature intended the new technological developments into account, as he toeducate especially difficult determinable crime, transaction and economic crime as well as crimes committed byusing modern communication technologies (see Bill Bundestag document 16/5846, p.2), particularly the has attached

to this issue in the regulations a big effect. It was further the stated goal, the irrefutable needs an effective,constitutional criminal justice system to take account of whose job it is to create within the bounds of justice andpeace law. This objective, the discoverability of the facts necessary to clarify forwardprinciple (ibid. p.22). Here, thelegislature also assumed that especially telecommunications traffic data due to the technical development towardsflat rates unlike in the recent period than just the connection data of the phone for many months were available often either are not being saved or have been deleted again before may be a court order to disclose informationobtained or even necessary for an application to information previously determined (ibid. p.27). It is also widelyknown that even in and through the Internet, even crimes are committed. The social reality, including the existenceof crime constitutes, also here from the various divisions in the area of telecommunications. If the legislatureresponded to this, that is, in his opinion necessary, but only effectively possible if proper traffic data subject for acertain period of retention and storage of duty that he imposed on service providers, so this is not in principleinappropriate, and the basic entities, to the data it is unreasonable. Such care is familiar with the legal system inother fields, such as without this being directly comparable in the field of population reporting requirements or theProvision of socalled account master data by the banks (cf. § 24c KWG, BVerfGE 118, 168 ).

323Not that the approach adopted by the legislature is out of balance, some validation is also found in the Annual

Report 2008/2009 the Federal Network Agency, which identifies the trend in the number of different approaches tovoice and other data communications in recent years. The report shows impressively the exorbitant rates of increasein the number of connections, but especially in the power exchanged voice and data volumes. It shows that thecommunication behavior of people in recent years has fundamentally changed (cf. ibid about page 38 of the DSLlines, page 50 to encourage participation in the mobile networks, pp. 53 to voice volume in the mobile and the rate ofincrease in the flat rate billing, traffic volume on page 59 for broadband connections).

324Under these circumstances, it may not be the legislature, in principle, failed to give attention to the purpose of

protecting the legal interests of crime victims on the effectiveness of the to be provided by his agent and to thechanging situation even by the obligation of service providers in their sphere store traffic data for a certain durationand reproach adjust. The keeping up of the state bodies with technological advances can also be seen not only asa meaningful complement the arsenal of crimedetection methods, which adds further effective conventionalmeasures of investigation, but is against the background of the displacement of traditional forms of communicationto electronic communications, including the subsequent digital processing and storage to be seen. For effective lawenforcement and security not only in relation to serious crime, but also for the investigation of crimes that are insome cases of considerable importance, or are committed by means of telecommunications, but are without accessto traffic data difficult aufklärbar, the availability of traffic data for a period of six months is not objectionableassessment of the legislator is of great importance (cf. BVerfGE 115, 166 <192 et seq> , see also BVerfG, 1stChamber of the Second Court decision of 22 August 2006 2 BvR 1345 / 03 , NJW 2007, 351 <355>).

325The Senate majority recognizes accordingly that the increased use of complicated electronic or digital means of

communication and their penetration into almost all areas of life, the prosecution, as well as the security andadvanced communication techniques in the commission of various crimes are increasingly being used and there formore effective and criminal actions contribute. They weighted the development but the proportionality test in thestrict sense is not up to the necessary extent for I apprehend.

326b) The Senate majority also restricts the assessment and discretion of the legislature to meet on the field of crime

intelligence and security to protect the people adequate and reasonable regulations, a practical result in the almostcomplete. Thus it contributes to the constitutional requirement of judicial restraint ("judicial selfrestraint") to theconceptual decisions democratically elected legislature does not take sufficient account. It gives the legislature alegal system until the details on the nature of an action guide that it leaves no room for a significant solution, whichthe given, continued relationships developed in the telecommunications sector is just in its estimation.

327The judgment is a storage period of six months that the required by the EC Directive minimum as the upper limit

before lying down and possibly constitutional justification able to write to the legislature before control technologythat the use of relevant regulations also include the access requirements have limited him to a catalog exploits

technology in criminal law and includes the possibility of using the traffic data and to educate committed by meansof telecommunication difficult inexplicable crimes and expands the notification obligations and the legal minimumrequirements in a particular kind then left to the legislature no appreciable room left for a design in their own politicalresponsibility. He is essentially limited to the edge of the catalog for the criminal proceedings demand slightly adjustand change. He has to implement the judgment, he does not want to dispense with a new regulation to Communitylaw. This replaces the judgment in the practical result of the legislation to the Senate for the details of aconstitutionally permissible only considered regulation.

328Third The Senate majority urges that the legislature must create within both clarity of purpose of use of the access

requirements and process assurance requirements. So she takes to the legislature the control system was able towork with a system of complementary legal bases, as in other areas so far remained unopposed. Thus, the Senateconstitutionally about the socalled account master data decision is not disputed that the demand for the fulfillmentof other regulated legal tasks may be required are described must recall the occasion and requirements but in adifferent law (see BVerfGE 118, 168 <191> ) . Payee information is deemed insufficient, the Senate has been on theother hand in the decision to socalled automatic number plate recognition, where the challenged law, however,made ૩૩no statement of purpose and therefore all possible uses were included (see BVerfGE 120, 378 <409> ). Thesituation here is different, however (§ 113b TKG). It is therefore just the standard clarity and, if those legalrequirements and stipulations that lead to the significant intensification of the procedure by retrieving the data, areregulated in a specific area each quite independent standard territorial structure. Both schemes are of course subject possibly also in their interaction the constitutional requirements and constitutional review. Even when comparedto a national legislature of the federal legislature, the responsibility for the storage of traffic data carries thesupplemental any Provincial regulation also satisfy the Constitution. A law enforcement deficit can not thereforearise.

329Accordingly, there is no reason, in addition to the criminal access standards of § 100g StPO, which has been with

the constitutional symptoms sometimes attacked, would be extended to the detailed conditions for the use of trafficdata for security purposes and for purposes of the intelligence services.

3304th The Senate barred the legislature finally the availability of all traffic data for the investigation of crimes that are

not designated in the current catalog of § 100a paragraph 2 StPO, but in some cases are still of considerableimportance, as well as such acts are committed by means of telecommunications (§ 100g para 1 sentence 1 No. 1and 2 StPO). He considered insufficient by the weight of eligible offenses, and if they are legally considered to bedifficult aufklärbar their importance for the effective investigation of crimes. In the case of No. 1 of § 100g para 1sentence 1 StPO, the legislature is based on criteria set by the Senate in its judgment dated 12th March 2003 (BVerfGE 107, 299 <322> approved) for release of connection data telecommunications. There, the Senate pointedout that that interference is justified only in crimes, which attaches particular weight to the legislature in general andin specific cases also have considerable importance, as a result of the damage and the degree of threat to thepublic. I do not see that there is not objected to by the Senate action limit would be the access to socalled stockmarket data weighted fundamentally different. The proportionality test in each case responsible for the design of thecase in question, ordering judges, who include the weight of traffic accessing the data in each case in a trade withand to be limited by the wording of his order.

331With regard to the will by means of telecommunication committed offenses for which ruled the Senate access to

the data stored under § 113a TKG also know traffic data is not weighted enough that the legislature here emanatesfrom awareness considerable difficulties. These can also appear next to the specific weight of the unsolved indeedthe retrieval of prepreserved traffic data as appropriate, especially when as here has endowed the legislatureretrieval conditions with a strict subsidiarity clause giving the measure is only allowed if the investigation of the factsor to determine the whereabouts of the accused in any other way would be futile and the collection of data even insome cases in proportion to the importance of the matter is (§ 100g para 1 sentence 2 StPO).

332Since it is for the legislature to ensure effective law enforcement and to preclude any significant gaps in protection,

the state can not be denied, even on this side of particularly serious offenses in respect of at least more specific

weight of a damaged legal right to access to open to traffic data, because he believes in his estimation, the onlyway to rule out the emergence of de facto largely unprotected by the law and an extensive drainage of theEnlightenment. Examples to point is far about the offense of enactment (§ 238 para 1 No. 2 of the Criminal Code,"cyber stalking"), where verification at a "word against another's constellation", but also to identify a previouslyunknown perpetrator, the Traffic data are often the sole determination approach. The possibility of a flying start hereleads further limited because it is not recognized as the email traffic, and ultimately dependent on the goodwill ofservice providers. The same applies to the facts of the threat, but especially in the area of ૩૩fraud on the Internet, areat the police crime statistics, as evidenced by the considerable number of cases in question. Considering finallycome, other offenses (§ 202a to 202c, spying and interception of data; also see § § 269, 303a, 303b of the PenalCode, forgery of evidentiary documents, data manipulation, computer sabotage, § 38 para 1 WpHG in conjunctionwith § 14 para 1 No. 1 WpHG, socalled insider trading, § 38 paragraph 2 in conjunction with § 39 Paragraph 1 No.1, § 20 para 1 sentence 1 WpHG, Nos. 13, unlawful market manipulation, § 86 of the Criminal Code, spreading ofpropaganda of unconstitutional organizations ).

333Although it seems inconceivable that the legislature one of these events provided for in the Senate takes up the

required catalog of serious crimes. He will, however, the limits of the reasonable principle of guilt committed criminalthreat, which is able to justify it. Offenses which were not committed on a commercial or trigger an especially highdamage in individual cases, may be hardly included in such a catalog, as it appears for the Senate. Also, reliance ononly operationally remaining "nonretained data" is the explanation, lack hardly able to mitigate. There are betweenproviders experience shows large differences. Part are not held the data, some after just a few hours or dayscanceled. Even the investigative steps that lead to the application for a warrant and then prepare for such anapplication, and the decision on the application will often take longer to claim, as the traffic data available foroperational reasons, the service provider are.

3345th The situation is similar with regard to the access threshold set by the Senate for security purposes. The

Senate held sufficiently weighty legal interests, to consider the traffic data as accessible and usable, would be takento avert a common danger is not at the same time for property of significant value, its conservation in the publicinterest, must involve. It seems incomprehensible to exclude significant property in this sense, they're alsoconstitutionally protected (see Article 14 paragraph 1 GG). The inclusion of this well is at least Schutzguts then notunreasonable if the traffic data collection such as in § 20m BKAG also a subordinate clause provides ("...otherwise difficult or hopeless much would be. ').

3356th As far as the Senate majority eventually extending the notification requirements in case of access to traffic

data postulated and generally for the criminal law is not only a socalled open access, but a " prior requires the queryor transfer "taking place notification if protection is not contrary to the purpose of the inspection, leaving theserequirements, the legislative approach and does so at the discretion of the legislature. The concept of the legislatorwas to the effect that all " undercover investigative measures to regulate, "which he has calculated explicitly thetraffic data collection (Bill Bundestag document 16/5846, p.2). Also § 100g StPO provides that traffic data (initially)"without the knowledge of the person concerned" shall be applicable. This also has a good reason. Becauseinvestigations are regularly marked by a considerable momentum and leading accelerated. Efforts, the processkeeping and lawenforcement purposes does not necessarily timely are due to, first held in check. The legislaturehas accordingly made ૩૩for traffic data collection a sophisticated system of notification (see § 101, Section 1,paragraph 4, sentence 1, No. 5, paragraph 5 StPO), which requires no advance notice. In addition, he has to raisewith the permission, initially without knowledge of the affected traffic data, recognizable made ૩૩a classification, whichdates back to the fact that usually hinder the purpose of the investigation, the Nichtbekanntsein the whereabouts ofthe person concerned or the need to speed up the findings of a prenotification. This is clearly not unreasonable, theparty concerned and reasonable result, the legislature constitutionally at liberty.

III.

336By the Senate were to annul the challenged provisions, although the legal consequence of the incompatibility

statement carried by the majority. However, it would also based on the constitutional assessment of the majority,drawing on a permanent jurisprudence of the Federal Constitutional Court nearby to put the legislature a deadline for

new rules and the existing regulations in line with the stipulations of the Senate adopted interim measures totemporarily to explain further its application. Because the Senate grants the legislature the opportunity to provide atraffic data storage requirement for six months and to create in the judgment under those conditions the accessrules, which essentially correspond to the requirements of the interim measures. The stipulations of the judgment aredifferent from those in the interim measures primarily only by the fact that greater demands are placed on datasecurity and additional notification requirements will be demanded. This suggests that the balance according to thecommon practice of the Federal Constitutional Court by an annulment originally foreseen and not to consider itmandatory to allow temporarily only access to data by service providers that are made operational or accountingreasons still exist . So then for the time being until a new regulation for the security and significant deficiencies inthe investigation of serious crimes also be taken into account and to get. On the grounds of the Senate adoptedinterim measures and considerations made there is referred. In addition, the service provider must suspend itsprovision for the implementation of the challenged regulation and restoring the old state, have been around in thecase of Community law required new, amended the law to create the conditions again at considerable expense.

SchluckebierDissenting Opinion of Judge Eichberger

to the judgment of the First Senate of 2 March 2010

1 BvR 256/08 1 BvR 263/08 1 BvR 586/08

337I agree with the decision of the Senate majority in parts of the judgment and result in substantial reason not to

elements. I agree in principle the criticism of the judge Schluckebier thereon, whose opinion I am in the result andreasoning in the predominantly connect. I can not therefore be limited below a brief summary of my views onfundamental considerations:

338First Also, in my opinion, the legal arrangement of the storage of telecommunications traffic data is given its

staffing and overall length, and their Anlasslosigkeit the considerable duration of mandatory data retention a weightyprocedure in Article 10 paragraph 1 GG. Since, the commitment to being saved on the traffic data and does notcontrol the content of telecommunications operations, and because it is decentralized in the private serviceproviders, associated with the storage operation is not the overriding emphasis by the Senate majority ascribes tohim in general. The fear of the Senate majority by intimidation effect on the communication behavior of the people Ihold in light of the legislative concept of data storage, which excludes free access of public authorities at thedecentralized, private service providers stored traffic data and rigorous substantive and procedural hurdles inparticular a substantial judicial authority for a data retrieval provides or supplement also, in my opinion to suchstatutory requirement nor is unfounded, at least for empirical evidence.

339The main loading effect for the subject of protection of Article 10 paragraph 1 GG, the proceeds from the

disposition of the data storage for its citizens is, therefore, in my opinion because in the first place in the late of thislarge data collection potential danger due to abuse by the service providers themselves by unauthorized third partiesor by an excessive use of law enforcement or police authorities. Against this must be taken care. Therefore, I fullyagree with the position of Senate majority to the requirements for an advanced data backup, the service providersare by law prescribe. Even most of the other procedural safeguards for data storage, data retrieval and the reuse ofdata (deletion and logging requirements, transparency and legal requirements), which holds the majority of theSenate was called for, I agree in principle, although falling in the judgment of The Senate majority to the legislaturein this respect the stipulations in my estimation over long distances to small scale, and not sufficiently take intoaccount the discretion, conferred by the Constitution to the legislature in this regard.

340Second Unlike the Senate majority and in accordance with the judge Schluckebier I am of the opinion that comply

with § § 113a, 113b TKG underlying legislative concept of a tiered legislative responsibility for storing configurationand data retrieval on the principle of the Constitution is consistent. Within this conception reason § 113b TKG notindependent, the arrangement of data stored under § 113a TKG beyond encroachment on Article 10 paragraph 1 GG.

The rule contains rather offered the constitutionally intended purpose for the storage of traffic data. Only in § 113bsentence 1 of the Telecommunications Act provided other statutory authorization for retrieval of traffic data leads toa renewed, on the importance of going beyond previously made data storage procedure in Article 10 paragraph 1 GG.In this way, the federal legislator leaves with § 113b TKG with responsibility for the relevant subject area legislatorsof the federal or the state to him to decide by virtue of its constitutional and democratic legitimacy of rightfulauthority, whether and to what extent it for the purpose of law enforcement, security or access to the concerns ofthe intelligence services to the telecommunications traffic data. Here, the relevant legislation has of course true tothemselves the constitutional limits of a proportionate access to traffic data.

341A constitutionally impermissible arrangement of a data collection is on indefinite storage for purposes not herein.

The federal legislature has designated in § 113b TKG along with the changes made in § 113a TKG obligation forservice providers to store data, the purposes for which the stored data may be used. By the federal legislature, thearrangement of data storage assumed responsibility for the fact to the detriment of citizens established risk potentialrequires, however, also in my opinion so far I agree with the position of Senate majority in the starting point to inaddition to the basic description of the purpose determining at least a minimum threshold of intervention, such asthey described in § 113b sentence 1 No. 1 Telecommunications Act in connection with the same time adopted §100g StPO Section 1 for the prosecution and the concept of "significant risk" in § 113b sentence 1 No. 2 TKG forsecurity, but not comparable in § 113b sentence 1 no 3 TKG for the fulfillment of the tasks of intelligence services isprovided. This would require the appropriate supplement. A detailed and final determination of the uses, as theSenate majority required by the federal legislature along with the arrangement of data storage, I thinkconstitutionally, however to be unnecessary.

342Third Finally, and most of all, I can weigh the outcome of the Senate majority does not agree, as far as the

provision under § 100g StPO use the stored under § 113a TKG data for purposes of law enforcementunconstitutional. This is due, first, that the Senate majority the very outset, the caused by the arrangement of thedata storage procedure in Article 10 paragraph 1 GG in my opinion too much weight and the legitimate concerns ofthe general public as well as individual citizens effective law enforcement and an effective security on the otherhand too little importance attaches. It also respects the legislature in evaluating the competing interests and thedevelopment of the system rightful scope is too low. For this I refer to the split of my comments in the dissentingopinion of Judge Schluckebier.

343The proportionality test, the Senate majority also suffers from the fact that in her consideration of the greatest ever

engaging a comprehensive, ultimately starts a movement or social profile of the citizentargeted data retrieval.Herein may lie in fact, a procedure which is equivalent to that of a heavy weight in its access to thetelecommunications content of the citizen. This view can, however, disregards the fact that a large number of dataqueries individual events, short periods of time and the telecommunications links only one or a few people (such astelecommunications links to a person in a day or only at a certain hour) have as their object to. One such query datais shown only a slight, at least not with the access to communications content comparable weight intervention,despite the fact that it is answered in the comprehensive scale data collection. By the Senate majority sees ANYdata retrieval is a very serious encroachment on Article 10 paragraph 1 GG, regardless of its actual extent inindividual cases, and therefore the legislature generally constitutionally very high activation threshold holds forcommitted, she is, even if she denies this, in my opinion, also in contradiction to a score that similar data by theSenate without objection, may be interrogated by the authorities, if they are not stored under § 113a TKG, but by theservice provider for operational reasons.

344Based on this, I can support, despite the different weighting in the base, the majority of the Senate to scale

formulated requirements for a permissible use of traffic data for reasons of security and intelligence purposes (CV 2b and c) still, but not the requirements for the use of data for tracking offenses (CV and C VI 2 a 3 a aa). In thatregard, I think that the legislature in § 100g StPO created differentiated approach to data collection and use of lawenforcement to be constitutional. It is the responsibility of each individual case to decide on the admissibility of adata query appointed judge, the legitimate interests of those affected by Article 10 paragraph 1 GG, taking intoaccount the weight of carrying the applied techniques appropriate account, as this name for the crimes committed bymeans of telecommunications offenses in § 100g section 1 sentence 2 StPO expressly required by law, will also.

3454th Even from the standpoint of the majority of the Senate, in my opinion would be merely the unconstitutionality of

the challenged provisions, and determine in accordance with the interim measures adopted in this matter, at leastthe time between data collection and storage of up to arrange for the creation of a constitutional revision was. Withthe seamless annulment of the provisions and the obligation to delete the findings on the basis of the interimmeasures traffic data takes the Senate majority disadvantages for law enforcement, especially the risk of nonexclusion of hazards important conservation interest in buying, although a consultation which the interim in thearrangements meet the requirements formulated in the constitutional principle of holding and expecting acorresponding legal regulation is. Such a solution can not support me.

Eichberger

Machine-translated copy of the judgment of the German Federal Constitutional Court of 2 March 2010...

Documents

Transcript of Machine-translated copy of the judgment of the German Federal Constitutional Court of 2 March 2010...