Federal Constitutional Court - Press office -
Press release no. 79/2009 of 15 July 2009
Order of 16 June 2009 – 2 BvR 902/06 –
Seizure and confiscation of emails on the provider’s
mail server not unconstitutional
The Second Senate of the Federal Constitutional Court rejected a
constitutional complaint against the seizure and confiscation of emails
saved on the provider’s mail server as unfounded. Although these
measures interfere with the constitutionally guaranteed secrecy of
telecommunications as enshrined in Article 10.1 of the Basic Law
(Grundgesetz – GG), the general provisions governing criminal procedure
under §§ 94 et seq. of the Code of Criminal Procedure
(Strafprozessordnung – StPO) justify that interference with the secrecy
of telecommunications if the principle of proportionality and objective
requirements regarding the corresponding form of the criminal
proceedings have been met.
The constitutional complaint was based on the following facts:
In the course of preliminary investigations against third parties on
charges of fraud and breach of trust, the Local Court (Amtsgericht)
ordered that the complainant’s apartment be searched in order to locate
documents and data carriers, in particular text files and emails which
were to be used as evidence. The complainant had set up his email
program so that his emails were not transferred to his personal computer
after they had been opened, as is standard practice, but that they would
thereafter remain saved in an access-protected part of his provider’s
mail server. The emails could only be read online on the complainant’s
PC, i.e. after an internet connection had been established. The
complainant pointed that out to the persons carrying out the
investigations whilst his apartment was being searched. However, he
protested against his emails being accessed because the search warrant
did not permit that.
The Local Court thereupon ordered that the data on the complainant’s
email account be confiscated from his provider. The complainant was
aware of this order, which the public prosecution office had applied for
by telephone from his apartment and which had been transmitted there by
the Local Court. That same day approximately 2,500 of the complainant’s
emails which had been saved on the mail server in the period between
January 2004 and March 2006 were copied onto a data carrier by the
provider and handed over to the investigating authorities. The complaint
against that method of procedure was unsuccessful. In response to the
complainant’s application for a temporary injunction, the Third Chamber
of the Second Senate of the Federal Constitutional Court ordered, by way
of a temporary injunction, that the Local Court seal the individually
listed data carriers, printouts and documents and take them into safe
keeping.
The Second Senate of the Federal Constitutional Court then the
constitutional complaint as unfounded and found that the contested
decisions met the constitutional requirements for the associated
interference with Article 10.1 GG, and that therefore the complainant’s
fundamental rights had not been violated on account of the emails having
been seized from his provider’s server.
In essence, the decision is based on the following considerations:
The access-protected content of communication on an email account to
which the user only has access via an internet connection is protected
by the secrecy of telecommunications (Article 10.1 GG). The account
holder has no technical means of preventing the provider from passing
the emails on to third parties. This lack of control for technical
reasons justifies the special need for protection by means of the
secrecy of telecommunications, which aims to counteract those threats to
confidentiality which result from the use of a means of communication
which is easier for the state to access than direct communication
between physically present individuals. That applies regardless of
whether an email is saved temporarily or permanently on the provider’s
mail server. The fact that no dynamic telecommunications process takes
place in the period in which the emails "lie dormant" on the provider’s
mail server poses no obstacle to the protection under Article 10.1 GG
being afforded. Article 10.1 GG does not apply the purely technical
definition of telecommunication used in the Telecommunications Act
(Telekommunikationsgesetz), but rather takes as its point of reference
the holder of fundamental rights and his or her need for protection on
account of third parties intervening in the communication process. The
specific threat situation and the objective of guaranteeing freedom
under Article 10.1 GG continue to exist even if the emails remain saved
on the provider’s server after being read. The seizure and confiscation
of emails saved on the provider’s mail server interfere with the area of
protection of the secrecy of telecommunications. The saving of emails on
the provider’s mail server, an area over which the user has no control,
does not mean that the user thereby agrees to third parties having
access to these data.
The provisions governing criminal procedure under §§ 94 et seq. StPO in
principle permit the seizure and confiscation of emails which are saved
on a provider’s mail server. They thus meet the constitutional
requirements to be made regarding the legal authorisation to interfere
with the secrecy of telecommunications. In particular, they therefore
comply with the principle of definiteness and clarity of legal
provisions.
§§ 94 et seq. StPO are also proportional in respect of the seizure and
confiscation of emails saved on a provider’s mail server. Effective
criminal prosecution, crime suppression and the public’s interest in as
complete an investigation of the truth as possible in the course of the
criminal proceedings are legitimate objectives which can justify
restricting the secrecy of telecommunications. Proportionality can be
observed without the need to limit access to emails saved on the
provider’s server to investigations which at least refer to criminal
offences of substantial significance and without the need to specify
that the suspicion of an offence goes beyond the initial suspicion.
This particular instance of interference on the basis of §§ 94 et seq.
StPO was also proportional. Account must already be taken of the
protection of the secrecy of telecommunications when issuing the search
warrant, insofar as the concrete circumstances allow that without the
purpose of the investigations being jeopardised, by the inclusion of
specifications which restrict the evidence to what is necessary. Where a
large number of electronically stored emails are to be accessed, those
constitutional principles must be guaranteed which the Senate developed
in a decision regarding the searching and confiscation of an extensive
electronic data stock (see Decisions of the Federal Constitutional Court
(Entscheidungen des Bundesverfassungsgerichts – BVerfGE, 113, 29 (52 et
seq.)). The securing of excessive data which are of no importance for
the proceedings is to be avoided wherever possible.
It will not always be possible to carefully read and sort emails
according to their relevance for the proceedings at the place of access.
Where the circumstances of the respective criminal charges and the –
also technical – possibilities of data gathering do not allow them to be
properly sorted straightaway, the temporary seizure of large parts or
even of all the emails must be considered, followed by an examination in
accordance with § 110 StPO in order to determine the emails’ potential
relevance and usability as evidence. Where it is not possible for the
criminal prosecution authorities under reasonable conditions whilst
examining said emails either to categorise those emails which are of
relevance in the proceedings or to delete or return those emails which
are not of relevance in the proceedings, the principle of
proportionality does not pose an obstacle to the entire data stock being
confiscated. However, it must be considered on a case-by-case basis
whether extensive data access complies with the prohibition of
excessiveness.
Where there are factual indications that access to stored
telecommunications covers content which belongs to the core area of
private life, such access must not occur. It must be ensured that
content of a highly personal nature is not saved and utilised, but is
immediately deleted in those cases in which it has, by way of exception,
been collated.
The effective protection of substantive fundamental rights also requires
that the form of the proceedings be appropriate. Where emails are seized
from an inbox on a provider’s mail server, the email account holders
must always first be informed by the criminal prosecution authorities so
that they can at least exercise their rights whilst their emails are
being examined. Where emails saved on a provider’s mail server are, by
way of exception, seized without the knowledge of the email account
holder, he or she is to be informed of that fact as early as the
effective fulfilment of the purpose of the investigations permits. § 35
StPO and § 98.2 sentence 6 StPO meet these requirements.
The examination of papers pursuant to § 110 StPO is intended to prevent
excessive and permanent data acquisition. It may be necessary, in order
to observe proportionality, to involve the holder of the account from
which emails have been seized whilst their relevance for the proceedings
is being investigated. The decision as to whether his or her
participation in the investigation of the seized emails is necessary is
to be taken on a case-by-case basis, taking account of effective
criminal prosecution on the one hand and the intensity of the data
access on the other.
Where emails are saved and analysed by the investigating authorities, it
may be necessary to inform the affected persons of the data acquisition
in order to enable them to prevent their fundamental rights possibly
being compromised. This requirement is met by means of the special
provisions governing criminal procedure regarding information under §
147, § 385.3, § 397.1 sentence 2 StPO in conjunction with § 385.3, §
406e and § 475 StPO, as well as, in the case of persons not involved in
the proceedings, § 491 StPO. The delimited purpose of the data
acquisition in principle necessitates the return or deletion of all
those emails which were copied but which were not required to achieve
the intended objective. § 489.2 StPO contains corresponding protective
measures.
This press release is also available in the original german version.
|
