Berlin's Trojan Debate Erupts over Computer Spying

The debate has been simmering for months. But now, with the Interior Ministry in Berlin saying it has designed a Trojan to help spy on the computers of terror suspects, the public is wondering just how far the government should be allowed to reach.

It's a problem that everyone is familiar with: E-mails with misleading subject lines and a tempting attachment that, if opened, immediately installs a virus, worm or Trojan onto your computer. And who knows who they're from or what the malware might want from your hard drive?

Soon, such unwanted mails might be coming from the German government itself. If the Interior Ministry in Berlin has its way, a government Trojan may soon be dispatched to search through the hard drives of terror suspects and send potentially incriminating evidence back to investigators. And the ministry is considering installing such Trojans -- carrying so-called "Remote Forensic Software" -- by means of the misleading e-mail.

Interior Minister Wolfgang Schäuble insists that such cyber spying would only be carried out in a handful of exceptional cases and would only target those suspected of planning terror attacks. Nevertheless, a debate has erupted in the press as to whether Schäuble -- known for his provocative, America-esque anti-terror tactics -- may have once again overstepped his bounds .

The most recent round in the ongoing dispute was kicked off on Wednesday by the publishing of a number of Interior Ministry answers to questions about the program sent in by the Social Democrats in parliament. And for the moment, the program remains on hold -- pending a high court ruling on a cyber-spying law passed by the German state of North-Rhine Westphalia.

But the critics have opened up on Schäuble this week. Federal Commissioner for Data Protection Peter Schaar wondered in an interview with the Frankfurter Rundschau on Thursday how the high-court mandated "core privacy" can be maintained in light of such a strategy. He also had serious doubts about the suitability of the government sending out virus-laden e-mails.

"The police cannot be allowed to present itself as the Cologne Youth Office in order to plant forensic software on the computers of those being investigated," he said. "That is absolutely not allowed."

Representatives from both the Greens and the business-friendly Free Democrats likewise blasted the idea, with FDP domestic policy expert Max Stadler calling for parliament to step in to block it.

The Interior Ministry has done what it can to calm the debate, saying that it wasn't planning on sending out mass mailings to infect as many computers as possible. Rather, each Trojan would be individually tailored to each suspect. Furthermore, they would be programmed to only look for specific bits of information, thereby meeting the high-court's privacy test. "We're talking about maximum of 10 such measures per year," said Jörg Ziercke, president of Germany's Federal Criminal Police Office (BKA), in an interview with newsmagazine Stern.

Critics, though, doubt that Trojans can be so narrowly focused and still be useful. And computer experts doubt whether such an investigative tool is even possible. Despite the Interior Ministry's confidence that such a Trojan could avoid being detected by anti-virus software, Hartmut Pohl, from the "Gesellschaft für Informatik" -- a non-profit informatics group -- says that most anti-virus programs are designed to pick-up "suspicious behavior" and thus might be able to spot the Interior Ministry's Trojan.

And once it is spotted, it would be child's play for suspects to send investigators false "evidence" and put them off the scent, says Frank Rosengart of the Chaos Computer Club.

For now, the debate remains an academic one. But Schäuble once again finds himself at the center of a debate about just how far Germany should be allowed to go to protect itself from terrorism. In July, the minister ruffled feathers  with suggestions that Germany should consider targeted assassinations of suspected terrorists.