24.2k unique visitors in the last 3 days

New German Law Forces Telcos to Assist State Surveillance with IMSI-Catchers

German spooks and cops are upgrading their surveillance strategy to cope with 5G.

Germany has amended its telecommunications laws to force mobile networks to cooperate when law enforcement uses IMSI-catchers for surveillance. IMSI-catchers perform like base stations in a mobile network, connecting to mobile phones in the vicinity in order to intercept calls and messages through a version of the man-in-the-middle subterfuge. German spooks and cops have so far been able to use IMSI-catchers without needing the assistance of telcos but the different architecture for 5G networks means the IMSI-catcher must be accepted by the operator’s network for it to be presented like a legitimate node to the target’s handset.

The new law not only requires mobile operators to assist surveillance, but also to keep this secret from users. This means the network must ensure that no information on the user’s handset should indicate the device is not connected to a regular base station. One downside to IMSI-catchers is that they are indiscriminate. Law enforcement may have permission to surveil a specific target but their IMSI-catchers will seek to connect with any device within range. Limitations on the abuse of this power are procedural and legal in nature, rather than being technological. It is not clear how phone users can seek redress if their privacy is ever abused using an IMSI-catcher, as it is unlikely they would ever find out.

German law has also been changed to make it easier for the German authorities to spy on inbound roamers from other EU countries. German telcos now need to include in contracts with other EU comms providers a provision that allows them to obtain an unencrypted copy of any communication that occurs whilst users are roaming in Germany.

It is often suggested that Germany has a culture that opposes surveillance because of the totalitarian regimes which governed it during the 20th century. This was most effectively depicted during the 2006 film Das Leben der Anderen (pictured) which dramatized a Stasi operation to discredit a playwright by obtaining information about his private life. However, there are few signs that the leaders of Germany’s two largest political parties care about safeguarding the privacy of anyone using 21st century electronic communications. The latest refresh of German comms law guaranteed fast broadband connections for every German but was silent about other overdue questions concerning privacy and security, such as whether Germany is prepared to risk exports to China by limiting the equipment suppliers used by German networks.

Eric Priezkalns
Eric Priezkalnshttp://revenueprotect.com

During his career, Eric has been a Director of Risk Management for a national telco, the Chief Executive of the Risk & Assurance Group, a Chief Marketing Officer for a software business, a consultant, a public speaker and the publisher of Commsrisk since its launch in 2006. Look here for more about the history of Commsrisk and the role played by Eric.

The comms providers that Eric has worked for include Qatar Telecom, Cable & Wireless, T‑Mobile, Sky and Worldcom. In addition to his proficiency at speaking about the current scamdemic, Eric is also a qualified chartered accountant and a subject matter expert in consumer protection, enterprise risk management, fraud prevention, data integrity and billing accuracy. Eric was the lead author of Revenue Assurance: Expert Opinions for Communications Providers, published by CRC Press. He can be reached through the contact form on this website.

Related Articles

The Commsrisk Global Fraud Dashboard


Our Global Fraud Dashboard uses AI-powered search to collate, update and visualize data about scams and other network abuses from around the world. New charts are added each month. See it here.

Get Our Weekly Newsletter by Email