this post was submitted on 31 Jul 2025
80 points (98.8% liked)

Privacy

3356 readers
76 users here now

Welcome! This is a community for all those who are interested in protecting their privacy.

Rules

PS: Don't be a smartass and try to game the system, we'll know if you're breaking the rules when we see it!

  1. Be civil and no prejudice
  2. Don't promote big-tech software
  3. No apathy and defeatism for privacy (i.e. "They already have my data, why bother?")
  4. No reposting of news that was already posted
  5. No crypto, blockchain, NFTs
  6. No Xitter links (if absolutely necessary, use xcancel)

Related communities:

Some of these are only vaguely related, but great communities.

founded 8 months ago
MODERATORS
fxomt@lemmy.dbzer0.com
otter@lemmy.ca
shaytan@lemmy.dbzer0.com
fxomt@piefed.social
80
Austria legalises state spyware amidst strong opposition (www.statewatch.org)
submitted 2 days ago by Salamence@lemmy.zip to c/privacy@lemmy.dbzer0.com
7 comments fedilink hide all child comments
 

cross-posted from: https://hexbear.net/post/5696151

On 9 July, Austrian parliamentarians passed a highly controversial bill legalising the deployment of state-sponsored spyware, known as the Federal Trojan (Bundestrojaner), to enable the interception of encrypted communications.

The Bundestrojaner bill would give law enforcement agencies the power to install malware on private devices (such as smartphones or laptops) to monitor encrypted messaging applications.

It would do so by amending several laws, including: the State Security and Intelligence Service Act; the Security Police Act; the Telecommunications Act;the Federal Administrative Court Act; and the Judges’ and Public Prosecutors’ Service Act.

The plan sparked widespread concern among privacy advocates, cybersecurity experts, and numerous civil society organisations.

The day before the vote more than 50 organisations, including Statewatch, wrote to legislators.

A joint letter (pdf) called on them to “vote against this dangerous instrument of state surveillance and against a historic step backwards for IT security in the information society.”

Legislators in Austria’s lower parliamentary house, the National Council, voted in favour of the bill, 105 to 71.

The interior minister Gerhard Karner, described it as a “special day for security.” Support for the bill came from the governing parties – the conservative Austrian People’s Party (ÖVP), the Social Democratic Party (SPÖ), and most members of the liberal NEOS party.

Two NEOS MPs, Stephanie Krisper and Nikolaus Scherak, broke ranks to vote against the measure, alongside the Greens and the far-right Freedom Party of Austria (FPÖ).

On 17 July, the Federal Council – the upper house of the legislature – voted by 40 to 19 not to object to the bill, completing the parliamentary process.

The bill now awaits unanimous approval from the governments of Austria’s nine states before it can become, a constitutional requirement triggered by the inclusion of certain provisions on the administrative judiciary.

Nevertheless, opposition parties and civil society organisations have said they will file legal challenges against the measures.

Government officials insist that the spyware will be restricted to targeting messaging apps and that broader system-wide searches will not be permitted.

However, technical experts have repeatedly warned that such limitations are practically unenforceable in real-world applications.

Spyware with the capability to intercept encrypted communications inevitably provides access to a wide array of personal information stored on the device, including photos, files, emails, contacts, and location data.

Critics note that this effectively bypasses all existing security protections, raising serious questions about the proportionality, necessity, and legality of such intrusive surveillance powers.

The current legislation includes some procedural safeguards, in an attempt to respond to critiques of previous state trojan proposals.

These include an extension of the review period for the Legal Protection Commissioner (from two weeks to three months), and transferring the authority to approve spyware deployment from a single judge to a panel of judges at the Federal Administrative Court.

However, the Legal Protection Commissioner is part of the Ministry of the Interior – the very same ministry that authorises and deploys the spyware – raising significant concerns about impartiality and conflicts of interest.

Furthermore, the intelligence agencies themselves conduct the mandatory trustworthiness assessments for the Commissioner and their deputies, further undermining the potential for effective and independent scrutiny of surveillance activities.

The bill was approved in the National Council despite extensive opposition from a broad range of civil society groups, professional bodies, and public institutions – including bar associations, universities, municipalities, press freedom advocates, and medical organisations.

Following the vote, civil society organisations describing the law as institutionalising state hacking by deliberately exploiting software vulnerabilities.

In a joint statement, they said that the government should be working to close these gaps to protect citizens from cyber threats.

The Bundestrojaner has a long and contentious legislative history in Austria. Initial attempts to introduce similar surveillance powers date back to 2016, but they were repeatedly rejected or delayed due to sustained criticism and concerns about privacy violations.

In 2019, Austria’s constitutional court struck down an earlier version of the law, ruling that surveillance of encrypted communications constituted a serious breach of fundamental privacy rights protected under the constitution.

top 7 comments
sorted by: hot top controversial new old
[–] raman_klogius@ani.social 16 points 2 days ago (2 children)

The 21st century is shaping up to be the century of autocracy, huh.

[–] ScoffingLizard@lemmy.dbzer0.com 3 points 1 day ago

I can't even see a way out of it. They'll eventually limit all communications, making it impossible to organize. If they monitor all the phones/devices, and privatize all the mail in the world, we'll all be isolated from each other. This sucks. Gets worse every day. Our best bet is a giant EMP that wipes everything away so that we can adapt and start over.

[–] sugar_in_your_tea@sh.itjust.works 8 points 2 days ago (1 children)

Yeah, I'm not happy. Here's hoping people come to their senses soon.

[–] outhouseperilous@lemmy.dbzer0.com 4 points 2 days ago

people

We're not supposed to be those.

[–] 0_o7@lemmy.dbzer0.com 4 points 1 day ago

Colonial imperialist going back to their roots

[–] gandalf_der_12te@discuss.tchncs.de 1 points 1 day ago* (last edited 1 day ago) (1 children)

Ok so i read this article: https://www.heise.de/news/Oesterreich-Nationalrat-beschliesst-Bundestrojaner-10481818.html

including these dense legal texts:

and it seems they want to only allow it in urgent cases where terrorist attacks ("verfassungsgefährdende Aktivitäten") are suspected. devices can be surveilled for 3 months with a trojan software, then the person has to be notified they were surveilled.

They intend to use keyloggers and screenshots. Apparently, they only want to surveil messenger communications, but not files stored on the device.

If they do find any other dirt on you (evidence of criminal activity), they're gonna report that to the state prosecutor. I.e., random findings are not intended to be ignored.

[–] veniasilente@lemmy.dbzer0.com 2 points 1 day ago

and it seems they want to only allow it in urgent cases where terrorist attacks

Then they just have to call anything they don't like "terrorist attack" (let's say, a comment on climate change) and bam, instant nazism.