The Bavarian State Office of Criminal Investigation is currently testing a analysis software from the surveillance company Palantir. However, the use of this software is controversial under data protection law due to the mass data analysis it enables and does not yet have a clear legal basis in Bavaria. Nevertheless, as part of the test phase, the Bavarian police have started to test the function of the software with real personal data.
The analysis software is the "Cross-Procedural Research and Analysis System (VeRA)". The software is designed to quickly link various police databases with one another. For a better understanding, the police databases can be imagined as a large library. Previously, when information was searched for, the relevant data had to be processed by analysts in order to search for cross-connections and to identify correlations. With the "VeRA" software, this process is now to be simplified by the software taking over the evaluation of the data, and the task of the software is not to collect new data. Rather, it brings together previously unlinked police databases and evaluates them. Internal police information on criminal cases and wanted persons, for example, is combined and compared with connection data from telephone surveillance, emails, social media data, the contents of confiscated cell phones and data carriers, etc. This enables the software to identify possible connections, which provides the repressive authorities with relevant informations like for example, who lives where, who is in contact with each other, between which events there is a connection, etc.
This software was developed by the Palantir Group, which also develops surveillance software for US intelligence agencies such as the CIA, NSA and FBI. In the past, the company has already been publicly criticized for its involvement in the "Cambridge Analytica" scandal. At the time, Palantir had helped Cambridge Analytica to evaluate data obtained from Facebook in order to influence election campaigns in favor of right-wing politicians. Palantir is owned by investor Peter Thiel, who is considered an ardent supporter of Donald Trump and part of the so-called "Alt Right" movement.
Thiel and his company are apparently no defenders of data protection. So the use of the surveillance software they developed by the German police has been heavily criticized by data protectionists. On the one hand, the criticism is that the personal rights of many people are violated by the mass data analysis that takes place when the software is in operation. In relation to this, there is also often talk of a " misuse of data". The data to be analyzed is internal police data that is already available to the police authorities anyway, but it is also possible to include external databases such as those from the residents' registration office, the national weapons register, the VISA information system or the central register of foreigners.
Another point of criticism is that the proximity of the company to the American secret services when using the software means that data obtained by the German police could be secretly passed on to the US secret services. This point is indeed an important one for the bourgeois in this country. On the other hand, the years of cooperation with the Yankee secret services also show that the company has the expertise to develop well-functioning surveillance software, which can be a useful tool for German imperialism in the fight against crime and, above all, insurgency in the future.
Similar software, which was also developed by Palantir, has already been in use in Hesse since 2018 and in North Rhine-Westphalia since 2020. However, the Federal Ministry of the Interior was unable to agree on the nationwide use of the software. In June, Interior Minister Nancy Faeser rejected the use of the software by the federal police authorities of the Federal Police and the Federal Criminal Police Office. However, the CSU, together with the CDU and the AFD, wants to put this back on the agenda and try to fight for the nationwide use of the software in the Bundestag. Accordingly, this will currently be an issue in the Bundestag. At the suggestion of Hesse, this issue will be also discussed at the next conference of german interior ministers.
There is actually no legal basis for the use of the software in Bavaria, as the Constitutional Court ruled last February ruled that the use of automated data analysis by police authorities is only permitted with very clear restrictions. However, the Bavarian state government coalition of the CSU and the Free Voters announced that it would simply create the legal requirements for the use of the software itself. The means for this could be the creation of a new state police law that legally authorizes the use of such software. At present, there is no such legal sanction, which makes the use of the software illegal from a data protection perspective. However, this has not stopped the Bavarian state government from testing the software on personal data of real people since March of this year.
It is interesting to note that the Bavarian Ministry of the Interior apparently decided to keep the state data protection commissioner Thomas Petri in the dark about the test use of the software. Petri had say, that he had only recently learned about the months-long test operation of the software from a report of bayrischer Rundfunk. According to his own statement, he has no idea how the test operation works and what the police are doing. Petri did, however, say that he doubted that there was a legal basis for the current use of the software. In the past, he has also repeatedly stated that the use of "VeRA" represents a massive encroachment on the fundamental rights of many people. Petri announced that he wanted to have a review carried out to determine whether the start of the test operation anticipated a legal authorization. It should be noted that the data protection officer has no direct political authority, but rather fulfills an advisory function. However, the fact that the State Data Protection Commissioner was informed about such a matter over such a long period of time shows that the Bavarian Ministry of the Interior probably wanted to start using the software undisturbed by any public attention and data protection observations.