Print 15 comment(s) - last by bitterman0.. on Aug 24 at 3:53 PM

Employers in Germany will no longer be able to snoop on Facebook profiles to screen applicants.  (Source: The Guardian UK)

The law also prevents employers from using video surveillance in private locations like restrooms.  (Source: Boston News)

Germany's plan to roll out RFID-equipped national identification cards, which would allow the government to track individuals more easily, is creating controversy. Security experts complain that some information on the card may be easy to steal due to lax protections.  (Source: International Business Times)
One move draws praise from privacy advocates, the other concern

Germany's campaign to protect its citizens from corporate snooping has taken another step forward.  German publications Die Welt ("The World") and Süddeutsche Zeitung ("South German Newspaper") are reporting that the nation's Interior Minister, Thomas de Maizière, has drafted a new privacy law that will restrict the kinds of info current and potential employers can gather. Süddeutsche Zeitung reports that the German cabinet will likely approve the measure on Wednesday, making it law.

The new law, among other things, will prevent employers from snooping on social networking site profiles -- such as MySpace or Facebook pages -- of current employees or job applicants.  From photos of drug abuse to complaints about former employers; such private information has frequently landed individuals in trouble with law enforcement or potential employers.

Employers are allowed to Google search employees still, but the information is out-of-bounds if the individual did not have control of it (for example criticism from a third party) or if it is considered too old.  Employers can still access employee pages specifically designed for professional networking or job seeking, such as 

The measure also bans businesses from employing video monitoring of employees in "personal" locations such as bathrooms, changing rooms and break rooms.  It mandates that if certain other locations 
are under video surveillance, that employees must be notified.  Similarly, the law puts limitations on email and telephone surveillance.  Employers must notify employees if they are going to snoop on these forms of communication.

The German law comes after discount retail chain LIDL was caught spying on employees in restrooms and collecting info on their personal lives.  National railway Deutsche Bahn and telecommunications giant Deutsche Telekom (owner of the U.S. T-Mobile network) were also embroiled in surveillance cases.

Germany has recently taken a stricter stance on corporate privacy intrusions, investigatingApple's collection of users' locations via its iPhone and iPad devices.  It has also sued 
Facebook for what it views as misleading changes to the site's privacy policy.

The new anti-snooping law is perhaps the first of its kind and comes at a time when a recent 2009 CareerBuilder survey indicated that 45 percent of employers look at potential applicants' Facebook profiles and 35 percent have rejected candidates because of their findings.  Other past surveys have indicated similar snooping trends.

Despite Germany's progressive advances in preventing businesses from snooping, the nation is also rolling out another measure that's drawing criticism from privacy advocates.

Germany will be mandating that citizens carry RFID-equipped identification cards.  While identification cards (similar to U.S. driver's licenses) are nothing new, the RFID chips in the new cards will allow government officials to quickly track and locate individuals.  The government says the information stored on the chips will be used by police, customs, tax officials, and passport granting authorities.

Critics are concerned about the possibility of government tracking.  They also complain that the "basic access control" (BAC) protocol used to protect the information on the front of the card, including the picture and the name, has been shown to be easy to hack.  Hackers could steal this information from law-abiding citizens and create forged ID cards, potentially implicating the original owners in drug transactions and other crimes.  

Other information on the card is reportedly protected by a stronger undisclosed proprietary protocol, so it might not be quite that easy for criminal types to gather the necessary info to make a full forged duplicate ID.

German authorities point out that RFID chips are already used in German and U.S. passports and that a great deal of money could be saved by mandating citizens carry the chips.  They insist that their citizens' private data will be kept secure with the cards.

Comments     Threshold

This article is over a month old, voting and posting comments is disabled

By Motoman on 8/23/2010 11:28:37 AM , Rating: 5
...tags in any official identification document are a catastrophically moronic idea.

Do you honestly think making your citizens effectively broadcast all of their personal information everywhere they go is in any way going to increase anyone's security?

By iNGEN2 on 8/23/2010 11:49:00 AM , Rating: 2
Political doublespeak has become so advanced in the western world that it literally means the opposite of what they say. What's even more absurd is the fallacies are so obvious, yet so many still buy into it. The behavior is so common it warrants it's own term. Maybe "willing gullibility"?

By SpaceOddity85 on 8/23/2010 12:09:33 PM , Rating: 4

By Reclaimer77 on 8/23/2010 7:27:54 PM , Rating: 3
Well we're talking about a country that tattooed ID numbers on about 6 million peoples wrists. So in that context, yeah, they probably do think RFID cards are a good idea.

By BarkHumbug on 8/24/2010 7:53:02 AM , Rating: 2
They are hardly alone, please google "us passport rfid" if you don't believe me.

By bitterman0 on 8/23/2010 4:29:17 PM , Rating: 2
Prohibiting potential employers from making a decision based on publicly available information, which was willingly published by the person being researched is a total nonsense. I say the person who publishes a potentially damaging information (like being an illegal drug user, habitual drunkard, extremist, or simply a total idiot) is damaged in the head and deserves to be passed on by a potential employer.

Furthermore, the employers are allowed to read and act upon so-called "criticism from a third party", which "is out-of-bounds if the individual did not have control of it". So consider this. A third party made slanderous remarks toward the individual being researched. The individual has responded to those remarks elsewhere (presumably via means that under the person's control) with factual information and the whole matter was resolved. But the employer can legally read only the original (slanderous) remarks, and not the response. This is doubly-hilarious.

A society that attempts to limit the freedom of information dissemination this way certainly looks more Totalitarian rather than Democratic (or Socialistic as it may be with Germany). Does "The Great Firewall of China" have a familiar ring to it?

RE: Amazing
By rdeegvainl on 8/23/2010 11:54:44 PM , Rating: 2
Employers are allowed to Google search employees still, but the information is out-of-bounds if the individual did not have control of it (for example criticism from a third party) or if it is considered too old.

I think you misread this.

RE: Amazing
By bitterman0 on 8/24/2010 3:53:27 PM , Rating: 2
I stand corrected.

By SuckRaven on 8/23/2010 12:39:19 PM , Rating: 2
I really like the last sentence:

They insist that their citizens' private data will be kept secure with the cards.

Good one..........because we've never had a precedent for massive security breaches with peoples' personal data.

But ohhh....ohhhhhhhh..... They INSIST..... ohhhhh ok.....well it must be 100% secure then.


RE: Security?
By acer905 on 8/23/2010 12:52:09 PM , Rating: 2
Well, there is a good solution for every problem the world faces. Most of the solutions just seem to be a bit too extreme for most people. For a troublesome disease ravaging the world, you round up every singe person who is infected, and put them in a compound that sits directly over the south pole. For security concerns, gather up anyone who has ever been convicted of hacking, and send them to the disease ridden compound. Because they are then exposed to the diseases, they can never leave, because they would be sent back for having a dangerous disease. Two birds with one stone. lol

So in fact
By hughlle on 8/23/2010 11:21:56 AM , Rating: 3
They haven't outlawed it, but are hoping to do.

By wushuktl on 8/23/2010 11:36:47 AM , Rating: 3
It's pretty terrible when someone needs to write a law stating monitoring cameras in bathrooms are outlawed.

Keep a bit drop the rest
By nafhan on 8/23/2010 12:52:04 PM , Rating: 2
If they're trying to protect employee privacy, they should try to push through the portions about video surveillance and advising employees on what is being monitored. That's a big deal IMO. The rest of it seems to range from impossible to enforce to silly to exchanging employer surveillance for government surveillance.

So what do you do when....
By bigdawg1988 on 8/23/2010 1:28:31 PM , Rating: 2
someone in the government inevitably releases the security protocols, because of blackmail, greed, extortion, etc. and all the hackers now know how to access your private data just by sitting around with a scanner? Talking about opening Pandora's box!
That better be some serious security there!

Privacy Smiracy
By mozfet on 8/24/2010 8:08:29 AM , Rating: 2
I don't understand why people are so concerned with the idea that a hacker can read the information that is printed on the front of the card, and can get your photo... who cares? its public information... Everyone can see what your face looks like, and it's easy to photograph people without their knowing. And figuring out your name is just a question of social engineering.

There are so many ways to get to the data that can be read from the ID card, so lets imagine a hacker leaving his computer and goes looking for some personal data "on the street" (ha), and he forgets his laptop and scanning antennae. The hacker employs a little bit of social engineering and asks people to sign a petition against the new ID card project since these cards will leak their private detail to hackers lurking around corners with big antennas. Being all for privacy you do your part, fill in the form, and while you are filling in the form his accomplice takes a picture of you with his mobile phone...

In the real world, that hacker would have stayed home and surfed facebook; or worse hack your facebook account, or worse infect your PC with a Trojan and steal all your user names and passwords as you type. He can even listen in to your VOIP conversations, and steal that naughty little video you made...

The point is that only extremely vigilant people (and paranoid people wearing tinfoil hats) with extremely high standards of privacy are successfully at hiding their identity. These people would also not enjoy the same involvement in society as the rest of us (being nameless and faceless), rarely leave their apartments (cameras everywhere), and probably do not use mobile phones (can be used to trace you), furthermore they would have friends sharing these values in case their privacy leaks...

In my whole life I've not any people matching the description above, so either they do not exist, or they are really good at keeping private.

In general however, people actively hiding their identity are hiding from something else, for example drug dealers and terrorists.

Instead of worrying about bad men lurking around corners with antennae that can figure out my name and what I look like when I walk past them, I would rather enjoy the security of strong cryptography on a smart token to help me prove my identity through a reader installed at home which I can use to login securely at websites and access services... can I have one of those German ID cards please?

"We don't know how to make a $500 computer that's not a piece of junk." -- Apple CEO Steve Jobs

Copyright 2015 DailyTech LLC. - RSS Feed | Advertise | About Us | Ethics | FAQ | Terms, Conditions & Privacy Information | Kristopher Kubicki