Court case G 72-74/2019 G 181-182/2019 – Court Ruling (Austria, 2019)

Austria introduced [https://www.ris.bka.gv.at/eli/bgbl/1975/631/P135a/NOR40202514 § 135a] of the criminal procedures act (StPO) to allow the use of spy software on devices ("government hacking") to be able to tap encrypted communication between smartphones. The mandatory data retention via license plate readers was also challenged before the Court. Members of the Parliament (Social Democrats and the Liberal Party) have applied to the Constitutional Court (VfGH) claiming that the law violates citizens' fundamental rights. The Court decided that the surveillance law that permits the use of spying software to read encrypted messages contravenes the fundamental rights to private life according to Article 8 ECHR, to data protection as foreseen in § 1 of the Austrian data protection act (Datenschutzgesetz - DSG). The Court highlighted the difference between traditional wiretapping and modern computer systems which read encrypted messages. The latter provides insight into all areas of life allowing inferences about the user’s thoughts and preferences. Considering the particularities of the surveillance measure, this control mechanism was deemed to be not sufficient. The Court required an effective independent supervision by an institution which affords all appropriate technical means and human resources both at the beginning of the measure and the entire duration of the surveillance. The Court ruled that the recognition of licence plates, car types and driver pictures in a centralised database of the Ministry of Interior constitutes an indiscriminate data retention.