October 08, 2024 /
As particularly securesecure were the so-called Encrochat cell phones, which therefore very popular with criminals. popularity with criminals. The manufacturer promised maximum security through a particularly high form of encryption of the communication. Thanks to international cooperation between law enforcement authorities, it was possible to offenders are identified and convicted.
What is Encrochat?
In the eternal cat-and-mouse game between law enforcement agencies and (organized) crime, protection against wiretapping also plays an important role. The so-called Encrochat cell phones, which were priced between €1,000 and €2,000 and could only be purchased via certain contacts, were supposedly tap-proof. The provider advertised end-to-end encrypted chat communication, self-destructing messages, encrypted notes and tap-proof telephony. It was also possible to format the entire cell phone with a “kill” command. If desired, some otherwise rather ordinary services such as GPS or camera could be canceled, which promised additional security. Even though Encrochat presented itself as a reputable company, the cell phones were primarily used by criminals to plan and organize crimes such as drug smuggling, robbery or human trafficking.
How Encrochat was cracked
Various European authorities, primarily French investigative authorities, investigated the purposes for which the devices were used. Work intensified from 2020. The focus was not on trying to crack the encryption in the first place, but rather on locating the server location. Even though the exact procedure is still classified as secret, it was possible to track down the server in the Netherlands on which the Encrochat domain ran. With a court order, the server was accessed and a so-called Trojan was installed with an “update”. From then on, the authorities were able to read millions of messages sent and collect data. Data that has led to numerous criminal proceedings throughout Europe to this day.
The use of the data & its legality
The collected data records ultimately led to a Europe-wide wave of arrests, and numerous proceedings were also conducted in Germany. In a case that has now been published, the judges at Rostock Regional Court were convinced of the perpetrator’s guilt through the use of Encrochat data and sentenced the defendant to prison. In 2022, the BGH confirmed the verdict.
The convicted person then turned to the Constitutional Court on the basis that it was necessary to clarify the extent to which the use of Encrochat data was permissible. The Federal Court of Justice should have referred the matter to the EUGB.
The BVerfG declared the complaint inadmissible, as a violation of fundamental rights should have been asserted before the BGH.
It was also not clear from the complaint that the BGH should have referred the matter to the European Court of Justice.
Sources:
https://www.spiegel.de/panorama/justiz/bundesverfassungsgericht-verfassungsbeschwerde-zu-encrochat-gescheitert-a-0b9fd50f-d052-4694-adae-7ffe22ef08e8
https://www.juracademy.de/rechtsprechung/article/encrochat-daten-verwertbarkeit
https://www.lto.de/recht/nachrichten/n/2bvr55822-bverfg-encrochat-beweisverwertungsverbot-strafverfahren-daten-ueberwachung/
https://www.sueddeutsche.de/digital/encrochat-verschluesselung-europol-1.4956346