Lower Saxony: SPD and Greens against Palantir surveillance software

The governing parties SPD and Greens in the Lower Saxony state parliament continue to reject the use of analysis software from the US company Palantir. After a hearing in the Interior Committee, a parliamentary majority against its introduction thus remains, as reported by NDR. Both parliamentary groups refer in particular to data protection concerns and possible dependencies on a US technology group. Representatives of Palantir, on the other hand, assured that a data leak is technically impossible.

The SPD warned the NDR against creating new dependencies on a "US surveillance group". The Greens also maintain their criticism and continue to describe the software as a "black box" whose functionality and possible effects on fundamental rights cannot be sufficiently controlled. Both parliamentary groups advocate instead for European or state solutions for the analysis of police data.

The CDU wants to reform the Police Act so that the police can use special software and solve criminal offenses more effectively. "If I now have a data history in the area of domestic violence, for example, that spans pages, it is hardly possible for the investigator to penetrate this data at all anymore," Christian-Tobias Gerlach from the German Police Union told NDR. It remains open which technical solutions are legally and politically acceptable.

Manuel Atug from AG KRITIS criticized in the hearing that "Data Pipelines" continuously feed information from police systems into a central data model and evaluate it there as a network of relationships. The procedure effectively leads to a "dragnet search by design". Data from police proceedings, for example from witnesses, victims, or informants, would thus be used for analyses, although they were originally collected for a specific purpose. Without prior legal labeling and clear restriction of permissible data, such comprehensive evaluation is constitutionally problematic.

In addition, AG KRIITIS warns of structural dependencies on the provider. Since the company's employees develop and maintain the data pipelines, they have insight into processing logic and potentially also access to data. Analysis platforms of this type can facilitate investigations, but at the same time create an infrastructure that could also be used for comprehensive surveillance or automated decision-making processes if political frameworks change. In the long term, the platform also enables the integration of AI models and automated analyses up to forms of "Predictive Policing".

"Develop P20 data hub further"

As an alternative, AG KRITIS suggests focusing on the expansion of the nationwide project "P20 Data Hub" instead of relying on external platforms. "Instead of investing a lot of money in Palantir's citizen-rights-disregarding espionage software, it would therefore be more effective to finally prioritize and implement P20. All police data must be labeled and its purpose limitation respected," says Atug.

Police databases should first be structured technically and legally sound, including the labeling of the respective legal basis for each stored data record. Only on this basis could analysis functions be developed that meet the requirements of the Basic Law and data protection. Although the parliamentary groups generally agree that the police and security authorities need better tools for handling large amounts of data.

(mack)