EMET NEWS PRESS

Why is data procurement not a neutral purchasing process?

The procurement of commercial location data by state security authorities is not a neutral purchasing process. It concerns the core of state intervention powers. If police, intelligence or military security actors obtain movement profiles not through legally defined collection powers, but through private data brokers or analytics platforms, an intervention-law bypass risk emerges.

The intelligence value corresponds to a rights-intensive surveillance measure. The procurement channel, however, lies outside the traditional architecture of statutory intervention powers. This is the constitutional fault line.

From a constitutional perspective, it is not decisive whether the data was initially collected by private actors, apps, software development kits, advertising networks or data brokers. What matters is state use. Article 1(3) of the German Basic Law directly binds the executive to fundamental rights.

State authorities do not act in a rights-neutral manner when they purchase, analyze, merge or feed personal location data into investigative, situational or security decisions. Private market availability does not replace sovereign authority to use the data.

What standards does the Federal Constitutional Court set?

Since the Census Judgment, the Federal Constitutional Court in Germany has developed the right to informational self-determination as a defensive right against uncontrolled state collection, linkage and use of personal data. State data processing requires a sufficiently specific statutory basis, a legitimate purpose, clear intervention thresholds, limited use, documentation and effective oversight.

These requirements do not apply only to classical surveillance. They apply especially to digital data processing with broad reach and high analytical depth.

Location data has a particular intensity of interference. It does not merely capture technical communication traces. It captures spatially mapped life conduct. It can reveal home address, workplace, contact locations, political assemblies, religious practice, medical facilities, border movements, official routes and presence in sensitive security areas.

In aggregated form, movement profiles, contact patterns and pattern-of-life analyses emerge. The measure shifts from targeted investigation to spatial behavioral analysis.

The Federal Constitutional Court’s case law on automated number plate recognition provides a relevant benchmark. Automated collection, matching and further use of mobility data may already constitute an interference with fundamental rights. This applies even where not every person recorded is a target.

For precise app-based location data, the depth of interference is greater. Such data does not merely reveal isolated movements. It can reconstruct location routines, contact axes and recurring behavioral patterns.

Where does the functional bypass problem arise?

The procurement of commercial location data creates a functional substitution problem. Section 100g of the German Code of Criminal Procedure regulates the collection of traffic and location data in criminal proceedings under specific conditions. The legislature ties such access to suspicion, purpose, necessity and oversight.

If the same intelligence value is obtained through data brokers without a comparably specific legal authorization, a layer of access emerges outside the intended criminal-procedure safeguards. The data type remains the same. The depth of interference remains the same. Only the procurement channel is privatized.

This assessment does not require the sweeping claim that German police authorities already use commercial location data systematically and unlawfully. The legally relevant issue is the risk structure.

If an authority uses market-available location data for identifiable analysis, target selection or investigative steering, that use must be measured against the same constitutional standards as state collection of comparable depth. A security authority cannot retreat into the role of a mere customer when it uses data for sovereign purposes.

Why is private availability not sufficient?

The Federal Constitutional Court’s double-door doctrine reinforces this finding. Both the transmission of personal data and the official retrieval of that data require separate and legally sound statutory bases.

This creates a three-stage review.

First: Was the original collection of location data by an app, SDK, advertising network or data broker lawful?

Second: Was the transmission or sale to further actors purpose-bound, transparent and compatible with data protection law?

Third: Does state retrieval, analysis and further use rest on an independent, sufficiently specific legal authorization?

The third stage is constitutionally decisive. Even a commercially available dataset may not be transferred into security-authority analysis without specific state authority where this creates movement profiles, contact patterns or target-person profiles.

The Basic Law protects not only against state data collection. It also protects against state use of private datasets once that use reaches substantial fundamental-rights relevance.

Why is consent problematic under data protection law?

From a data protection perspective, the underlying data basis is additionally burdened. Commercial location data often rests on app consents whose scope users can hardly assess. Valid consent requires freedom, specificity and informed decision-making.

A person granting location access to a weather, gaming or navigation app does not automatically consent to later use by security authorities, intelligence-service providers, military security actors or analytics platforms.

The longer the data chain, the weaker the purpose limitation. The less transparent the transfer, the greater the risk of unlawful processing.

How do German police, intelligence services and military security actors differ?

For police authorities, a criminal-procedure boundary arises. In criminal prosecution, the availability of commercial location data must not functionally devalue Section 100g of the Code of Criminal Procedure, judicial authorization, suspicion thresholds, documentation duties and later judicial review.

A measure that would be permissible through direct state collection only under narrow conditions cannot become a low-threshold investigative tool merely because it is purchased.

For public-order and preventive policing authorities, the legal test shifts, but the constitutional standard does not. Here, state police laws, concrete danger thresholds, proportionality and clarity of statutory authority are central. Even in the preventive field, spatial mass analysis or identifiable movement analysis requires a specific legal basis.

For intelligence services, separate authorization and oversight regimes apply. Their work is more strongly oriented toward pre-threat intelligence. That does not reduce their fundamental-rights obligations. Precisely because intelligence data processing is often covert, long-term and networked, purpose limitation, data minimization, logging, parliamentary oversight and subsequent legal-protection mechanisms must be precisely regulated.

Commercial location data cannot be treated as control-free open-source information where it enables identifiable movement profiles.

For military security actors, the operational relevance is also substantial. Location data can be used for force protection, operational security, access protection, movement analysis and risk assessment. In operational theatres, it can expose military personnel, sensitive locations, movement axes and routines.

Domestically, such use is subject to strict constitutional limits. Military expediency does not replace jurisdictional rules, fundamental-rights review or statutory authority.

What operational value does location data have?

Operationally, the tactical utility is clear. Location data enables the identification of places of presence, movement axes, contact points, recurrence patterns and proximity to crime scenes.

At the tactical level, it supports target validation, operational preparation and prioritization of further measures.

At the operational level, it enables the consolidation of situational pictures, the creation of contact and movement profiles and the steering of further intelligence measures.

At the strategic level, it risks normalizing a security-authority access infrastructure outside specific intervention norms.

This capability is precisely what triggers the constitutional oversight duty. The higher the operational intelligence value, the stricter the requirements for legal authorization, intervention threshold, purpose limitation, documentation and oversight.

Data availability does not replace statutory authority. Budget funds do not replace judicial authorization. Technical exploitability does not replace proportionality review.

What does this mean for evidence collection and evidentiary use?

In criminal procedure, a distinction must be made between evidence collection, evidentiary use and indirect downstream effect.

A prohibition on evidence collection concerns whether specific information may lawfully be obtained through a particular method.

A prohibition on evidentiary use concerns whether unlawfully obtained information may be used in criminal proceedings.

Downstream effect concerns whether later, formally lawfully obtained evidence remains admissible if it rests substantially on a prior unlawful or constitutionally impermissible data access.

German criminal procedure does not recognize an automatic exclusionary rule for every unlawfully obtained item of evidence. The decisive test is a balancing exercise based on the weight of the interference, the protective purpose of the violated norm, the seriousness of the procedural violation, the degree of deliberate circumvention and the weight of the public interest in prosecution.

A prohibition on evidentiary use is particularly relevant where investigative authorities act gravely, arbitrarily or in deliberate circumvention of statutory safeguards.

For location data, this balancing test carries particular weight. If commercially acquired movement profiles are introduced directly as evidence, there is a substantial risk of inadmissibility where the data was obtained without a legally sound authorization, without required judicial control or in circumvention of criminal-procedure requirements.

The interference does not concern isolated technical peripheral data. It concerns the spatial structure of the person. This increases the weight of the fundamental-rights interference.

Why is indirect evidentiary use particularly dangerous?

Indirect use is more complex. German law does not adopt a rigid “fruit of the poisonous tree” doctrine. Nevertheless, later formally lawful evidence can become problematic if it substantially rests on a prior unlawful or constitutionally impermissible location-data analysis.

The decisive question is whether the later evidence was truly obtained independently or whether the impermissible pre-investigative information first generated the target person, investigative direction or measure.

The central risk lies in file-invisible pre-investigative use. Broker data does not have to be introduced into the case file as evidence. It may serve as an investigative lead. Afterwards, surveillance, cell-site requests, searches or other overt measures can be formally placed on an independent basis.

The procedure then appears legally ordered, even though the investigative direction was prepared by a prior, uncontrolled data access.

This touches the fair-trial principle, file accuracy and effective defense. Courts and defense counsel must be able to examine the source from which an initial suspicion, target selection or investigative measure arose.

If the use of commercial location data remains invisible in the file, judicial control is functionally devalued. The defense cannot challenge the legality of the evidentiary chain if the origin of that chain is not disclosed.

This creates a legal-policy and constitutional-dogmatic need for a specific duty to document and disclose. If commercial data sources, analytics platforms or broker data were used in the pre-investigative phase, this must be recorded, reviewable and disclosable in proceedings.

Without source transparency, it cannot be determined whether later measures rest on lawful intelligence gathering or on concealed circumvention of statutory intervention thresholds.

What does this mean for the German executive?

The executive assessment is clear. Police authorities, intelligence services and military security actors are not free security actors. They are bound by jurisdiction, statute and fundamental rights.

Their mandate is not maximum intelligence collection at any price. It is security within the framework of the constitution. Operational expediency must not replace the intervention architecture.

An authority that obtains through data markets the same intelligence value that it could acquire directly only under high statutory thresholds operates in a constitutionally high-risk zone.

What are the consequences for democracy and the rule of law?

For democracy and the rule of law, the issue is structurally relevant. A democratic state must not allow a security-authority access layer to emerge outside specific intervention norms.

If state bodies can access personal mass data without clear parliamentary authorization, without independent prior control, without documentation duties, without notification and without court-proof transparency, the boundary between legally structured investigation and market-mediated pre-investigative intelligence becomes blurred.

The constitutional consequence is clear. Government procurement of commercial location data requires specific statutory regulation or an explicit ban on particularly intrusive data categories.

At minimum, the following safeguards are required: clear statutory authorization, narrowly defined purpose, concrete intervention threshold, judicial authorization for identifiable location analysis, logging and deletion duties, notification duties, parliamentary oversight and disclosure duties in criminal proceedings.

Without these safeguards, the depth of interference and the protection of fundamental rights are no longer determined by law, but by the market availability of personal data.

That would not be a technical modernization of state security work. It would be a shift in the surveillance architecture: from legally structured data collection to market-mediated target, movement and behavioral analysis. The constitutional state must precisely regulate or prohibit that shift.

Glossary

Case-file-invisible pre-investigative use
Operational use of information without its origin appearing fully in the investigative file. This becomes problematic where later measures appear formally lawful but rest on undisclosed data access.

Prohibition on evidence collection
A rule barring authorities from obtaining specific information through a particular method. It concerns the legality of the collection or investigative measure.

Prohibition on evidentiary use
A rule barring the use of unlawfully obtained information in criminal proceedings. In German criminal procedure, it usually depends on a balancing test rather than automatic exclusion.

Double-door doctrine
Federal Constitutional Court doctrine requiring separate legal bases both for the transmission of personal data and for official retrieval of that data.

Fair-trial principle
A core principle of constitutional criminal procedure. It requires a fair process, effective defense and judicial reviewability.

Downstream effect
The problem of indirect evidentiary use. It concerns whether later evidence remains admissible when it substantially rests on prior unlawful data access.

Force protection
Protection of one’s own personnel, facilities and movements from surveillance, attack or compromise. Location data can support force protection but can also expose friendly forces.

Informational self-determination
The fundamental-rights-based authority of individuals to decide, in principle, how their personal data is disclosed and used.

Pattern-of-life analysis
Analysis of recurring movement, location and contact patterns. It can reveal routines, networks and operational vulnerabilities.

Judicial authorization
A requirement that particularly intrusive measures be ordered or reviewed in advance by a court.

Location data
Data revealing a person’s places of presence, movements or spatial patterns. It may originate from mobile networks, apps, GPS, Wi-Fi, Bluetooth or advertising networks.

Purpose limitation
A data protection and constitutional principle requiring personal data to be processed only for clearly defined and lawful purposes.

References

Federal Constitutional Court – Census Judgment
Foundational decision on informational self-determination and the constitutional limits of state data collection.
www.bundesverfassungsgericht.de

Federal Constitutional Court – Automated Number Plate Recognition
Case law on the interference character of automated mobility-data collection and state data processing.
www.bundesverfassungsgericht.de

Federal Constitutional Court – Subscriber Data Access and Double-Door Doctrine
Case law on the need for independent legal bases for data transmission and official data retrieval.
www.bundesverfassungsgericht.de

German Code of Criminal Procedure – Section 100g StPO
Central provision governing the collection of traffic and location data in criminal proceedings.
www.gesetze-im-internet.de/stpo/__100g.html

General Data Protection Regulation – Articles 6 and 7 GDPR
Rules on lawfulness, consent, freedom of consent and purpose limitation in personal data processing.
www.gesetze-im-internet.de/dsgvo

European Data Protection Board – Guidelines on Consent
Guidance on freedom, specificity and informed nature of consent under data protection law.
www.edpb.europa.eu

Electronic Frontier Foundation – Location Data and Law Enforcement
Analysis of the use of commercial location data by security authorities and platforms such as Locate X.
www.eff.org

ACLU – Government Purchase of Location Data
Documentation and legal criticism concerning government acquisition of commercial location data in the United States.
www.aclu.org

Federal Trade Commission – Data Broker Enforcement
Proceedings and decisions concerning location data brokers, sensitive movement data and commercial data transfers.
www.ftc.gov