1. Skip to content
  2. Skip to main menu
  3. Skip to more DW sites

German prosecutors investigate spyware maker

Samantha Early
September 5, 2019

Munich prosecutors have launched a probe into a company accused of illegally selling spy software, German media report. The FinFisher product was reportedly used against opposition protesters in Turkey.

A smartphone showing various apps is seen in Ankara, Turkey in October 2017
Image: picture-alliance/dpa/AA/A. Unal

Public prosecutors in Munich are investigating whether German company FinFisher broke the law by exporting powerful spying software without a permit.

German public broadcasters NDR, WDR, BR and daily newspaper Süddeutsche Zeitung, quoting a spokeswoman for the prosecutor's office, reported that directors and employees of FinFisher and two further companies were being investigated.

Read more: Turkey used German spy software on opposition politicians and activists

The probe was prompted by earlier investigations by the media outlets and a complaint filed by anti-surveillance NGOs Reporters Without Borders, Netzpolitik.org, the Society for Civil Rights (Gesellschafft für Freiheitsrechte, GFF) and the European Center for Constitutional and Human Rights.

The NGOs said there was a  "probability bordering on certainty" that malware used in 2017 to target anti-government protesters in Turkey was a FinFisher product called FinSpy. The spyware allows users to access targets' contacts, chat messages, phone conversations, photos and videos, including those on WhatsApp, Facebook Messenger and Skype. It basically gives unimpeded access to targets' phones, according to the NGOs.

The company declined the broadcasters' request for comment.

People are the biggest security loophole

Strict export rules

Germany has classified software and devices that can be used to spy on people as dual-use products, which could serve civilian as well as military purposes. To avoid misuse, such products must be approved for export by the Federal Office of Economics and Export Control (BAFA), part of the Economics Ministry, before they can be sold in a non-EU country.

The software in question was developed in 2016, according to an analysis of its source code by digital rights group Access Now and independently confirmed by a German university. A spokesman from the Economy Ministry said the government had not issued any export permits for spying software since 2015, meaning that according to the NGOs the export must have happened without a permit.

Used in Turkey

The German media outlets reported last year that Finspy was used in Turkey to spy on opposition protesters.

During protests in July 2017 organized by the Republican People's Party (CHP) against Turkish President Recep Tayyip Erdogan, fake Twitter accounts posted links to websites which promised protesters information about the demonstrations if they downloaded a smartphone app.

The app contained spying software which was identified by the NGOs as FinSpy.

FinFisher is well-known in Germany for developing the so-called "Bundestrojaner" spying software that law enforcement authorities use, with a judge's permission, to track the smartphones of crime suspects. It has also made headlines in the past because its products were found to be used by authoritarian regimes against opponents in several countries.

Hacking for Germany

Every evening at 1830 UTC, DW's editors send out a selection of the day's hard news and quality feature journalism. You can sign up to receive it directly here.