Start­ing this week Ger­man law­yers have to have avail­able a means of elec­tron­ic com­mu­nic­a­tion developed just for them: the spe­cial elec­tron­ic law­yers’ mail­box (beson­deres elektron­isches Anwalt­s­post­fach or beA). The prob­lem is, the beA is inher­ently insec­ure, which is why it seems bet­ter to avoid using it. This would include not lit­ig­at­ing in a Ger­man court, if pos­sible, if there’s a chance the oppon­ent or the court will use the beA in the pro­ceed­ings. This seems to be all the more indic­ated where there’s a risk of snoopery and foul play by oppon­ents or third parties, or where the stakes are high – and when aren’t they?

besonderes elektronisches anwaltspostfach bea special electronic lawyers’ mailbox special electronic mailbox for lawyers special advocates' mailbox German deutsch

One Card to Bring Them All and in the Dark­ness Bind Them

The beA is a com­mu­nic­a­tion sys­tem under the aegis of the Ger­man Fed­er­al Bar Asso­ci­ation (Bundes­recht­san­walt­skam­mer or BRAK). Its pur­pose is to enable encryp­ted elec­tron­ic com­mu­nic­a­tion between law­yers, and between law­yers and Ger­man courts or judi­cial author­it­ies.

In prin­ciple, this is a very good idea. No law­yer wants to dodge elec­tron­ic com­mu­nic­a­tion, but as and of itself elec­tron­ic com­mu­nic­a­tion isn’t very secure. This is rel­ev­ant because law­yers deal with people’s and com­pan­ies’ know-how, trade secrets, intern­al affairs, even dirty laun­dry. The hand­ling of these things by law­yers is priv­ileged, and this is why law­yers are under the strict pro­fes­sion­al duty to keep their cli­ents’ inform­a­tion con­fid­en­tial and secure.

In oth­er words, there’s a real need for secure, encryp­ted elec­tron­ic com­mu­nic­a­tion for law­yers. Yet, Ger­man law­yers haven’t wel­comed the beA with open arms. Their reas­ons are man­i­fold, some col­leagues have even taken their issues to court. Of course.

Indeed the beA is an error-prone mon­stros­ity con­ceived by too many ama­teurs and too few experts. The debate about it has been raging in the Ger­man leg­al world for years, since before it was first launched. There are so many defi­cien­cies, it’s not funny. But its main flaw is that it isn’t secure. It hasn’t been since its incep­tion. As such, it defeats its main pur­pose.

Bad Starts, Repeatedly

The beA was first launched in 2016, and a pleth­ora of short­com­ings and secur­ity flaws sur­faced imme­di­ately. It simply wasn’t state of the art. As a res­ult, hardly any­one was using it, because why would they.

How­ever, stat­ute decreed 1 Janu­ary 2018 as the offi­cial start­ing date for the duty to use it, if only pass­ively. Pass­ively means: whatever gets sent to a lawyer’s beA since the start­ing date is deemed delivered to this law­yer. Think sum­mons, court orders, writ­ten plead­ings by your opponent’s leg­al coun­sel, things like that.

So 1 Janu­ary 2018 was the day. But as it happened, in late Decem­ber 2017 the oper­at­ors switched off the beA. Even more severe defects had sur­faced. So severe were these that the oper­at­ors decided they couldn’t unleash the beA on the (not so) unsus­pect­ing Ger­man leg­al pro­fes­sion.

The details would call for a sep­ar­ate blog or two. I shan’t go into these here. Today I’d like to address a par­tic­u­lar, unre­solved secur­ity issue.

Because since 3 Septem­ber 2018 the beA is back online. Thus, since then the stat­utory duty of all Ger­man law­yers to use it, at least pass­ively, has come into effect. But unfor­tu­nately, not all grave secur­ity defects have been remedied. As I said, the beA is still insec­ure. By all appear­ance, this won’t be cor­rec­ted any time soon.

Here’s what I mean.

Insecure Communication

Elec­tron­ic com­mu­nic­a­tion with a law­yer needs to be secure. Com­mu­nic­a­tion is secure when two entit­ies are com­mu­nic­at­ing and no third party is able to listen in. For that they need to com­mu­nic­ate in a way not sus­cept­ible to eaves­drop­ping or inter­cep­tion.

This is where the encryp­tion of beA com­mu­nic­a­tion shows its weak­ness. There’s the rub.

The beA runs as a web applic­a­tion based on Java­script. The applic­a­tion loads to the loc­al PC of the law­yer from a serv­er of the Ger­man Fed­er­al Bar Asso­ci­ation (BRAK serv­er). Then it com­mu­nic­ates with the cli­ent soft­ware which the law­yer must install on his loc­al PC. Iron­ic­ally, the name of this soft­ware is Cli­ent Secur­ity.

Why isn’t this secure?

It isn’t secure because while each mes­sage is encryp­ted with a lawyer’s per­son­al sig­na­ture, once it reaches the BRAK serv­er it gets decryp­ted and re-encryp­ted before it’s sent on to the recip­i­ent. Put anoth­er way, the beA doesn’t provide for end-to-end encryp­tion between Ger­man law­yers and their com­mu­nic­a­tion part­ners. Instead, it works through end-to-middle­man encryp­tion, fol­lowed by middle­man-to-end re-encryp­tion.

Sounds like a bug, but it’s a fea­ture. Offi­cially, this is to allow the for­ward­ing of mes­sages to oth­er author­ised per­sons later. I’m not the only one who asks why there has to be a middle­man to do that, but I guess ‘oth­er author­ised per­sons’ is telling. There’s a name for some­thing like this: back­door.

The Creature That Defeats Its (Official) Purpose

To put it simply: per­sons offi­cially author­ised – whatever this may mean – could gain access to priv­ileged com­mu­nic­a­tion between a law­yer and a cli­ent. I’m not cool with that.

In addi­tion, someone with unau­thor­ised access to the BRAK serv­er could alter the Java­script web applic­a­tion which com­mu­nic­ates with a lawyer’s Cli­ent Secur­ity. For example, the applic­a­tion could be mod­i­fied so that it for­wards mes­sages to third parties as soon as they were decryp­ted. This wouldn’t be access through the back­door, this would be a hack, per­haps even from inside. The thing is, we have reas­ons to ques­tion the Ger­man Fed­er­al Bar Association’s abil­ity to secure its IT infra­struc­ture against that.

The beA infra­struc­ture is sus­cept­ible to eaves­drop­ping or inter­cep­tion. It’s hard not to see this as an invit­a­tion to attempt indus­tri­al (or sim­il­ar kinds of) espi­on­age when one gets the chance. All one needs is the right com­pany in the right leg­al wrangle.

What to do?

One tech­nic­al solu­tion would be to run all beA soft­ware loc­ally, which means on the devices of the par­ti­cipants alone. Like, how What­s­App does it. Or Tele­gram, or Threema, or pretty much every mod­ern mes­saging applic­a­tion out there. Or, for don­key years now, how Pretty Good Pri­vacy does it.

But that would mean a struc­tur­al change of the beA, a change of its con­cep­tion. With a view to the gen­es­is of the beA, it should be clear that this won’t hap­pen so quickly.

Anoth­er, beha­vi­our­al solu­tion is, well, to avoid using the beA, as long as it’s insec­ure as described. After all, there are oth­er secure means of elec­tron­ic com­mu­nic­a­tion out there.

The Performance of One’s Duty

But aren’t I a Ger­man law­yer? Aren’t I under the stat­utory duty to use the beA at least pass­ively? Yes, I am. Whatever gets sent to my beA is deemed delivered to me. I can’t get around that. No Ger­man law­yer can.

My Ger­man peers and I must check our beAs, in case someone sends us a mes­sage there. For­tu­nately, there’s an e-mail noti­fic­a­tion func­tion for that (which awaits field test­ing though). At the same time we are sworn to con­fid­en­ti­al­ity, not just pass­ively, but act­ively. We have to make sure our com­mu­nic­a­tion with and about cli­ents and their mat­ters is suf­fi­ciently secure.

At this time the iron­clad solu­tion for Ger­man law­yers to com­ply with all their pro­fes­sion­als duties seems to have the beA avail­able, but to avoid using it. This would include not lit­ig­at­ing in a Ger­man court, if pos­sible, espe­cially if theres a reas­on to believe the oppon­ent or the court will use the beA in the pro­ceed­ings. This seems to be all the more indic­ated where the stakes are high, where there’s a risk of snoopery and foul play by oppon­ents or third parties.

The Secure Alternative

There is of course a means of resolv­ing a leg­al dis­pute where pri­vacy and con­fid­en­ti­al­ity may remain para­mount and pro­tec­ted. Where the parties are free to use oth­er, more secure means of com­mu­nic­a­tion than the beA. Where they may com­pel their coun­sel and the dis­pute resolv­ers to do the same. I’m talk­ing, of course, about private arbit­ra­tion.

I’m sure the people behind the beA didn’t aim to pro­mote arbit­ra­tion or oth­er meth­ods of altern­at­ive dis­pute res­ol­u­tion when they cre­ated the beA. Then again, they didn’t aim for a lot of things to hap­pen.

To arbit­rate, the parties to a leg­al dis­pute have to agree to do so, either before or after the dis­pute has aris­en. They might be more pos­it­ive about that now, see­ing which ways con­fid­en­tial com­mu­nic­a­tion may go through the beA.