FECL 05 (April 1992):
The "Federal law on the organization of security administration and the exercise of security policing" (SPG) was voted on October 2, 1991 by the Austrian parliament. It replaces regulations on police powers and organization, some of which date back to as far as the Austro-Hungarian empire in 1850 and for the first time introduces the priniple of some form of legal and parliamentary control on the activities of the political police, the Stapo (Staatspolizei).
A series of revelations and scandals involving police and Stapo in recent years had heightened public awareness and criticism of police misbehaviour and are one explanation for the relatively speedy introduction of the new law.
The Stapo's role in two spectacular cases of economic crime (the "Lucona" and the "Noricum" cases) involving senior government officials and politicians and and embarrassing reports by Amnesty International by the Commission for the prevention of torture of the Council of Europe on cases of grave ill-treatment by Austrian policemen. Moreover, revelations on extensive political surveillance of citizens by the Stapo had caused widespread indignation: Indeed, 775 officials were spying on citizens in their chief occupation with an estimated annual budget of one billion Austrian Schillings. The Interior ministry itself acknowledged the existence of 59'000 Stapo files. "Mothers aagainst nuclear threats" and citizens protesting against the setting-up of a waste deposit in their neighbourhood were among the "political suspects" detected by the Stapo. In the sarcastic Austrian vernacular the Stapo was soon called the "Alpine Stasi" (after the former East German state security).
Indeed, the SPG brings some improvments with regard to civil liberties and fundamental rights in a formerly extra-legal domain. Thus the stipulation of the ultima ratio principle - the interference in individual liberties only as a last mean - and the principle of proportionate action provide a minimum of protection against police arbtirariness. Moreover, an independant instance of complaint has been created and data protection regulations have been extended to certain domains of non computerized data processing.
But the most significant progress can be found in the ban for the Stapo to collect discretionary data on persons in a purely preventive manner.
Unfortunately the inclusion of these principles is very much reduced to hollow declarations of intent through the introduction of a series of paragraphs which undermine the above-named guarantees by dangerously vague definitions of the terms empoyed.
Thus the following rights of the concerned are embodied in .30, alinea 1:
But all this is at once jeopardized through alinea 2 of the same paragraph which bluntly states that "this does not apply, when the carrying out of the task would thereby be put at a risk". Thus it is precisely the official, vis-à-vis whom these rights are meant to provide protection, who decides if they shall be apply or not to the particular case. Thus, what has been clearly regulated in the first alinea, is left to discretionary decision in the second.
In a first draft of alinea 2 it still said: "...would thereby be prevented" (and not "put at a risk"). This little modification shows that the numerous "elastic" regulations in the SPG are not due to sloppy formulation work but rather to deliberate action of the legislator.
With the regulation on "security checks" new spheres of difficult to control activities of the Stapo are created. According to §55 al.2 the security police must screen persons "when the person concerned is assigned for a task, within which it will exercise administrative authority of command and coercion or have decisive influence on the realization of other acts of administration or other important administrative decisions, and when a particular public law corporation demands it".
According to §53 and following the police may already collect and process data, when it believes that it thus serves the "prevention of probable dangerous attacks against life, health, morality, liberty, property or environment" or the maintenance of "public order" at the occasion of a "particular event". Thus, such police surveillance is neither limited to the verifiable preparation of concrete serious crimes nor to the circle of persons actually engendering the alleged "dangerous attack" (attack punishable by penal law). In combined application with .30 al.2 this faciliates vast covert surveillance operations against non-suspects. The mere formulation of §53 and following is strongly reminiscent of article 99 al.3 of Schengen II.
What is "public order"? The SPG furnishes generations of European jurists who have desperately meditated on the possible meaning of this term with a simple and easy to apply definition: According to §27 "public order" is nothing else than "order in public places". The latter are, quite obviously, places "which can be acceded to by a cercle of persons not defined in advance".
According to §53 the police may investigate personal data, when a "cercle of persons not defined in advance" accedes to a "public place" at a "particular event" Anybody who "disturbs public order without justification by particularly reckless behaviour" can be sentenced to up to two weeks of imprisonment.
Another provision says that personal data may be collected only, when this is "essential" for carrying out a task. Not even an attempt is made to define this term.
§53 al.3 empowers the police to accede to other databases, eg. social insurances and other corporations under public law.
§56 empowers security police to screen persons on the base of express written consentment of the concerned. Thus, any public or private employer can make such "voluntary" screening a condition for considering an employment application.
§57 al.1, due to its lack of precision, provides for totally free access of any public administration to the database of the security police.
In the view of its critics the SPG opens the door to uncontrolled and arbitrary security police practices against about any civil servant or state employee. The Salzburg Chamber of Workers (Arbeiterkammer: a corporatist institution under public law for the defence of workers interests) commented:
"In future the chamber of workers could be forced to supply the Stapo with information on all those persons whom it knows: advice-seeking employees, consumers... Thus the not at all theoretical possibility exists that the chamber of workers could be obliged in the course of security sreening of an applicant or on the grounds of the suspicion of enterprise espionage to hand over its information on the person concerned, whose interests it should actually represent according to the law on the chambers of workers".
§56 authorizes the police to hand over personal data to foreign security authorities, "as far as this is necessary for the safeguarding of considerable security interests of the addressee". With this provision the "considerable" interest of a foreign administration weighs heavier than the Austrian citizen's interest in having his personal data protected. Nothing is said about who shall establish the presence of such a "considerable interest".
This provision the national matching piece to Schengen II's article 46 (on mutual police cooperation) - further evidence for Austria's effort for a "pre hoc" harmonization on Schengen lines, even before an EC-membership.
Sources: Pilz, Peter: Das Hoch-Sicherheitspolizeigesetz - zur Diskussion um Polizeibefugnisse und die Kontrolle der Staatpolizei; Zeger, Dr.Hans G.: Das Sicherheitspolizeigesetz - Ein datenschutzrechtlicher Emmentaler, ARGE DATEN, A-1090 Wien, Liechtensteinerstr.94; Stellungnahme der "Plattform gegen das Sicherheitspolizeigesetz.