(1) As far as special confidentiality concerns so require or if in exceptional cases the
affected person’s interests meriting protection could be injured, the participating authority may partially or wholly abstain from storage of the extended basic data listed in
Section 3(1) no. 1(b) (restricted storage) or enter data on persons, associations,
groupings, foundations, companies, property, banking data, addresses, telephone
numbers, telecommunications terminal devices, websites, and e-mail addresses listed in Section 2 in such a way that other requesting authorities involved cannot see
that these data were stored and thus will not be able to access the stored data (covert
storage). The head of the authority in question or an official of the higher service specially designated by the head shall decide about restricted and covert storage.
(2) If a request concerns data in covert storage, the authority which entered the data
is automatically informed of the request and receives all relevant information. It shall
immediately contact the requesting authority to check whether intelligence pursuant
to Section 7 may be transferred. The authority which entered the data may refrain
from contacting the requesting authority only if interests of confidentiality outweigh
the circumstances of an individual case. The authority shall document the reasons for
its decision pursuant to the second sentence. The request for information and the
documentation pursuant to the third sentence shall be deleted or destroyed no later
than such time as the covertly stored data are deleted.
Section 5
25
Data access
(1) The participating authorities may use data stored in the counter-terrorism database in an automated procedure as needed to discharge their duties in relation to investigating or combating international terrorism. If a match is found, the requesting
authority shall have access to the following:
1. a) when requesting information about a person: the person’s basic
personal data stored in the database, or
b) when requesting information about associations, groupings, foundations, companies, property, banking data, addresses, telephone numbers, telecommunications
terminal devices, websites or e-mail addresses: stored data pursuant to Section 2(1)
no. 4, and
2. data pursuant to Section 3(1) no. 3.
The requesting authority may access extended basic data on persons if the authority which entered the data authorizes such access upon request in individual cases. In
such cases, decisions about this case shall be based on the applicable rules governing data transfer.
(2) If a match is found, the requesting authority may directly access extended basic
data if necessary due to specific evidence indicating a current threat to the life, limb,
health or freedom of a person or property of substantial value, the preservation of
9/45