need of special protection compared to other professional groups is sound at least.
However, an obligation to also extend this particular level of protection to other
groups cannot be derived from that finding (cf. BVerfGE 129, 208 <258 et seq., 263
et seq.>). […]
3. The provisions aiming to guarantee transparency, legal protection, and supervisory control do not satisfy the constitutional requirements in all respects either.
259
a) When construed appropriately, the drafting of obligations to notify as set out in §
20w BKAG is not objectionable. The provision, which is drafted closely in line with
§ 101 secs. 4 to 6 StPO, satisfies the constitutional requirements (cf. BVerfGE 129,
208 <250 et seq.>).
260
The same applies with regard to the second half of § 20w sec. 2 sentence 1 BKAG,
which allows refraining from notification for the purpose of securing the further deployment of an undercover investigator. Unlike the case where the notification of the
deployment of undercover investigators for the surveillance of private homes is deferred – for which this purpose is not sufficient (cf. BVerfGE 109, 279 <366 and
367>) –, this exception from the obligation to notify concerns the deployment of an
undercover investigator as such. […]
261
The permission to refrain definitely from a notification after a period of at least five
years according to § 20w sec. 3 sentence 5 BKAG, is constitutional. In accordance
with the current practice of definitively deciding to refrain from a notification as described by Federal Criminal Police Office representatives in the oral hearing, such decisions, when interpreting the provision in conformity with the Basic Law, require that
a further use of the data against the affected person be ruled out and the data deleted.
262
b) With regard to the challenged investigative and surveillance powers, the rights to
information as well as the possibility of a retrospective judicial review and, where appropriate, compensation are guaranteed in a manner that does not raise constitutional objections.
263
[…]
264-265
c) In contrast, supervisory control requirements are not designed in a constitutionally sufficient manner (see above, C IV 6 d). Indeed, the provisions of the Federal Data
Protection Act demand a review by the Federal Data Protection Commissioner who
has adequate powers in that respect (cf. BVerfGE 133, 277 <370 para. 215>). However, sufficient statutory requirements of regular mandatory reviews that must take
place at certain minimum intervals of approximately two years are lacking (cf. BVerfGE 133, 277 <370 and 371, para. 217>).
266
Comprehensive documentation requirements that allow the full and effective review
of the surveillance measures in question are lacking, too (cf. BVerfGE 133, 277 <370,
para. 215>). The Act does set out sporadic documentation requirements, such as in §
267
43/71