tiality.
The fundamental right to the guarantee of the integrity and confidentiality of information technology systems is to be applied, by contrast, if the empowerment to encroach covers systems which alone or in their technical networking can contain personal data of the person concerned to such a degree and in such a diversity that
access to the system facilitates insight into significant parts of the life of a person or
indeed provides a revealing picture of the personality. Such a possibility applies for
instance to access to personal computers, regardless of whether they are installed in
a fixed location or are operated while on the move. It is possible as a rule to conclude
not only as regards use for private purposes, but also with business use, possible
characteristics or preferences from the usage pattern. Specific fundamental rightrelated protection also covers for instance mobile telephones or electronic assistants
which have a large number of functions and can collect and store many kinds of personal data.
203
bb) What is first of all protected by the fundamental right to the guarantee of the confidentiality and integrity of information technology systems is the interest of the user in
ensuring that the data which are created, processed and stored by the information
technology system that is covered by its scope of protection remain confidential. An
encroachment on this fundamental right is also to be presumed to have taken place if
the integrity of the protected information technology system is affected by the system
being accessed such that its performance, functions and storage contents can be
used by third parties; the crucial technical hurdle for spying, surveillance or manipulation of the system has then been overcome.
204
(1) The general right of personality in the manifestation dealt with here in particular
provides protection against secret access, by means of which the data available on
the system can be spied on in its entirety or in major parts. The fundamental rightrelated protection covers both the data stored in the working memory and also that
which is temporarily or permanently kept on the storage media of the system. The
fundamental right also protects against data collection using means which are technically independent of the data processing events of the information technology system
in question, but the subject-matter of which is these data processing events. This is
for instance the case with use of so-called hardware keyloggers or in measuring the
electromagnetic radiation from monitors or keyboards.
205
(2) The fundamental right-related protection of the expectation of confidentiality and
integrity exists regardless of whether access to the information technology system
can be achieved easily or only with considerable effort. An expectation of confidentiality and integrity to be recognised from the fundamental rights perspective however
only exists insofar as the person concerned uses the information technology system
as his or her own, and hence may presume according to the circumstances that he or
she alone or together with others entitled to use it disposes of the information technology system in a self-determined manner. Insofar as the use of the personal informa-
206
33/60