tection Act was to ensure an effective fight against terrorism by the constitution protection authority in view of new risks, in particular connected with Internet communication (see Landtag document 14/2211, p. 1). However, the area of application of the
revision is not restricted to the fight against terrorism, either explicitly or as a consequence of the systematic context. The provision requires a justification for its entire
area of application.
The security of the state as a power securing peace and order which has a constitutional structure, and the security which it is to provide for the population against dangers to life, limb and freedom are constitutional values ranking equally with other
high-value interests (see BVerfGE 49, 24 (56-57); 115, 320 (346)). The duty to protect has its foundation both in Article 2.2 sentence 1 and in Article 1.1 sentence 2 of
the Basic Law (see BVerfGE 115, 118 (152)). The state complies with its constitutional mandate by countering dangers from terrorist or other activities. The increased use
of electronic or digital means of communication and their penetration into almost all
areas of life makes it more difficult for the constitution protection authority to perform
its tasks effectively. Also, modern information technology offers extremist and terrorist groups many possibilities to establish and maintain contacts, as well as to plan and
prepare, as well as to commit criminal offences. Legislative measures opening up information technology for state investigations in particular are to be seen against the
background of the shift from traditional forms of communication to electronic message traffic and the possibilities to encrypt or conceal files (see on criminal prosecution BVerfGE 115, 166 (193)).
220
bb) Secret access to information technology systems is suitable to serve these purposes. It expands the possibilities available to the constitution protection authority for
reconnaissance of threat situations. The legislature is granted considerable latitude in
the evaluation of suitability (see BVerfGE 77, 84 (106); 90, 145 (173); 109, 279
(336)). It is not evident that this latitude has been exceeded here.
221
The power contained in § 5.2 no. 11 sentence 1 alternative 2 of the North RhineWestphalia Constitution Protection Act does not lose its suitability simply because,
according to an evaluation put forward in legal literature (see for instance Buermeyer,
Höchstrichterliche Rechtsprechung im Strafrecht 2007, p. 154 (165-166); Gercke,
Computer und Recht 2007, p. 245 (253); Hornung, Datenschutz und Datensicherheit
2007, p. 575 (579)) and heard from the experts in the oral hearing, the person concerned has technical possibilities of protection in order at least to effectively prevent
access in which the infiltration of the target system is carried out with the aid of access software. In the context of the suitability examination, it should not be required
that measures which are permitted by the impugned provision always or even only as
a rule promise success. The statutory prognosis that access of the regulated nature
can be successful in an individual case is at least not evidently erroneous. It cannot
be supposed to be taken for granted that each possible target person uses the possibilities for protection available against this and actually implements them free of error.
Moreover, it appears to be conceivable that access possibilities will emerge in the
222
37/60