Hackers have just stolen a vast cache of highly sensitive data on the who’s who of the German political establishment. Since the beginning of December, an anonymous Twitter account has quietly begun to post links to information about a thousand leading politicians and broadcasters, including most members of the cabinet and Chancellor Angela Merkel. The dump includes a wide range of sensitive and potentially embarrassing details, such as addresses and phone numbers; confidential emails and Word documents; and even private accounts on social media. Incredibly, German security services did not know about what may be the most massive breach of government data security in the country’s history for weeks after the documents were first available on the internet.
The extent of the political fallout from this immense data trove will depend on just how damaging the material turns out to be. German political editors who’ve been up all night reading through it seem to believe there are plenty of skeletons to dissect. Only time can tell whether these breaches will ruin the careers of a few individual politicians, or give fair-minded observers reason to believe that German politics is more corrupt than it seems. Even so, three broad lessons are already clear.
First, digital technology continues to offer massive opportunities to the enemies of liberal democracy. The data released in the past weeks affects prominent politicians from across the traditional political spectrum, including all of the country’s long-established parties. But that implies one highly significant, and hardly surprising, omission: the far-right populists of the Alternative for Germany, whose politicians have not yet been affected by the hacks.
Since the security forces did not even know that the leak existed until weeks after the first links started to appear on Twitter, they evidently aren’t yet in a position to identify the culprit, and likely won’t be for a while. Given its past track record and current German-Russian tensions, the Kremlin seems like an obvious suspect. But so do plenty of other actors. The traditional question about the beneficiary of crime, in conjunction with the omission of the AfD, suggests the one thing they have in common: an interest in destabilizing Germany.
The depressing thing about this is that the warning signs had been there long ago. In fact, the German security services had uncovered a breach in the Bundestag’s servers as far back as 2015. But even though all the parties represented in the national parliament did, at that time, share a commitment to stopping outside interference in German politics, they evidently did not take the threat seriously enough. Democracies around the world that are still complacent about the cyber-threats they face should urgently take heed.
Second, the impact on German politics is likely to be significant. When the private communications of about 1,000 prominent political figures are made public, there’s sure to be plenty of material for lurid headlines. Even if, in sum, they actually add up to a political culture that is reasonably clean—as the breach of the Democratic National Committee server during the 2016 election did despite showcasing the corrosive (yet, alas, perfectly legal) influence of big donors—the public is likely to remember the whiff of scandal.
This, then, is the realistic best-case scenario for Germany, and even that is likely to be thoroughly destabilizing. Over the past few years, far-right populists have cunningly exploited popular resentment over Merkel’s refugee policy. But though they have also tried to tarnish moderate parties as deeply corrupt, they have not had much luck with that tactic: Merkel is known not to be especially interested in money or, for that matter, particularly impressed by CEOs. And though there have been occasional corruption scandals in German politics over the years, of course, they have been too minor to spread the impression of generalized lawlessness, much less impunity.
An increasingly mistrustful public has grown more willing to believe the worst about the country’s political elites. An increasingly powerful populist block has been all too willing to incite this mistrust. It’s hard to believe that this massive leak will not provide them with the match that can set off an explosion.
Third, German journalists now face the same ethical quandary their American colleagues failed to resolve in 2016, one many more will likely face in the coming years. It is clear that the hacking of deeply personal material is both illegal and immoral. It is highly likely that it was orchestrated by malign political actors who are shrewdly trying to enlist the most powerful and distinctive features of a liberal democracy, like the free press, in a suicide mission. All of these are compelling reasons not to make use of the leaked data.
At the same time, the press of a free society has an obligation to uncover malfeasance. In pursuing true political scandals, it has always been willing to use motivated and morally complicit sources. What’s more, the very technologies that made this leak possible in the first place also mean the most damaging material will, in any case, find a broader audience. Isn’t it better that this material is presented alongside context and fact-checking rather than published, without regard to the truth, in the direct service of the populists? All of these are reasons to use the leaked data in much the way the hackers have intended.
What would I do of I were an editor of a big German or, for that matter, an American paper? I don’t know. And that’s a big problem. So the massive hack of data has implications not only for Germany’s future or legislators in various democracies around the world. It is also an urgent warning to American journalists: Let us finally figure out what rules should govern our profession in the digital age, lest we forever become the unwitting tools of the most ruthless enemies of the political system that afford us out most basic freedoms.