Since the disclosure of the data Leaks have been tried last Thursday, investigators find out, who has provided the data of more than thousands of politicians, Celebrities and other people in the network. On Sunday, finally, a suspect has been arrested, a 20-year-old man from Central Hessen.

We have with attorney Peter Hense the Doxing-the case of spoken. He explains what could come on the according to the BKA confessed suspects.

MIRROR ONLINE: Mr. Hense, let’s assume that there is a single offender: What can be disclosed legally to the load?

Hense: , The offender has stolen data from the private accounts of social networks, Cloud-services, and E-Mail accounts, so logged in, the data on a private computer, drawn, processed, and for Download provided by third parties. So he has made the one after the so-called hacker-para-count 202c, as well as to Section 202a of the German criminal code because of the preparation and of the Spying out of data is a punishable offence.

To the Person Peter Hense , Born in 1977, is a lawyer and IT-law, data protection and competition law. He also advises on cases, clients in Doxing -.

MIRROR ONLINE: , And the data were taken on a multitude of platforms in circulation.

Hense: At the time of publication, the criminal provisions of the Federal data protection act. The publication of private, intimate information about a third party, with the aim of harming you, and perhaps also economically capitalize on it, is also a data protection law a criminal Offence, or at least a misdemeanor. In the case of file-sharing platforms, the Hacker has earned points when he shared the download link and a lot of that downloaded – which they can then redeem against certain advantages. Affected were injured also in your personality and can sue the perpetrators under civil law.

MIRROR ONLINE: What punishments await him?

Hense: In this case is the extent of Damage is so big that for the spying of data according to Section 202a and 202c of the criminal code the punishment of up to three years of imprisonment can be fully exploited. These include legal claims such as damages, injunctive relief and damages for Pain and suffering in the room are civil.

MIRROR ONLINE: There are more than thousands of politicians, celebrities and other persons of the Leak affected – how expensive is this?

Hense: of The hack is at least economically of his life happy. We’re talking high six-digit amounts – if that is not enough. But for those Affected, the damage has already occurred, and even financial compensation can’t be undone.

MIRROR ONLINE: of The current suspects is only 20 years old. Could alleviate his age the sentence?

Hense: To the juvenile court law, he is an adolescent, because he was at the time between 18 and 21 years old. The youth criminal law is milder and has a prison and a monetary penalty much more options than the adult criminal law, such as, for example, social training or voluntary work. Adolescents can be sentenced under juvenile law if Mature residues in the personality of the adolescent or the abzuurteilende fact, youth typical trains.

MIRROR ONLINE: What does this mean in concrete terms?

Hense: juvenile bullshit that the offender knew exactly what he was doing, and in particular the consequences could not estimate, is evaluated between 18 and 21 in accordance with the juvenile justice system. In contrast, the professional talks approach and the long preparation time in this case. But the dishes are quite generous, so that I can go out here by the application of juvenile criminal law, and thus not punishment, but Education is foremost in their minds.

MIRROR ONLINE: many Twitter users have spread the data from the Leak. The extent to which third parties liable for prosecution if you share Links to the Leaks or the data view or download?

Hense: , criminal liability requires intent, so that someone has an intent to cause Damage, and perhaps also by the data dissemination of an advantage to win. It could fall under the state Aid act or incitement to further deeds, if someone loads the Material somewhere else again. Twitter users who spread private information, but in any case, be illegal if you distribute the information as Screenshots or as Text, and civil injunctions are exposed to claims from those Affected.

MIRROR ONLINE: , The Tweets need to be deleted?

Hense: I have asked for Doxing cases in the past, users delete Tweets, but the Tweet 2000 has been Times shared, you won’t reach all of them. I assume that the personal data from the latest Leak shared ten thousand times on the private computers of people in the whole of Germany – even though it violates the right of personality if you Nude photos from the Dropbox of a politician to keep.

MIRROR ONLINE: by what legal means can be Concerned to the military?

Hense: of The Affected, it is recommended to make a criminal complaint, so that they are Affected. The perpetrators will be caught, you can then proceed to civil law against you. The Difficult is the way to go: The data are in the between time online in seemingly neutral platforms. Twitter has forever used to lock the account on which the Links were first widely used. Not to mention Online advertising pillars, such as Pastebin and other platforms, can spread via the each of the anonymous data, and, in some cases until today have not responded.

More about imago/ photothek data-Leak in the case of politicians and Celebrities: Six myths about the “hacker attack”

MIRROR ONLINE: Currently, there are numerous claims in accordance with the law tightening. What would you consider useful?

Hense: Notice and take down procedures often do not work, so if you inform the Hoster about rights violations, in order to remove the content. As a lawyer, one quickly encounters the walls. A more effective enforcement through international law agreements against Doxing, with a sharper access to the Hoster would be desirable.

MIRROR ONLINE: platforms Would have to be a legal obligation to protect your users better?

Hense: The Problem is that legal requirements are always abstract and generally formulated. Social networks will have to equip themselves with appropriate IT security, you can’t prescribe, but that must all offer 2-factor authentication, because you would otherwise have to adjust for every technical innovation in the quarterly cycle, the laws. Companies are also required today to hold your websites and Apps secure. The Problem is often that the users are exploited and Social Engineering, passwords, admit self-price. Some users are also careless – and the laws help nothing, if the doors are already open.