The special electronic lawyer mailbox (beA)
The “besonderes elektronisches Anwaltspostfach” (special electronic lawyer mailbox, or beA) is a program, required by German law to be used by lawyers in their communication, designed to ensure secure file transfer between client, lawyer and court. But significant flaws were found in the software. Read the full story here and find out which alternative to beA exists.
The beA and Its Creators
After considerable initial difficulties, beA is in use again since September 3rd 2018, after it had to be taken off the network due to a lack of security in its initial launch.
One of the reasons for developing this mailbox was to facilitate a nationwide communication between the approximately 164,000 lawyers, the 300,000 employees of lawyers and the courts. On the other hand, beA is supposed to ensure that important documents are delivered more reliably and faster than via mail, letter or fax. At the latest by the year 2022 pleadings are to be exclusively submitted electronically to courts.
In October 2014, the internationally operating company Atos IT Solutions and Services GmbH was commissioned by the German Federal Bar Association (BRAK) to develop the beA. The top priority in the development was to provide the software with a high level of information security and ease of use. In the year 2016, the conditions were supposed to be met to make the mailbox available to lawyers. However, at the end of November 2015, the provision of the beA was postponed to September 29, 2016, due to a lack of user-friendliness.
Two lawyers from Berlin and Cologne caused a further delay in activation. The electronic mailbox had been completed to date. But those two lawyers, however, obtained an interim disposal. It obligated BRAK not to release the beA for lawyers, who had not yet given their expressed consent. Due to its technical architecture, however, it was not possible to control the readiness of individual mailboxes to receive mail. Only after further technical obstacles were eliminated, the beA software could go live for the first time on November 28, 2016.
Security Vulnerabilities and Insufficient Encryption
Surprisingly, the beA had to be disconnected on December 22. 2017, just nine days before the start of the passive obligation to use it. The reason for this further delay was a certificate that is required for access. This certificate was classified as insecure and had to be closed immediately.
This circumstance resulted in a safety inspection prescribed by the Federal Office for Security and Information Technology (BSI) by the certified expert company Secunet AG. Many lawyers had already followed the development of beA with critical scrutiny since the beginning. Now the project had to withstand even more headwinds.
In fact, the beA’s technical infrastructure is designed that encrypted messages are routed from the sender to the data center, where a "transcoding" process (i.e. decrypting and re-encrypting with a different key) is conducted. Afterwards, the message is then delivered to the recipient. The main issue with this form of data delivery is that it constitutes a starting point for attackers. You just cannot be sure that the data received is still the exact same as originally sent. Additionally, no one can rely on the contents not being read out by third parties. “Transcoding” means that the data is unencrypted for a moment – therefore, unprotected. This conversion might be done in a special (protected) hardware module, but this ultimately only makes the attack slightly more difficult and is by no means a guarantee that an attack is no longer possible.
Critics see this process endangering the lawyer client privilege and therefore call for a retrofitting with end-to-end encryption (E2EE). This represents a simple technical solution, since E2EE belongs to the current security standard and is already used by many well-known companies and messenger services such as Signal or WhatsApp.
The (approx.) 90 pages report was finally submitted to the BRAK on June 20, 2018. It turned out that the insecure certificate was just the tip of an iceberg. Further analysis revealed that encryption privacy could not be fully achieved. A penetration test also resulted in a total of 36 errors, four of which were classified as "critical operating errors". In an extraordinary conference of presidents, the presidents of the 28 bar associations, therefore decided to launch the beA once more in a two-stage process.
First, Client Security was made available for download on July 4th 2018. With the Client Security a first registration at the beA was made possible again. In the second step, all the necessary vulnerabilities, which prevented a re-launch, were eliminated. The elimination of the remaining technical errors was supposed to take place during operation. This includes the implemented Hardware Security Module (HSM). According to the reviewers, this would not be necessary anymore, if the cryptographic possibilities were to be fully exploited.
The Current Status of the beA
The beA is in operation again since September 3rd 2018 and provides each lawyer with an automatically equipped electronic mailbox.
However, lawyers have already spotted a security gap on September 4th 2018, where it is possible to see the status of the messages in the mailbox of the opposing lawyer. Due to the existing passive use obligation, messages in the mailbox of lawyers who have not yet registered for the beA apply as delivered, regardless of whether they have already read the message or not. This could lead to legal disadvantages for clients, should deadlines expire.
Ruling of the Federal Court of Justice of March 22nd, 2021
An initiative from the legal profession, supported by the Society for Civil Liberties (GFF), brought an appeal before the Federal Court of Justice. The aim was to abolish "transcoding" and force true end-to-end encryption for the beA. The court rejected this action. A report on the proceedings can be read on the GFF website: beA - but secure!.
Encrypted File Transfer - Whisply as a Safe Alternative to the beA
If you now prefer not to rely solely on beA for securely exchanging files with clients and colleagues, the Whisply web application is a safe alternative. With Whisply, it is very easy to send files protected with end-to-end encryption from the browser.
Whisply allows you to add additional security layers on top of every file transmitted. For example, for the download of an encrypted file it is possible to transmit a web link, which self-destructs after a specified amount of time. Files may be downloaded for a certain period of time until the link loses its validity. For further security you can protect the link using a PIN or a password. Simply send the link and PIN (or password) via two different channels (for example via email and SMS) to ensure the highest level of security.
Of course, you can also send the Whisply links via beA in order not to violate the obligation of use.
This way, files can be exchanged securely without having to rely on " transcoding".