¹ This Ordinance regulates the organisational aspects of and procedure for the surveillance of post and telecommunications and the provision of information on postal and telecommunications services.

² It applies to:

a.

ordering authorities and the authorities directing proceedings;

b.

approval authorities;

c.

federal, cantonal and communal police forces;

d.

the Federal Intelligence Service (FIS);

e.

the State Secretariat for Economic Affairs (SECO);

f.

federal and cantonal authorities competent to deal with administrative criminal cases;

g.

the Post and Telecommunications Surveillance Service (PTSS);

h.

postal service providers (PSPs);

i.

telecommunications service providers (TSPs);

j.

the providers of services based on telecommunications services and that enable one-way or multi-way communication (providers of derived communication services);

k.

operators of internal telecommunications networks;

l.

persons who allow third parties to use their access to a public telecommunications network;

m.

professional retailers of cards and similar means of gaining access to a public telecommunications network.

The terms and abbreviations used in this Ordinance are defined in the Annex.

¹ The ordering authority shall use one of the following transmission channels to submit surveillance orders and orders for their extension or termination to the PTSS and to notify it of the access rights to be established:

a.

a secure means of transmission authorised by the PTSS;

b.

post or fax, if a means of transmission in accordance with letter a is unavailable for technical reasons; or

c.

telephone in urgent cases, provided the surveillance order is submitted in accordance with letter a or b within 24 hours.

² The PTSS may replace the means of transmission of submissions in accordance with paragraph 1 letter a with online-access to the Service's processing system.

¹ The PTSS shall determine in specific cases the technical and organisational measures for conducting surveillance, unless these are directly specified in the applicable regulations, in particular for standardised types of information and surveillance.

² If as a result of operational problems a person or entity required to cooperate is unable to meet its obligations for the surveillance of post or telecommunications, it shall report this to the PTSS without delay and thereafter submit a written statement of the reasons. The PTSS shall inform the person or entity required to cooperate without delay if surveillance cannot be carried out because of operational problems on its side.

³ Irrespective of where the cause of the error lies, the person or entity required to cooperate must temporarily store at least the undelivered secondary telecommunications data from real-time surveillance and deliver it without delay. If the secondary telecommunications data from real-time surveillance is no longer available or incomplete, the person or entity required to cooperate must deliver without delay the secondary telecommunications data from retroactive surveillance in accordance with the instructions of the PTSS.

If the PTSS establishes that the surveillance relates to a holder of official or professional secrets but that the statutory measures to protect these secrets have not been taken, it shall in the following situations notify the ordering authority and the approval authority without delay and initially shall not allow the former and the persons named in the surveillance order access to the surveillance data:

a.

if surveillance has been ordered by a civilian prosecution authority: in the case of persons from the professional groups specified in Articles 170-173 CrimPC unless measures have been taken in accordance with Article 271 CrimPC;

b.

if surveillance has been ordered by a military prosecution authority: in the case of persons from the professional groups specified in Article 75 letter b MCPC unless measures in accordance with Article 70b MCPC have been taken;

c.

if surveillance has been ordered by the FIS: in the case of persons from the professional groups specified in Articles 171-173 CrimPC unless measures have been taken in accordance with Article 58 paragraph 3 of the Intelligence Service Act of 25 September 2015⁴ in conjunction with Article 23 of the Intelligence Service Ordinance of 16 August 2017⁵.

The surveillance or the provision of information shall be carried out so that neither the person concerned nor unauthorised third parties are aware of it.

The PTSS shall at the request of the ordering authority carry out automated filtering if it is technically able to so and the cost and workload involved is not disproportionate.

¹ The PTSS shall record as evidence the telephone calls made in connection with its duties.

² Any evaluations of the recording shall be carried out by the data protection officer or the PTSS Data Protection Commissioner.⁶

³ The PTTS shall retain the recorded telephone calls for two years and thereafter destroy the recordings.

¹ The PTSS shall open a file in the processing system for each surveillance order.

² The file contains all the documents on the case concerned, namely:

a.

the surveillance order and its attachments;

b.

the surveillance assignment or assignments issued to the relevant person or entity required to cooperate;

c.

the confirmation or confirmations of when the assignment was issued to the person or entity required to cooperate;

d.

the written acknowledgment from the person or entity required to cooperate that the surveillance assignment or assignments has or have been carried out;

e.

the rulings from the approval authority on the approval or non-approval of the surveillance order together with any appeal decisions;

f.

any extension orders and rulings from the approval authority;

g.

the termination order;

h.

the correspondence relating to the measure;

i.

the protection measures specially ordered;

j.

the accounting records.

³ The surveillance data shall be stored in accordance with Article 11 SPTA and destroyed in accordance with Article 14 of the Ordinance of 15 November 2017⁷ on the Processing System for the Surveillance of Post and Telecommunications (PSO-PTSS).

¹ Normal working hours for the PTSS and the persons or entities required to cooperate are Monday to Friday continuously from 8am to 5pm.

² Normal working hours do not apply on public holidays. These are 1 and 2 January, Good Friday, Easter Monday, Ascension Day, Whit Monday, 1 August, 24 December from noon, 25 and 26 December and New Year's Eve (31 December) from noon.

¹ Outside normal working hours and on public holidays, the PTSS shall provide the following on-call services:

a.

the forwarding of requests for information specified in Articles 35-43;

b.

issuing assignments for the activation of real-time surveillance in accordance with Articles 54-59;

c.

issuing assignments for the conduct of retrospective urgent surveillance activities in accordance with Articles 60-63, 65 and 66;

d.

issuing assignments for missing and wanted person searches in accordance with Articles 67 and 68, with the exception of the network coverage analysis in preparation for an antenna search in accordance with Article 64;

d^bis.⁸

issuing assignments for the mobile phone localisation of suspected terrorists in accordance with Article 68a;

e.

the rectification of faults.

² The TSPs, with the exception of those with reduced surveillance duties in accordance with Article 51, and providers of derived communication services with more extensive surveillance duties in accordance with Article 52 must be able to support the PTSS so that it may provide the services in accordance with paragraph 1 at any time. The PTSS must be able to contact them at any time.

³ The ordering of special surveillance activities and requests for special information (Art. 25) shall not be accepted or processed outside normal working hours.

¹ The PTSS shall publish statistics every year about the surveillance activities ordered in the previous calendar year and the information provided. These shall indicate in particular the number:

a.

of surveillance measures in real time;

b.

of retroactive surveillance measures;

c.

of instances in which information was provided;

d.

of missing person searches;

e.

of wanted person searches;

f.⁹

of mobile phone localisations of suspected terrorists.

² The statistics in accordance with paragraph 1 shall indicate:

a.

the type of offence;

b.

the canton of the ordering authority, the ordering federal authority or, in the case of missing person searches, also an authority from the Principality of Liechtenstein, and in the case of information, the competent cantonal or federal authority (Art. 1 para. 2 lets c-f);

c.¹⁰

the nature of the information, surveillance, missing person search or wanted person search or mobile phone localisation of suspected terrorists;

d.

the duration of surveillance, if applicable;

e.

the fees;

f.

the compensation.

¹ Public prosecutor's offices and military examining magistrates shall keep annual statistics on the special technical devices and special information technology programs used in the previous calendar year for surveillance activities (Art. 269^bis para. 2 and 269^ter para. 4 CrimPC and Art. 70^bis para. 2 and 70^ter para. 4 MCPC respectively). The statistics shall indicate the type of offence.

² Public prosecutor's offices and the Office of the Military Attorney General at the DDPS shall submit the statistics to the PTSS in the first quarter of the following year. The statistics shall indicate only assignments concluded in the year concerned.

³ The PTSS shall publish consolidated statistics every year. These do not contain any details of the canton of the ordering authority or the federal ordering authority.

¹ Requests for information from the authorities specified in Article 15 SPTA to TSPs, providers of derived communication services and operators of internal telecommunications networks as well as the information returned to the authorities are transmitted in the online request procedure or via the interfaces using the processing system specified in the PSO-PTSS¹¹.

² If the online request procedure using the processing system is unavailable for technical reasons, requests for information and the information returned to the authorities may be submitted to the PTSS by post or fax.

³ In urgent cases, the authorities may submit requests for information by telephone to the PTSS, and submit the request for information specified in paragraph 1 or 2 subsequently.

⁴ The request for information must indicate, in addition to the details required for the type of information concerned, the maximum number of data records to be supplied and, if available, the reference numbers and case names.

¹ TSPs and providers of derived communication services with more extensive duties to provide information in accordance with Article 22 must be able to provide the information specified in Articles 35-37 and 40-48 as well as in Article 27 in conjunction with Articles 35, 40, 42 and 43 that relates to services that they provide. They may enlist the support of third parties to do so.

² They shall provide the information specified in Articles 35-37 and 40-42 and in Article 27 in conjunction with Articles 35, 40 and 42 in an automated process via the query interface of the PTSS processing system. They may also provide the information specified in Articles 43-48 and in Article 27 in conjunction with Article 43 manually.

³ TSPs with reduced surveillance duties in accordance with Article 51 may also provide information of all types outside of the processing system in writing.

⁴ TSPs, with the exception of those with reduced surveillance duties in accordance with Article 51, and the providers of derived communication services with more extensive surveillance duties in accordance with Article 52 must be able to provide the information specified in Articles 38 and 39 that relates to services that they provide via the query interface of the PTSS processing system. They may enlist the support of third parties to do so.

⁵ Providers of derived communication services without more extensive duties to provide information and conduct surveillance and operators of internal telecommunications networks are not required to provide information of the types specified in Articles 35-48 and in Article 27 in conjunction with Articles 35, 40, 42 and 43. They shall supply the information available to them via the processing system or by a different method in written form.

⁶ If the number the data records found exceeds the maximum value specified in the request, the provider shall only disclose their number.

¹ TSPs, providers of derived communication services with more extensive duties to provide information in accordance with Article 22, providers of derived communication services with more extensive surveillance duties in accordance with Article 52 and retailers in accordance with Article 2 letter f SPTA must ensure that subscribers are identified by suitable means.

² In the case of professionally operated public WLAN access points, TSPs must ensure that all end users are identified by suitable means.

¹ In the case of mobile services, TSPs and retailers in accordance with Article 2 letter f SPTA must, on supplying the means of access or on the initial activation of the service, verify the identity of the subscriber by means of a passport, an identity card or a foreign national identity card in accordance with Article 71 and 71a of the Ordinance of 24 October 2007¹² on Admission, Period of Stay and Employment. They must retain an easily legible copy of the identity document.

² In the case of the natural persons, the following details must be recorded:

a.

surnames and forenames;

b.

date of birth;

c.

type of identity document, identity document number and the issuing country or issuing organisation;

d.

address;

e.

if known, occupation;

f.

nationality.

³ In the case of legal entities, the following details must be recorded:

a.

name, registered office and contact details for the legal entity;

b.

business identification number (UID) in accordance with the Federal Act of 18 June 2010¹³ on the Business Identification Number;

c.

if available, the names and forenames of the persons who will use the provider's services.

⁴ In the case of customer relationships that are not based on a subscription contract, the following details must also be recorded:

a.

the time at which the means of access was supplied;

b.

the point of supply (name and complete address);

c.

the name of the person supplying the means of access.

¹ TSPs and providers of derived communication services with more extensive duties to provide information and conduct surveillance (Art. 22 and 52) must retain and be able to supply the information about the telecommunications services and the information recorded for the purpose of identification for the duration of the customer relationship and for 6 months after its termination. TSPs must retain and be able to supply identification data in accordance with Article 19 paragraph 2 for as long as the right to access the public WLAN access point applies and for 6 months after its expiry.

² TSPs, with the exception of those with reduced surveillance duties in accordance with Article 51, and providers of derived communication services with more extensive surveillance duties in accordance with Article 52 must retain and be able to supply the following data for the purpose of identification for 6 months:

a.

the secondary telecommunications data relating to the device identifiers actually used, in order to be able to provide the information specified in Article 36 paragraph 1 letter d and Article 41 paragraph 1 letter d; and

b.

the secondary telecommunications data relating to the assignment and translation of IP addresses and port numbers, in order to be able to provide the information specified in Articles 37, 38 and 39.

³ The secondary telecommunications data under paragraph 2 must be destroyed as soon as the retention period has expired, unless other legislation requires or permits such data to be retained for longer.

¹ The PTSS shall declare a provider of derived communication services to be a provider with more extensive duties to provide information (Art. 22 para. 4 SPTA), if it has met one of the following criteria:

a.

100 requests for information in the past 12 months (effective date: 30 June);

b.

annual turnover in Switzerland of CHF 100 million in two successive financial years, provided a large part of its business operations provides derived communication services and 5,000 subscribers use the provider's services.

² If a provider controls one or more undertakings required to file financial reports as defined in Article 963 paragraph 2 of the Code of Obligations¹⁴, the provider and the controlled undertakings must be regarded as a single unit when calculating the values in accordance with paragraph 1.

³ Providers that exceed or fail to meet the criteria in paragraph 1 letter b must notify the PTSS of this in writing within three months of the end of their financial year and submit related supporting documents.

⁴ Providers must on request provide the PTSS with the information and supporting documents for assessing the criteria under paragraph 1 letter b. The PTSS may rely on data obtained in implementing the legislation relating to the surveillance of post and telecommunications or by other authorities in implementing federal law.

⁵ A provider that is declared to have more extensive duties to provide information must ensure that it can store the data required for providing information within 2 months and provide the information within 12 months of the declaration.

If third parties are engaged by the provider to assist in providing information or conducting surveillance activities, they shall be subject to the same requirements as the provider. The provider remains responsible for providing information and conducting the surveillance activities ordered to the extent specified; in particular it shall take the measures required to ensure that suitable contact persons for providing information and conducting the surveillance activities ordered are available to the PTSS at all times. Both the provider assigned the task by the PTSS and its assistants serve as contact points for the PTSS.

¹ The Federal Justice and Police Department (FDJP) shall standardise the types of information and surveillance that are defined in this Ordinance.

² If, based on the international standards and the enquiries made of the persons or entities required to cooperate, it proves impossible or unreasonable to standardise a type of information or surveillance, the FDJP shall dispense with doing so.

In the case of information and surveillance activities that do not correspond to a standardised type of information or surveillance, TSPs and providers of derived communication services shall provide the PTSS with all already available interfaces and connections to the PTSS processing system. The content and the secondary telecommunications data of the telecommunication of the person under surveillance must be supplied as far as possible in accordance with Article 26 paragraph 1 SPTA. The PTSS shall determine the modalities in specific cases.

¹ The providers concerned shall provide the following types of information on telecommunications services or derived communications services:

a.

information on subscribers (Art. 35, 40, 42 and 43 together with Art. 27 in conjunction with Art. 35, 40, 42 and 43);

b.

information on services (Art. 36-39 and 41);

c.

other information:

1.

information on the method of payment (Art. 44),

2.

requests for copies of identity documents (Art. 45),

3.

requests for copies of invoices (Art. 46),

4.

requests for copies of contracts (Art. 47),

5.

information on technical data relating to telecommunications systems and network elements (Art. 48).

² The authorities may only request the information that providers are required to provide in accordance with the procedures defined in this Ordinance.

¹ Requests for types of information specified in Articles 35, 40, 42 and 43 may be complied with by carrying out a search that tolerates errors and finds phonetic matches (flexible name search). In this case, the suffix "FLEX" shall be added to the abbreviation for the relevant information request type: IR_5_NA_FLEX, IR_11_TEL_FLEX, IR_14_email _FLEX and IR_16_COM_FLEX.

² The request for information shall in each case contain the first and at least one additional query criterion for the underlying information request type.

¹ The providers concerned must conduct the following types of real-time surveillance for telecommunications services and derived communications services:

a.

real-time surveillance of secondary telecommunications data in the case of network access services (Art. 54);

b.

real-time surveillance of content and secondary telecommunications data in the case of network access services (Art. 55);

c.

real-time surveillance of secondary telecommunications data in the case of applications (Art. 56 and 58);

d.

real-time surveillance of content and secondary telecommunications data in the case of applications (Art. 57 and 59).

² The providers concerned must conduct the following types of retroactive surveillance activities for telecommunications services and derived communications services:

a.

retroactive surveillance in the case of network access services (Art. 60);

b.

retroactive surveillance in the case of applications (Art. 61 and 62);

c.

locating the last active position of the mobile terminal device (Art. 63);

d.

an antenna search (Art. 66) and the corresponding preparations (Art. 64 or 65).

³ The providers concerned must conduct the following types of missing person searches (Art. 67):

a.

locating the last active position of the mobile terminal device (Art. 67 let. a);

b.

real-time surveillance of content and secondary telecommunications data in the case of network access services and telephony and multimedia services (Art. 67 let. b);

c.

real-time surveillance of secondary telecommunications data in the case of network access services and telephony and multimedia services (Art. 67 let. c);

d.

retroactive surveillance in the case of network access services and telephony and multimedia services (Art. 67 let. d).

⁴ The providers concerned must conduct the following types of searches (Art. 68):

a.

locating the last active position of the mobile terminal device (Art. 68 let. a);

b.

real-time surveillance of content and secondary telecommunications data in the case of network access services or applications (Art. 68 let. b);

c.

real-time surveillance of secondary telecommunications data in the case of network access services or applications (Art. 68 let. c);

d.

retroactive surveillance in the case of network access services or applications (Art. 68 let. d).

⁵ The providers concerned must conduct the mobile phone localisation of suspected terrorists by means of real-time surveillance of secondary telecommunications data in the case of network access services or applications (Art. 68a).¹⁵

¹ The quality of the data transmitted is acceptable if:

a.

the data delivery meets the requirements specified by the FDJP;

b.

the data is delivered without loss of data and without interruptions; and

c.

the transmitted surveillance data or information data correspond to that specified in the surveillance order or request for information.

² The persons or entities required to cooperate are responsible for the quality of the transmitted information and surveillance data up to the point of delivery.

³ If a provider or the PTSS identifies any defects in the quality of the data transmitted, they shall inform each other without delay. The PTSS shall determine the seriousness of the defects and the procedure for their rectification after consulting the provider. The provider and the PTSS shall inform each other regularly and promptly about the status of the rectification of defects.

¹ The PTSS may conduct test surveillance; in doing so, it may work with the prosecution authorities and the FIS. The tests serve the following purposes in particular:

a.

assuring the quality of the data diverted to the PTSS and the prosecution authorities by the persons or entities required to cooperate;

b.

verifying the ability of the persons or entities required to cooperate to provide information and conduct surveillance;

c.

testing the PTSS processing system;

d.

training purposes;

e.

generating reference data.

² The PTSS may instruct the persons or entities required to cooperate to participate in generating the test data. The PTSS shall draw up a test plan after consulting the persons or entities required to cooperate.

³ The persons or entities required to cooperate shall provide the PTSS with the required test targets and the required telecommunications services or derived communications services at its request free of charge and permanently.

⁴ The prosecution authorities and the FIS may also conduct circuit trials at their own expense for the purpose of quality assurance and the training. To this end, they shall submit orders to the PTSS and pay fees.

¹ TSPs and providers of derived communication services with more extensive information (Art. 22) or surveillance duties (Art. 52) shall in accordance with Article 33 paragraph 1 SPTA provide proof of their ability to provide information and conduct surveillance.

² Proof is provided if:

a.

the tests that must be conducted in accordance with PTSS requirements have been successfully completed; and

b.

the provider confirms in a questionnaire drawn up by the PTSS it meets the requirements in relation to standardised information and surveillance activities that cannot be proven by testing.

³ The PTSS shall ensure that it conducts the verification process promptly and does not cause any delay in market introduction. To do so, it shall carry out the following tasks:

a.

It shall check the results of the tests in accordance with paragraph 2 letter a.

b.

It shall evaluate the questionnaire in accordance with paragraph 2 letter b.

c.

It shall keep a record of the test procedures.

d.

It shall issue the providers with confirmation in accordance with Article 33 paragraph 6 SPTA.

e.

It shall retain the records for as long as the confirmation remains valid and for ten years after its expiry.

⁴ The PTSS shall state in the confirmation that the provider has proven its ability to provide certain types of information and conduct certain types of surveillance activities.

¹ The confirmation of ability to provide information and conduct surveillance is valid for three years.

² On expiry of the term of validity, the PTSS may extend the confirmation by a further three years if the person or entity required to cooperate certifies that since confirmation was granted no modifications have been carried out that influence data delivery or the ability to provide information or conduct surveillance.

³ If a provider can no longer provide information or conduct surveillance, it shall notify the PTSS immediately.

The FDJP shall regulate the procedure for verifying ability to provide information and conduct surveillance.

The PTSS shall immediately declare a confirmation of ability to provide information and conduct surveillance that has already been issued to be invalid for the relevant types of information or surveillance if:

a.

the provider gives notice that it can no longer provide information or conduct surveillance;

b.

the provider is unable on two or more occasions to deliver data, provide information or conduct surveillance;

c.

the information on the provider that underlies the confirmation is untrue.

¹ Information Request Type IR_4_NA comprises the following information about subscribers to network access services:

a.

if available, the unique subscriber identifier (e.g. customer number);

b.

in the case of mobile services, the details of the natural person or legal entity in accordance with Article 20 and, if known, further contact details and the sex of the natural person;

c.

in the case of the other network access services, the identification information specified in Article 19 and, if known, the details of the natural or legal entity, further contact details and the sex of the natural person;

d.

the following information about each network access service that the subscriber obtains from the provider:

1.

the unique identifier for the provider (e.g. TSP number),

2.

the unique service identifier (e.g. user name, MSISDN, DSL identifier),

3.

the period over which the service was used (start, first activation and, if applicable, termination),

4.

if applicable, further information about additional options or restrictions on the network access service,

5.

if applicable, the installation addresses of the fixed location access to the network and their period of validity in each case,

6.

the statuses of the service as designated internally by the provider (e.g. active, suspended, blocked) and their period of validity in each case,

7.

if applicable, all static IP addresses, IP prefixes, IP address ranges and net masks or prefix lengths assigned to network access service concerned and their period of validity in each case,

8.

in the case of customer relationships that are not based on a subscription contract, the time and the point of supply (name and complete address) for the means of access and the name of the person who made the supply,

9.

if applicable, the SIM number (ICCID) at the time of its supply,

10.

if applicable, the IMSI,

11.

the type of the service (e.g. prepaid, subscription),

12.

if applicable, the alternative subscriber identifier for the network access service.

² The request for information shall specify the period to which the request relates. It shall contain at least one of the following query criteria. If letters a-e are used, a second query criterion must be added. If searching for character strings (lets a, c, d and f), the provider must search only for the specified spelling of the term in accordance with the applicable FDJP regulations:

a.

surname(s), first name(s);

b.

date of birth;

c.

country and postcode or country and place;

d.

street and, if possible, house number;

e.

identity document number and, optionally, the type of identity document;

f.

name and, optionally, the registered office of the legal entity;

g.

business identification number (UID);

h.

subscriber identifier (e.g. customer number);

i.

service identifier other than IP addresses (e.g. user name, MSISDN, DSL identifier);

j.

IMSI;

k.

SIM number (ICCID).

¹ Information Request Type IR_6_NA comprises the following information about network access services. For information specified in letters b, c and e, details of the common period of validity shall be provided:

a.

if available, the unique subscriber identifier (e.g. customer number);

b.

the unique service identifier (e.g. user name, DSL identifier);

c.

if applicable, the IMSI and MSISDN;

d.

the list of unique device identifiers in accordance with international standards (e.g. IMEI, MAC address) of the devices used in connection with this service from the provider as well as, if available, their name in text form;

e.

if applicable, the SIM numbers (ICCID);

f.

if applicable, the PUK and PUK2 codes.

² The request for information shall specify the period to which the request relates. It shall contain at least one of the following query criteria:

a.

the service identifier, other than IP addresses (e.g. user name, MSISDN, DSL identifier);

b.

the IMSI;

c.

the unique device identifier in accordance with international standards (e.g. IMEI, MAC address);

d.

the installation address of the fixed location access to the network.

¹ Information Request Type IR_7_IP comprises the following information about the identified subscriber if this person was assigned a unique IP address at the time in question:

a.

if available, the unique subscriber identifier (e.g. user name);

b.

the unique service identifier (e.g. user name, MSISDN, DSL identifier) of the network access service;

c.

the unique identifier that designates the provider of the network access service (e.g. TSP number).

² The request for information shall contain the following information:

a.

the IP address;

b.

the date and time.

¹ Information Request Type IR_8_IP (NAT) comprises the following information about the identified subscriber if this person was not assigned a unique IP address (NAT) at the time in question:

a.

if available, the unique subscriber identifier (e.g. user name);

b.

the unique service identifier (e.g. user name, MSISDN, DSL identifier) of the network access service.

² The request for information shall contain information about the NAT translation procedure for the purpose of identification:

a.

the public source IP address;

b.

if required for identification, the public source port number;

c.

if required for identification, the public destination IP address;

d.

if required for identification, the destination port number;

e.

if required for identification, the type of transport protocol;

f.

the date and time.

¹ Information Request Type IR_9_NAT comprises the following information for the purpose of identification in connection with NAT translation procedures if required for identification:

a.

the source IP address before or after the NAT translation procedure, as the case may be;

b.

the source port number before or after the NAT translation procedure, as the case may be.

² The request for information shall contain the following information about the NAT translation procedure:

a.

the source IP address after or before the NAT translation procedure, as the case may be;

b.

the source port number after or before the NAT translation procedure, as the case may be;

c.

if required for identification, the public destination IP address;

d.

if required for identification, the destination port number;

e.

the type of the transport protocol;

f.

the date and time of the NAT translation procedure.

¹ Information Request Type IR_10_TEL comprises the following information about subscribers to telephony and multimedia services:

a.

if available, the unique subscriber identifier (e.g. customer number);

b.¹⁷

in the case of mobile services, details of the natural person or legal entity in accordance with Article 20 and, if known, further contact details and the sex of the natural person;

c.

in the case of the other telephony and multimedia services, the identification information specified in Article 19 and, if known, details of the natural person or legal entity, further contact details and the sex of the natural person;

d.

the following information about each telephony and multimedia service obtained by the subscriber from the provider:

1.

the unique identifier designating the provider (e.g. TSP number),

2.

the unique service identifier (e.g. telephone number, SIP URI),

3.

the period over which the service was used (start, first activation and if applicable, termination),

4.

the type of the service (e.g. private telecommunications installation, public call station, fixed location or mobile location service),

5.

if applicable, the installation addresses of the fixed location network access to the service and their period of validity in each case,

6.

the statuses of the service as designated internally by the provider (e.g. active, suspended, blocked),

7.

if applicable, the list or range of other addressing elements or identifiers registered in connection with this service (e.g. telephone numbers, IMPU),

8.

in the case of customer relationships that are not based on a subscription contract, the time and the point of supply (name and complete address) of the means of access and the name of the person who made the supply,

9.

if applicable, details of predetermined free choice of service provider for connections,

10.

if applicable, the IMSI,

11.

if applicable, the SIM number (ICCID) at the time of supply.

² The request for information shall specify the period to which the request relates. It shall contain at least one of the following query criteria. If using letters a-d, a second query criterion must be added. If searching for character strings (let. a, c, d and f), the provider must search only for the specified spelling of the term in accordance with the applicable FDJP regulations:

a.

surname(s), first name(s);

b.

date of birth;

c.

country and postcode or country and place;

d.

street and, if possible, house number;

e.

identity document number and optionally, the type of identity document;

f.

name and optional registered office the legal entity;

g.

business identification number (UID);

h.

subscriber identifier (e.g. customer number);

i.

addressing elements or identifiers (e.g. telephone number, SIP URI, TEL URI, IMPU);

j.

IMSI;

k.

SIM number (ICCID).

¹ Information Request Type IR_12_TEL comprises the following information about telephony and multimedia services. . For information specified in letters b, c and e, details of the common period of validity shall be provided:

a.

if available, the unique subscriber identifier (e.g. customer number);

b.

the addressing elements or identifiers registered for this service (e.g. telephone numbers, SIP URI, IMPI);

c.

if applicable, the IMSI;

d.

for the purpose of identification, the list of unique device identifiers in accordance with international standards (e.g. IMEI, MAC address) of the devices user in connection with this service from the provider as well as, if available, their designation in text form;

e.

if applicable, the SIM numbers (ICCID);

f.

if applicable, the PUK and PUK2 codes.

² The request for information shall specify the period to which the request relates. It shall contain at least one of the following query criteria:

a.

the addressing element (e.g. telephone number, SIP URI, MSISDN, TEL URI);

b.

the IMSI;

c.

the unique device identifier in accordance with international standards (e.g. IMEI, MAC address);

d.

the installation addresses of the fixed location access to the network;

e.

the service identifier (e.g. IMPI).

¹ Information Request Type IR_13_EMAIL comprises the following information about subscribers to email services:

a.

if available, the unique subscriber identifier (e.g. customer number);

b.

the identification information specified in Article 19 and, if known, the details of the natural person or legal entity, additional contact details and the sex of the natural person;

c.

the following information about each email service that the subscriber obtains from the provider:

1.

the unique identifier that indicates the provider of the service,

2.

the unique service identifier (e.g. email address, user name),

3.

the period over which the service was used (start, first activation and if applicable, termination),

4.

if applicable, the list of all additional addressing elements (e.g. alias address) that pertain to this service,

5.

if applicable, the list of all addresses, to which messages addressed to the requested address are forwarded (e.g. mailing list);

d.

if applicable, the additional addressing elements recorded by the provider in connection with this service (e.g. email address, MSISDN).

² The request for information shall specify the period to which the request relates. It shall contain at least one of the following query criteria. If using letters a-d, a second query criterion must be added. If searching for character strings (let. a, c, d and f), the provider must search only for the specified spelling of the term in accordance with the applicable FDJP regulations:

a.

surname(s), first name(s);

b.

date of birth;

c.

country and postcode or country and place;

d.

street and if possible house number;

e.

identity document number and, optionally, the type of identity document;

f.

name and, optionally, registered office of the legal entity;

g.

business identification number (UID);

h.

subscriber identifier (e.g. customer number);

i.

service identifier (e.g. email address, user name).

¹ Information Request Type IR_15_COM comprises the following information about subscribers to other telecommunications or derived communications services (e.g. messaging services, communications services in social networks, cloud and proxy services):

a.

if available, the unique subscriber identifier (e.g. customer number);

b.

the identification information specified in Article 19 and, if known, details of the natural person or legal entity, additional contact details and the sex of the natural person;

c.

the following information about each additional telecommunications service or derived communications service that the subscriber obtains from the provider:

1.

the unique identifier that designates the provider,

2.

the unique service identifier (e.g. user name),

3.

the period over which the service was used (start, first activation and if applicable, termination),

4.

the statuses of the service as designated internally by the provider (e.g. active, suspended, blocked) and their period of validity in each case,

5.

the list of other addressing elements or identifiers registered in connection with this service.

² The request for information shall specify the period to which the request relates. It shall contain at least one of the following query criteria. If using letters a-d, a second query criterion must be added. If searching for character strings (let. a, c, d and f), the provider must search only for the specified spelling of the term in accordance with the applicable FDJP regulations:

a.

surname(s), first name(s);

b.

date of birth;

c.

country and postcode or country and place;

d.

street and, if possible, house number;

e.

identity document number and, optionally, the type of identity document;

f.

name and, optionally, the registered office of the legal entity;

g.

business identification number (UID);

h.

subscriber identifier (e.g. customer number);

i.

addressing element or identifier (e.g. user name).

¹ Information Request Type IR_17_PAY comprises the following information about the method of payment used by subscribers to telecommunications and derived communications services:

a.

the unique identifier that designates the provider;

b.

the unique subscriber identifier (e.g. customer number);

c.

the unique identifier that the provider has assigned to the subscriber for accounting or billing purposes;

d.

the unique service identifier (e.g. telephone number, SIP URI, user name);

e.

the method of payment (debit, bank transfer or prepaid);

f.

the account information that the subscriber has given to the provider, consisting of the name of the bank, account holder and IBAN (or BIC and account number) or national bank number and account number;

g.

the billing addresses (house number, street, PO box, postcode, place, country) and their period of validity (start and if applicable, termination).

² The information specified in with paragraph 1 must be supplied if the provider has it.

³ The request for information shall specify the period to which the request relates. It shall contain at least one of the following query criteria:¹⁸

a.

the subscriber identifier (e.g. customer number);

b.

the service identifier (e.g. telephone number, SIP URI, user name);

c.

the identifier that the provider has assigned to the subscriber for accounting or billing purposes;

d.

the subscriber's bank account information: IBAN (or BIC and account number) or national bank number and account number;

e.

the billing address (house number, street, PO box, postcode, place, country).

¹ Information Request Type IR_18_ID comprises the provision of an electronic copy of the subscriber's identification document recorded in accordance with Article 20.

² The request for information shall specify the period and subscriber or service identifier, SIM number (ICCID) or IMSI or, if applicable, device identifier to which it relates.

¹ Information Request Type IR_19_BILL comprises the provision of electronic copies of all available billing records pertaining to the subscriber, not including secondary telecommunications data on telecommunications services and derived communications services.

² The request for information shall specify the period and unique subscriber or service identifier or unique identifier for accounting or billing to which it relates.

¹ Information Request Type IR_20_CONTRACT comprises the provision of electronic copies of all available contract documents pertaining to the subscriber to telecommunications services and derived communications services.

² The request for information shall specify the period and subscriber or service identifier, the SIM number (ICCID) or IMSI or, if applicable, the device identifier to which it relates.

¹ Information Request Type IR_21_TECH comprises the provision of technical data relating to telecommunications systems and network elements, in particular the location data for mobile radio cells and public WLAN access points.

² The location data comprise:

a.

the identifiers of network elements (e.g. CGI, ECGI, SAI, RAI, TAI, BSSID) and the geographical coordinates or other details of the location in accordance with international standards;

b.

if applicable, the postal address of the location;

c.

if applicable, the main directions of emission of the antennae; and

d.

if applicable, other available location features.

³ The request for information shall specify the period to which the request relates. It shall contain at least one of the following query criteria:

a.

the geographical coordinates of the location of the network element;

b.

the identifier of the network element (e.g. CGI, ECGI, BSSID).

¹ The surveillance order submitted to the PTSS shall contain the following information:

a.

the contact details of the ordering authority;

b.

the contact details of the authorised persons envisaged as recipients of the surveillance data;

c.

if known, the surname, first name, date of birth, address and occupation of the person to be placed under surveillance;

d.

the reference numbers and case names for the surveillance activities;

e.

the reason for surveillance, in particular the offence to be investigated by means of surveillance;

f.

the names of the persons or entities required to cooperate;

g.

the types of surveillance ordered or the type of special surveillance;

h.

the identifiers subject to surveillance (target ID);

i.

if necessary, an application for general authorisation for the surveillance of several connections without authorisation in specific cases (Art. 272 para. 2 and 3 CrimPC or Art. 70c para. 2 and 3 MCPC);

j.

the starting date and the duration of the surveillance;

k.

in the case of persons bound by professional secrecy in accordance with Article 271 CrimPC or Article 70b MCPC: a note to this effect;

l.

if need be, measures to protect persons holding professional secrets and further protection measures that the authorities and the PTSS must take.

² If conducting the surveillance so requires, the FDJP may provide that the surveillance order submitted to the PTSS must include further technical details.

¹ Each TSP and each provider of derived communication services with more extensive surveillance duties in accordance with Article 52 must be able to conduct the surveillance activities in accordance with Sections 8-12 of this Chapter (Art. 54-69) that relate to services that they provide, or they must be able to arrange for third parties to conduct the surveillance. The foregoing does not apply to TSPs with reduced surveillance duties in accordance with Article 51.

² The provider shall ensure its ability to conduct surveillance of telecommunications from the commercial launch of a service provided to customers.

³ It shall ensure that it can accept surveillance assignments outside normal working hours in accordance with Article 10 and can conduct them or arrange for third party to do so in accordance with the FDJP requirements.

⁴ It shall guarantee that within the period specified in the surveillance assignment surveillance will be conducted of all telecommunications traffic carried on the infrastructures under its control provided the traffic is part of the services under surveillance and can be assigned to the identifier under surveillance (target ID).

⁵ It shall support the PTSS, if necessary, in order to ensure that the transmitted surveillance data actually corresponds to the telecommunications traffic specified in the surveillance assignment.

⁶ If additional identifiers are associated with the identifier under surveillance (target ID) (e.g. IMPI with IMPU, email address with alias address), the provider shall ensure that these identifiers are also monitored as part of the type of surveillance.

¹ At the request of a TSP, the PTSS shall declare it to be a TSP with reduced surveillance duties (Art. 26 para. 6 SPTA) if it:

a.

only offers its telecommunications services in the field of education and research; or

b.

meets neither of the following criteria:

1.

surveillance assignments for 10 different surveillance targets in the past 12 months (effective date: 30 June),

2.

annual turnover in Switzerland from telecommunications services and derived communications services of CHF 100 million in two successive financial years.

² Article 22 paragraph 2 applies to the calculation of the values specified in paragraph 1 letter b.

³ TSPs with reduced surveillance duties are required to give written notice to the PTSS with supporting documents if they:

a.

no longer offer their services exclusively in the field of education and research; or

b.

achieve the value specified in paragraph 1 letter b number 2 for a second successive financial year; notice must be given within three months of the end of the financial year.

⁴ The PTSS may rely on data obtained in implementing the legislation relating to the surveillance of post and telecommunications or by other authorities in implementing federal law.

⁵ A provider that is declared to have more extensive duties to provide information must ensure that it can store the data required for providing information and provide the information within 2 months and 12 months of the declaration respectively.

¹ The PTSS shall in a ruling declare a provider of derived communication services to have more extensive surveillance duties (Art. 27 para. 3 SPTA) if it has met one of the following criteria:

a.

surveillance assignments for 10 different surveillance targets in the past 12 months (effective date: 30 June);

b.

annual turnover in Switzerland of CHF 100 million in two successive financial years, provided a large part of its business operations is providing derived communication services, and 5000 subscribers use the provider's services.

² Article 22 paragraphs 2-5 apply mutatis mutandis.

¹ The persons or entities required to cooperate that must allow the PTSS or the third parties that it instructs access to its installations shall allow the PTSS access to buildings, devices, lines, systems, networks and services to the extent required for surveillance.

² They shall make existing means of network access to public telecommunications networks available free of charge. In consultation with the PTSS or the third parties that it instructs they shall provide new means of network access at the expense of the PTSS to the extent that this is required for surveillance.

¹ Surveillance Type RT_22_NA_IRI comprises the real-time surveillance of a network access service in the mobile communications sector.

² The following secondary telecommunications data of telecommunications traffic sent or received via the network access service under surveillance must be transmitted in real time:

a.

when access to the network is established or disconnected: the date, the time, the type of event and the reason for disconnection;

b.

the type of current access to the network;

c.

the AAA information used by the network access service under surveillance, in particular the subscriber identifier and the IMSI in the case of mobile communications;

d.

the IP addresses or address ranges assigned to the network access service under surveillance and the date and time of each assignment;

e.

the available addressing elements of the network access service under surveillance, in the case of mobile communications, for example, the MSISDN or the IMSI;

f.

the unique device identifiers in accordance with international standards for the current terminal devices of the network access service under surveillance (e.g. IMEI, MAC address);

g.

the type, date and time of the start and if applicable the end of technical modifications of access to the network (e.g. location update, change in mobile communications technology) and, if known, its causes;

h.

the target's available current location data or the cell used by the target or of the WLAN access point used by the target in accordance with paragraph 3.

³ The location data comprise:

a.

the identifiers or a combination of identifiers (e.g. CGI, ECGI, SAI, RAI, TAI, BSSID) and the geographical coordinates, and, if applicable, the main direction of emission of the cell or of the WLAN access point, and, if available, the type of mobile communications technology used;

b.

the position of the target determined by the network, for example in the form of geographical coordinates and the related uncertainty value, or in the form of polygons with details of the geographical coordinates of each polygon point, and, if available, the type of mobile communications technology used; or

c.

if available, other details in accordance with international standards of the location of the target or of the cell or of the WLAN access point, and, if available, the type of mobile communications technology used.

Surveillance Type RT_23_NA_CC_IRI involves the real-time surveillance of a network access service. The content of the telecommunication sent or received via the network access service under surveillance, and the related secondary telecommunications data in accordance with Article 54 paragraphs 2 and 3 must be transmitted in real time.

¹ Surveillance Type RT_24_TEL_IRI comprises the real-time surveillance of a telephony and multimedia service and, if applicable, converging services, in particular SMS, voice mail and RCS. The following secondary telecommunications data of the telecommunication that is sent, processed or received via the services under surveillance must be transmitted in real time:

a.

the date and the time of logging-in and logging-out processes and their result;

b.¹⁹

the AAA information used by the services under surveillance and the information on registration and subscription events and the corresponding responses, in particular the subscriber identifier (e.g. SIP URI, IMPI) and the IMSI in the case of mobile communications;

b^bis.²⁰

if applicable, the customer's and server's IP addresses and port numbers as well as details of the protocol used;

c.

the signalling information, in particular on the serving system, on subscriber status and on service quality;

d.

if applicable, the presence information;

e.

in the case of communications, communication attempts and technical modifications (e.g. inclusion of additional services, inclusion of or change to converging services, changes in mobile communications technology, location updates), if applicable:

1.

their type, the date and the time of their start and if applicable their end,

2.

the addressing elements (e.g. MSISDN, E.164-number, SIP URI, IMPU) of all subscribers in communication and their role,

3.

the actual known destination address and the available intermediate addresses where the communication or the communication attempt is diverted or forwarded,

4.

the unique device identifiers in accordance with international standards for the terminal devices of the services under surveillance (e.g. IMEI, MAC address),

5.

the other available identifiers,

6.

the reasons for the termination of communication or its non-materialisation or for the technical modification,

7.

the signalling information on additional services (e.g. conference calls, call forwarding, DTMF),

8.

the status of the communication or of the communication attempt,

9.

and in the case of mobile location services, the available current location data for the target or the cell used by the target or for the WLAN access point used by the target in accordance with paragraph 2.

² The location data comprise:

a.

the identifiers or a combination of identifiers (e.g. CGI, ECGI, SAI, RAI, TAI, BSSID) and the geographical coordinates of the cell or the WLAN access point and, if available, the type of mobile communications technology used;

b.

the position of the target determined by the network, for example in the form of geographical coordinates and the related uncertainty value, or in the form of polygons, with details of the geographical coordinates of each polygon point as well as the type of mobile communications technology used; or

c.

if available, other details in accordance with international standards relevant to the location of the target or the cell or of the WLAN access point, and the type of mobile communications technology used.

Surveillance Type RT_25_TEL_CC_IRI comprises the real-time surveillance of a telephony and multimedia service and, if applicable, converging services, in particular SMS, voice mail and RCS. The content of the telecommunications traffic sent, processed or received via the services under surveillance, as well as the related secondary telecommunications data in accordance with Article 56 must be transmitted in real time.

Surveillance Type RT_26_EMAIL_IRI comprises the real-time surveillance of an email service. The following secondary telecommunications data on the telecommunications traffic sent, processed or received via the service under surveillance must be transmitted in real time:

a.

the date and the time of logging-in and logging-out processes and their status;

b.

the AAA information used by the service under surveillance, in particular the subscriber identifier and, if applicable, the alias address;

c.

the customer's and server's IP addresses and port numbers as well as details of the protocol used;

d.

the date, time, volume of data, email addresses of the sender and the recipient of the message and the IP addresses and port numbers of the sending and receiving email servers for the following events:

1.

sending or forwarding of a message,

2.

receipt of a message,

3.

processing of a message in the mailbox,

4.

downloading of a message from the mailbox,

5.

uploading of a message to the mailbox.

Surveillance Type RT_27_EMAIL_CC_IRI comprises the real-time surveillance of an email -service. The content of the telecommunications traffic sent, processed or received via the service under surveillance, as well as the related secondary telecommunications data in accordance with Article 58 must be transmitted in real time.

Surveillance Type HD_28_NA includes the retroactive surveillance of secondary telecommunications data of a network access service. The following secondary telecommunications data of the past telecommunication that has been sent or has been received via the network access service under surveillance must be transmitted:

a.

the date and the time of the start and if applicable the end or the duration or the session;

b.

the type and status of the network access;

c.

the identifier that was used for authenticating the user at the access point under surveillance, for example the user name;

d.

the IP addresses or address ranges assigned to the target and their type;

e.

if available, the unique device identifier of the terminal device used by the target in accordance with international standards (e.g. MAC address, IMEI in the case of mobile communications);

f.

if available, the volumes of data that were uploaded and downloaded during the session;

g.

in the case of access to the network via mobile communications: the GPRS or EPS information (in particular IMSI or MSISDN) and the following location data at the beginning and the end of the session as well as during the session if available; if known, additional location information from maritime navigation or aviation must be transmitted:

1.

the cell and region identifiers as well as the geographical coordinates, the postal addresses and if applicable the main directions of emission the cells used by the target, or

2.

the positions of the target determined by the network (e.g. in the form of geographical coordinates and the related uncertainty value, or in the form of polygons with details of the geographical coordinates of each polygon point) as well as the related postal addresses, or

3.

other details in accordance with international standards of the target's locations or the cells that he or she used, as well as the related postal addresses;

h.

in the case of access to the network via a public WLAN: the BSSID, and, if available, the SSID and the location data in the form of geographical coordinates and the postal address of the WLAN access point used by the target; the user name, the type of authentication, the available additional information on user authentication (telephone number, MAC address, IMSI, user identifier and password used for authentication) and the IP address of the WLAN access point. If available, additional location information from maritime navigation or aviation must be transmitted;

i.

in the case of fixed network access: the addressing elements of the access to the network and. if available, the postal address.

Surveillance Type HD_29_TEL comprises the retroactive surveillance of secondary telecommunications data of a telephony and multimedia service and, if applicable, converging services, in particular SMS, MMS and voice mail. The following secondary telecommunications data of the past telecommunications traffic in communications and communication attempts using the services under surveillance must be transmitted:

a.

their type, the date and time of the start and, if applicable, the end or their duration;

b.

the addressing elements (e.g. MSISDN, E.164-number, SIP URI, IMPU) of all subscribers in communication and their roles;

c.

the reason for the end of the communication or the communication attempt;

d.

in the case of mobile communications (multimedia services if available): the IMEI of the terminal device used by the target and the IMSI of the target;

e.

if applicable, the type of carrier service;

f.

in the case of SMS and MMS: the information on the event, the type (only in the case of SMS) and the status;

g.

in the case of mobile communications: the location data for the cell used by the target at the beginning and at the end of the communication or of the communication attempt. If known, additional location information from maritime navigation or aviation must be transmitted:

1.

the cell and region identifiers, the geographical coordinates and if applicable the main directions of emission and the postal address, or

2.

the positions of the target determined by the network (e.g. in the form of geographical coordinates and the related uncertainty value or in the form of polygons with details of the geographical coordinates of each polygon point) as well as the related postal addresses, or

3.

other details in accordance with international standards of the target's locations or the cells that he or she used, as well as the related postal addresses;

h.

in the case of multimedia services:

1.

the customer's IP address and its type and the port number,

2.

the communication correlation identifier,

3.

the types of multimedia content,

4.

information on the multimedia components (time, name, description, initiator, access-correlation identifier), and

5.

if applicable, information on the IMS services (type of IMS service used, role of the network element from which the secondary telecommunications data come); and

i.

in the case of multimedia services: information on the target's network access:

1.

the access type,

2.

the access class,

3.

whether the information on access to the network comes from the network, and

4.

the location data relating to the network access at the beginning and the end of the multimedia session, and, if available, during the multimedia session:

-

in the case of access to the network via mobile communications: the location data for the cell used by the target in accordance with letter g, or

-

in the case of access to the network via WLAN: the available location data of the WLAN access point used by the target (geographical coordinates, postal address), or

-

in the case of fixed network access: the available postal address of the access used by the target.

Surveillance Type HD_30_EMAIL comprises the retroactive surveillance of secondary telecommunications data of an email -service. The following secondary telecommunications data of the past telecommunication sent, processed or received via the service under surveillance must be transmitted:

a.

the date, the time, the type of event, the subscriber identifiers, if applicable the alias address, the sender and recipient addresses, the protocol used, the IP addresses of the server and the client, and, if applicable, the delivery status of the message in the case of the following events: sending, receipt, mailbox log-in, mailbox log-out and in the case of the following events, if available: downloading, uploading, deletion, processing, addition of a message;

b.

the IP addresses and names of the sending and receiving email servers.

Surveillance Type HD_31_PAGING comprises the identification of the most recent activity detected by the mobile telephony provider (network access services, telephony and multimedia services) on the mobile terminal device of the person under surveillance and providing the MSISDN, IMSI, IMEI (if available), the type of mobile communications technology, the frequency band, the unique identifier of the mobile network, the date and time of most recent activity detected, as well as one of the following details required to determine the location:

a.

information about the cell used: the identifier or a combination of identifiers (e.g. CGI, ECGI, SAI, RAI, TAI), the postal address, the main direction of emission or, in the case of complex cells, the main directions of emission and the type of cell, the geographical coordinates;

b.

the postal address and details of the position of the terminal device during its most recent activity as determined by the network, for example in the form of geographical coordinates and the related uncertainty value or in the form of a polygon together with details of the geographical coordinates of each polygon point; or

c.

the postal address and other standardised details determined by the network of the position of the terminal device during its most recent activity or of the location of the cell used.

¹ Surveillance Type AS_32_PREP_COV comprises the network analysis in preparation for an antenna search in accordance with Article 66. It is carried out by the TSPs and serves to identify the mobile radio cells or public WLAN access points that most probably cover the location described by the ordering authority in the form of geographical coordinates or by means of postal address, if applicable taking account of additional information (e.g. time of day, weather, day of the week, location within or outside of a building).

² The TSPs shall supply the PTSS with a list of cell identifiers (e.g. CGI, ECGI) or the BSSID for the mobile radio cells or public WLAN access points identified.

¹ Surveillance Type AS_33_PREP_REF comprises the identification of mobile radio cells or public WLAN access points on the basis of reference communications and instances of reference network access in preparation for an antenna search in accordance with Article 66.

² The ordering authority shall itself arrange for reference communications to be made and the reference network to be accessed at the location concerned and shall send the PTSS a list with the following related details:

a.

the type of communication or of access to the network;

b.

the date and the time of the communication or access to the network;

c.

the addressing element of the telephony and multimedia service used or of the network access service;

d.

if applicable, the name of the mobile network used.

³ The PTSS shall instruct the TSPs, on the basis of the secondary telecommunications data relating to previous telecommunications traffic, to identify the mobile radio cells or public WLAN access points used in each case base at the beginning and at the end of the reference communications and instances of reference network access in accordance with paragraph 2 and to provide it with a list of the corresponding cell identifiers (e.g. CGI, ECGI) or BSSID completed in accordance with paragraph 2.

¹ Surveillance Type AS_34 comprises the retroactive surveillance of all communications, communication attempts and instances of network access that have taken place via a specific mobile radio cell or a specific public WLAN access point over a period of up to two hours.²¹

² The TSP shall supply the secondary telecommunications data resulting from paragraph 1 relating to previous telecommunications traffic in accordance with Article 60 and 61.

The following types of surveillance may be ordered for a missing person search in accordance with Article 35 SPTA:

a.

Type EP_35_PAGING: determining the most recent activity detected by the mobile telephony provider (network access services and telephony and multimedia services) of the mobile terminal device belonging to the missing person or a third party and provision of the MSISDN, the IMSI, the IMEI (if available), the type of mobile communications technology, the frequency band, the unique identifier of the mobile network, the date and the time of the most recent activity detected as well as any one of the following details required to determine the location:

1.

information about the cell used: the identifier or a combination of identifiers (e.g. CGI, ECGI, SAI, RAI, TAI), the postal address, the main direction of emission or, in the case of complex cells, the main directions of emission and the type of cell, the geographical coordinates,

2.

the postal address and the details of the position of the terminal device determined by the network during its most recent activity, for example in the form of geographical coordinates and the related uncertainty value or in the form of a polygon together with details of the geographical coordinates of each polygon point, or

3.

the postal address and other standardised details determined by the network of the position of the terminal device during its most recent activity or of the location of the cell used;

b.

Type EP_36_RT_CC_IRI (real-time surveillance of content and secondary telecommunications data): the combination of types of surveillance in accordance with Article 55 (network access services) and in accordance with Article 57 (telephony and multimedia services);

c.

Type EP_37_RT_IRI (real-time surveillance of secondary telecommunications data): the combination of types of surveillance in accordance with Article 54 (network access services) and in accordance with Article 56 (telephony and multimedia services);

d.

Type EP_38_HD (retroactive surveillance of secondary telecommunications data): the combination of types of surveillance in accordance with Article 60 (network access services) and in accordance with Article 61 (telephony and multimedia services).

The following types of surveillance may be ordered for a search for convicted persons in accordance with Article 36 SPTA; "wanted person search" must be indicated in the surveillance order as the reason for surveillance (Art. 49 para. 1 let. e):

a.

one of the types of real-time surveillance of the content and secondary telecommunications data of network access services or applications in accordance with Articles 55, 57 or 59;

b.

one of the types of real-time surveillance of secondary telecommunications data of network access services or applications in accordance with Articles 54, 56 or 58;

c.

one of the types of retroactive surveillance in accordance with Articles 60-63;

d.

an antenna search in accordance with Article 66 and the corresponding preparations in accordance with Article 64 and 65.

¹ Surveillance Type ML_50_RT may be ordered for the mobile phone localisation of suspected terrorists in accordance with Article 23q paragraph 3 of the Federal Act of 21 March 1997²⁴ on Measures to Safeguard Internal Security.

² It comprises the combination of real-time surveillance of the secondary telecommunications data required for mobile phone localisation in the case of mobile network access services, mobile telephone and multimedia services and, if applicable, convergent mobile services, in particular SMS, Voice Mail and RCS.

³ In the case of mobile network access services, the secondary telecommunications data from telecommunications traffic in accordance with Article 54 paragraph 2 letters a-c, g and h and paragraph 3 must be transmitted.

⁴ In the case of mobile telephone and multimedia services and convergent mobile services, the secondary telecommunications data from telecommunications traffic in accordance with Article 56 paragraph 1 letters a, b, d and e numbers 1 and 9 and paragraph 2 must be transmitted.

Surveillance in accordance with Articles 56-59, 61 and 62 also includes telecommunication carried out via the services under surveillance that can be assigned to the identifier under surveillance (target ID) even if the identifier under surveillance is not administered by the provider given the assignment.