Elected officers are subjected to a security check

Laws, ordinances, edicts and comments

General administrative regulations for the implementation of the Lower Saxony Security Review Act (VV Nds.SÜG)
RdErl. D. MI v. April 20, 1998 - 46.2-18721.2 (Nds.MBl. 1998 No. 33, page 1125, last amended by RdErl. Of November 8, 2010 (Nds.MBl. 2011 No. 1, page 2) - VORIS 20480 00 00 03 020 -
Reference:

a) Known v. November 9, 1989 (Nds.MBl. P.1170), amended by RdErl. May 29, 1992 (Nds.MBl. P. 890) - VORIS 20480 00 00 03 011 -
b) Erl. V. 11/21/1989 - 41.1-02226 VS-NfD - (n.v.)
c) RdErl. V. 2.3.1994 - 55.3-02226 - (n.v.) - VORIS 20480 00 00 03 015 -
d) RdErl. V. November 8, 1994 - 55.31-18746 - (n.v.) VORIS 20480 00 00 03 016 -
e) RdErl. V. 22.12.1994 - 55.31-01212 / 1 - (n.a.) - VORIS 20480 00 00 03 017 -
f) RdErl. V. January 31, 1995 - 55.31-18744 - (n.v.) - VORIS 20480 00 00 03 018 -

1. To carry out the Nds. SÜG, the general administrative regulations printed in the annex will be issued for personal secrecy protection when accessing classified information.

2. The material security protection is regulated in the classified information instruction, annex of the RdErl. Of 13.2.1997 (Nds.MBl. P.664).

3. The purchase orders are repealed.

______
To the
Provincial administration offices
Counties, municipalities and other corporations,
Institutions and foundations under public law


investment

General administrative regulations
for the implementation of the Lower Saxony Security Review Act
(VV Nds. SÜG)

First section
General rules

On Section 1, Paragraph 1:

The scope of the law extends to security-sensitive activities with which a person is to be entrusted by the state or by a public corporation subject to the state's supervision. The law therefore applies to all authorities and offices of the state administration, to the municipalities and districts subject to the supervision of the state, as well as to non-public bodies. This includes not only members of the public service and non-public offices, but also applicants.

The term "entrusted" is used as a generic term and includes the authorization to access classified information in accordance with Section 15 (1) of the Classified Information Instructions (VSA), the authorization for an activity in accordance with Section 15 (2) VSA and the formal obligation to Confidentiality of classified information in accordance with Section 49 (2) VSA.

The person who is supposed to perform a security-sensitive activity is referred to as the "data subject". The security check must be completed before the person concerned is entrusted with a security-sensitive activity. The provisional assignment of a security-sensitive activity can only be considered under the prerequisites of § 12.

If the person concerned is domiciled in another federal state, the participating authority must establish agreement with the federal state of the place of residence if it is active there as part of the security check, cf. § 2 (3) NVerfSchG. It should be noted, however, that the query of files (in the case of a simple security check - in the following: Ü 1) does not represent the action of a constitutional protection authority in another federal state, so that in these cases the consent of the federal state of the place of residence is dispensable (see letter from Federal Ministry of the Interior of July 23, 1996 - IS 1-601 025-1 / 4 -).

The regulations applicable to the authority involved in the security check also apply to security checks carried out by way of administrative assistance for the federal government or another federal state, see Section 7 (1) of the Administrative Procedure Act (VwVfG).

On Section 1, Paragraph 2:

The central point of contact for a security-sensitive activity is the classified information, which is defined in more detail in § 3. The law applies to all classified information, both those originally produced by the state and those that have been sent to the state, e.g. classified information from other federal states or the federal government.

The material handling of classified information is regulated in the VSA.

In relation to Section 1, Paragraph 2, No. 1:

"Access to classified information" has people who are supposed to take note of the content of a classified information, see Section 15 (1) VSA. The type of cognition, i.e. seeing or hearing, does not matter.

"Being able to gain access on the basis of one's official or professional activity" covers activities that do not provide for knowledge of the content, but enable it. The obvious possibility that people can also gain knowledge of the classified information makes their activity a security-sensitive activity; see Section 15 (2) VSA. Therefore the courier, the messenger or the messenger who is entrusted to the transport, must be checked for his or her reliability as well as the person who is aware of the content of the classified information. The same applies to people who repair information technology equipment that is used to transmit, process or secure classified information, see No. 1.9 in conjunction with No. 4.2 of the Guideline for Assault and Burglar Alarm Systems with Connection to the Police, RdErl. Of 8.4.1987 ( Nds.MBl. P.354).

On Section 1 (2) No. 2:

The law only applies to classified information from supranational institutions and bodies if the federal government or the state has expressly committed itself to protecting classified information.

In relation to Section 1 Paragraph 2 No. 3:

A security-sensitive activity is also carried out by anyone who, without having access to classified information, works in an authority or other public body in the country or in a part of it, which has been declared a security area due to the scope and importance of the classified information there , see Section 6, Paragraph 4.

On Section 1, Paragraph 3:

The wording "does not apply" means that no security check has to be carried out before the group of people named in Nos. 1 to 4 have access to classified information. However, verification is possible on a voluntary basis.

Insofar as the group of people named in paragraph 3 has access to classified information of NATO or the WEU, this is only possible according to the applicable internationally binding provisions of these organizations if a security check is carried out beforehand.

On § 1 Paragraph 3 Nos. 1 and 2:

The constitutional position of the members of the LT and LReg as well as the judiciary make it appear necessary to exclude this group of people from the scope of the law. In the case of judges, for example, the right to a legal judge derived from Article 103 (1) of the Basic Law could be violated if a judge had to be rejected because of a negative result of the security check. Overriding interests in secrecy can be taken into account by the state when weighing up whether the content of the classified information is brought into the process or not (see Section 96 of the Code of Criminal Procedure - StPO - and Section 99 of the Administrative Court Code).

However, if judges perform administrative tasks and have access to classified information, they must be subjected to a security check.

On § 1 Paragraph 3 No. 3:

Pursuant to No. 3, the law does not apply to foreign nationals who are supposed to carry out a security-sensitive activity in the Federal Republic of Germany in the interests of intergovernmental institutions and bodies in accordance with paragraph 2 No. 2. According to the existing international agreements, in these cases the home state carries out the security check for its citizens, and the home state's decision on admission to security-sensitive work must be accepted by the country of residence.

However, if foreign nationals are to perform a security-sensitive activity solely in the interests of the country, i.e. to gain access to German classified information, they will be checked in accordance with the provisions of this law, unless otherwise stipulated in bilateral or multilateral agreements.

On § 1 Paragraph 3 No. 4:

The privilege according to No. 4 is based on the special position that this group of people enjoys on the basis of their election and the constitutionally justified independence that it achieves. It applies to

-the data protection officer or the data protection officer,
-the President of the Lower Saxony State Audit Office and the Deputy and
- for full-time mayors directly elected according to the NGO new version and full-time district administrators directly elected according to the NLO new version as well as the deputies to be instructed in accordance with Section 62 (4) NGO (new version) and Section 57 (5) NLO (new version). On the other hand, formal authorization of the group of people named in No. 4 to access classified information up to the level of confidentiality SECRET according to § 16 VSA cannot be waived, since instruction about the confidentiality obligations is deemed necessary.

As long as the old municipal constitution is still valid as a transitional regulation, the following applies to those elected under the old law:
For reasons of equal treatment, a security check must also be dispensed with:

a) for district administrators and mayors who, due to the transitional regulations (Article 11) of the law on the reform of Lower Saxony's municipal constitutional law of April 1, 1996 (Nds.GVBl. p.82) according to the regulations of the NLO old and NGO old from the municipal Representatives are elected,
b) for senior district directors and community directors who are elected for the first time according to No. 14 in conjunction with No. 7 or only according to No. 7 of the above-mentioned transitional regulations.

On Section 1, Paragraph 4:

In order to avoid multiple checks, a new security check can be dispensed with, e.g. after a change of employer, if an equivalent or higher security check has already been carried out at the federal or state level and the documents are available. Documents i.S. of this regulation are both the security and security clearance files, which must be complete. The decision not to carry out a security check is at the discretion of the competent authority.

To § 2:

In the case of the two highest types of checks, the spouse or life partner should be included in the security check. The reason for inclusion is based on the knowledge that security risks inherent in the person of the spouse or partner have an impact on the person concerned due to the close personal relationship. In the past, foreign agents have repeatedly entered into marriages or civil partnerships with "target persons". However, other circumstances that exist with the spouse or life partner (e.g. facts that are suitable for blackmail by a foreign intelligence service, or activities in the extremist area) can be of considerable importance for the security assessment of the person concerned.

The requirements of a civil partnership are congruent with those of the marriage-like community and are therefore based on the case law on the marriage-like community. In contrast to the marriage-like community, the civil partnership also includes the community of two people of the same sex, which is what is wanted here.

According to previous jurisprudence, a "marriage-like community" was to be assumed if there was a residential and economic community between a woman and a man or with same-sex partners. According to the latest case law of the Federal Constitutional Court (BVerfGE 87, 234, 265), the following requirements must be placed on the existence of a marriage-like union: According to this, legally unregulated relationships between men and women are only to be equated with spouses who are not separated if the ties of the partners are so close that mutual responsibility can be expected from them in the emergencies and vicissitudes of life, so that there is a community of responsibility and responsibility between them. The following indications can be considered as evidence:

-the shared apartment and the length of time they have lived together as the most important indicator,
- the care of children and relatives in the common household,
-the authority to dispose of the other partner's income and assets.

The indicative facts do not have to be conclusive or cumulative. Rather, what is decisive is the overall picture of the identifiable evidence.

The inclusion is formulated as a target specification and must therefore be carried out in principle. In exceptional cases, however, the responsible body can refrain from being involved. A practical case for the exception are separated spouses who no longer have a close personal relationship. The reason for the inclusion is the close personal relationship; if this is not the case, inclusion is not required. An exception can also be made if the spouse has already been involved in security checks several times and only refuses to consent to the inclusion during the current repeat check, but otherwise agrees to their data being given in the security declaration. In such a situation, the security officer has to decide on the basis of the individual case whether the inclusion can be waived as an exception. The reasons why the spouse refuses to give their consent are likely to be essential for the decision on an exception.

The inclusion means that the spouse or life partner is checked on the basis of the measures according to § 9 paragraphs 1, 3 and 5.

If the person concerned enters into the marriage or civil partnership during or only after a security check, there is an obligation to inform the competent authority. This information obligation is pointed out in the "Notes on completing the safety declaration" (Appendix 5).

On Section 3 Paragraph 1:

The definition of classified information corresponds to the description used in § 3 Paragraph 2 Clause 1 No. 1 of the Federal Constitutional Protection Act and § 3 Paragraph 3 Clause 1 No. 1 NVerfSchG; it applies regardless of the form of representation. Documents, drawings, cards, photocopies, light material, punched tapes, magnetic memories and electrical signals, buildings, devices and technical facilities as well as the spoken word are recorded. The prerequisite is that the classification in one of the classified information grades listed in paragraph 2 is identified.
The classification can only be carried out by a public institution or, at their instigation, also by non-public bodies, because it is information that must be confidential in the public interest.

In relation to Section 3 (2):

Only the three degrees of confidentiality of the classified information that require a security check are defined. For the definition of the confidentiality level VS-ONLY FOR SERVICE USE and for details of the classified classification see §§ 7 to 9 VSA.

In relation to Section 4 (1):

Paragraph 1 defines when a security risk exists.For the assumption of a security risk, there must be actual evidence, specifically in relation to the individual case (according to the constant case law of the BVerwG, NJW 1995 740, 741 with further evidence). Abstract possibilities or vague assumptions are insufficient to justify a security risk.

In relation to Section 4 (2):

The example cases listed in paragraph 2 are not exhaustive, which is clear from the word "in particular". The doubts about personal reliability need not be based on accusable behavior. It is also conceivable that there is a no-fault security risk, e.g. close relatives in a state in which special security risks are to be feared for those involved in security-sensitive activities, see No. 2.

On § 4 Paragraph 2 No. 1:

Doubts about the reliability can arise from general behavior of the person concerned. For example, criminal proceedings - especially convictions -, violations of official duties, excessive alcohol consumption, consumption of mind-altering drugs or medication, serious mental or emotional disorders, lack of secrecy or over-indebtedness can be. Regarding alcohol abuse, I refer to the decision of the BVerwG of November 27, 1996 - ZBR 1997, 155, 156 - according to which the abstract risk of relapse is insufficient for the assumption of a safety risk if medical prognoses estimate the risk of relapse to be low.

Even the incomplete completion of a security declaration is not enough on its own to justify doubts about the reliability.

On § 4 Paragraph 2 No. 2:

The security risk in No. 2 is based on many years of experience in counter-espionage. Foreign intelligence services exploit personal weaknesses to put people under pressure and force them to do intelligence work. These weaknesses can be, for example, over-indebtedness, gambling addiction and behavior that the person concerned wants to keep hidden.

Family relationships in countries to which special security regulations apply (cf. § 26) are also used as a means of pressure. Frequent trips to these countries can also expose the person concerned to a particular risk from opposing intelligence services.

On § 4 Paragraph 2 No. 3:

A security risk is regularly present when there are doubts about standing up for the free democratic basic order at any time. Classified information must not be entrusted to those persons who are known or assumed on the basis of factual indications that they do not always stand up for the existence of the free democratic basic order. The fundamental principles of the free democratic basic order are listed in Section 4 (3) NVerfSchG.

In relation to Section 4 (3):

A security risk for the person concerned can also arise if security-relevant information about the person of the spouse or life partner is available. For example, there may be indications of doubts about the reliability of the person concerned if the spouse or life partner has made significant criminal charges or belongs to or supports criminal or violent extremist groups. The doubts arise from the question of whether the person concerned, who maintains close personal relationships with such persons, can be entrusted with a security-sensitive activity. The wording "can" is intended to prevent special knowledge of hazards relating to the spouse or life partner from necessarily being a security risk for the person concerned. It depends on the individual findings.

Although not mentioned in the law, a security risk for the person concerned can also arise from security-relevant knowledge about other related persons, e.g. B. to parents or siblings.

In relation to Section 4 (4):

The definition of the security-relevant knowledge is necessary because it triggers measures as a preliminary stage to possible security risks, such as notification obligations and test measures that are legally stipulated as interventions in the right to informational self-determination (cf. § 10 para. 1, § 13 para. 1, § 14 para. 2). In contrast to the prerequisites for a security risk, it is not necessary here for the clue to be "actual". So z. B. a substantiated reference to a security-relevant issue, which - if it were confirmed by investigations - would be regarded as a security risk.

In relation to Section 5 (1):

The person concerned must be fully informed about before the start of the security clearance

- the type of security clearance it is scheduled to carry out,
- the requirement of consent,
- the verification measures, including the involvement of the spouse or partner, starting with the extended security check - hereinafter referred to as: Ü2,
-Storage, earmarking and transmission of personal data,
- Destruction and deletion periods,
- Right to information and access to files,
- the right of objection according to § 24 Paragraph 2 Clause 4 No. 2 Letter c of the Federal Data Protection Act - BDSG - (see Gem.RdErl. of the StK, the MI and the remaining min. of 15.9.1993, Nds.MBl. S.1156 ).

Furthermore, an instruction about the right to refuse disclosure according to § 5 Paragraph 3 has to be given.

The information on the questioning of suitable informants and other suitable bodies according to Section 9 (4) sentence 2 and Section 10 (3) sentence 1 is not addressee-related, but only extends to the measure as such.

In relation to Section 5 (2):

The consent as a prerequisite for the security check ensures that no one is forcibly checked. It is i.S. effective security protection if no persons are employed in security-sensitive activities who have been security-screened against their will. The reliability of such persons when dealing with classified information would be rather questionable. Consent can therefore be withdrawn at any time.

If the consent of the person concerned or the person involved is refused, the security check is impracticable with the consequence that the person concerned is not allowed to carry out any security-sensitive activity, see Section 11 (2) sentence 2 Not. However, the person concerned must accept the absence of a promotion or a higher grouping that would be associated with the transfer of the security-sensitive activity. If the person concerned is already performing a security-sensitive activity and refuses, for example, to consent to a repeat inspection, they must be released from the security-sensitive activity.

If the spouse or life partner refuses to consent to the disclosure of data in accordance with Section 8 (1) sentence 2, the security check cannot be carried out either.

If the consent of the person involved is only given under the condition that their personal data are not recorded and stored in an electronic data processing system, this alone does not prevent the security check from being carried out on the person concerned, see BVerwG, NVwZ-RR 1997, 105 ff.

If a security check reveals information that is relevant to security and which can only be clarified by taking measures in accordance with Section 10 (3) sentence 1, the consent of the person concerned or the person involved and, of course, prior notification are not required. If, on the other hand, measures according to Section 10 (3) sentence 2 are deemed necessary, the data subject must be informed and their consent must be given. If, for example, there are doubts about the identity after the result of a Ü1 carried out, the identity check according to Section 10 (3) sentence 1 is permitted without the consent of the person concerned. If, on the other hand, the involvement of the spouse is still considered necessary, the consent of both the person concerned and the person involved must be available.

Re Section 5, Paragraph 3:

Paragraph 3 adopts the principle from German criminal law that you can refuse to provide information with which you incriminate yourself. This principle is extended to the life partner as well as to the close relatives named in Section 52, Paragraph 1 of the Code of Criminal Procedure:

-the spouse, even if the marriage no longer exists,
- the fiancé or the fiancé,
-Relatives or by-laws in a straight line, relatives in the sideline up to the third degree, by-laws up to the second degree.

Conversely, the right to refuse to provide information makes it clear that if information is given, it must be made completely and truthfully and that no right to false information is granted. The secret protection officer decides which conclusions are to be drawn from the refusal to provide information, possibly with the participation of the NLfV. Under certain circumstances, the security check cannot be completed, with the result that the person concerned cannot be entrusted with a security-sensitive activity, see Section 11 (2) sentence 2.

Re Section 5, Paragraph 4:

While the person concerned is usually informed personally by the security officer, the spouse or partner is informed of the "Notes on completing the security declaration" (Appendix 5).

Second part
The security check at the authorities

In relation to Section 6 (1):

The competent authority is the authority that authorizes a person to access classified information (Section 15 (1) VSA), authorizes a person for an activity pursuant to Section 15 (2) VSA or a formal obligation to keep classified information secret pursuant to Section 49 (2) VSA wants to make. The security check is initiated in accordance with Annex 10. The tasks of the competent body are to be performed either by the agency manager or by the security officer appointed in accordance with Section 3 VSA. As a rule, the tasks are performed by the security officer, so that "the security officer" is used in daily practice for the term responsible body. The security officer to be appointed according to § 5 of the Lower Saxony Security Guidelines (Ann. Of MI dated November 9, 1989, Nds.MBl. P. 1170) no longer exists, since his tasks are merged with those of the security officer.

In the following explanations, the term “responsible body” is replaced by the term “the security officer” for better handling.

In addition to the tasks according to Section 3 (2) VSA, which include material security, the security officer is responsible for the following tasks:

-Performing the tasks according to the Nds. SÜG,
-Advice to the head of the department on all questions of personal security,
-Support of the authorities involved in accordance with Section 6 (3).

Other tasks should only be assigned to him or her insofar as the performance of tasks in the field of security is not impaired.

The security officer also has the right to speak directly to the head of the agency in questions of personal security; he or she should report directly to the head of the agency, to the state secretary in the case of the highest state authorities, and to the president in the case of the LRH. The direct right of presentation includes the direct right of submission.

The security officer is the "master of the security clearance process". He or she decides whether a security clearance is carried out, what type of security clearance is appropriate and whether or not a security risk is to be assumed.

In order to maintain the continuity and effectiveness of the secret protection practice, the secret protection officer and his or her employees should carry out their work for at least five years. You will be advised and trained by the NLfV.

Notwithstanding sentence 1, the MI determines the following deviating responsibilities in accordance with sentence 2:

  1. The MI is the authority responsible for the security clearance of state secretaries.
  2. The competent highest state authority is the authority responsible for the security check of the heads and their deputies of the directly subordinate authorities and departments as well as the security officers working there.

    The directly subordinate authorities and agencies, for whose heads a security check is required and the MI is responsible, currently include the NLfV, the State Criminal Police Office, the State Police and the BezReg.
  3. The BezReg is the responsible body for all security checks at subordinate authorities and offices as well as at the municipalities.
  4. The BezReg Hanover is also responsible for the Hanover Police Department and the departments established there, as well as for the Lower Saxony Police Office for Technology and Procurement.

    The BezReg Braunschweig is the responsible body for the Police Directorate Braunschweig and the departments set up there as well as for the educational institute of the Lower Saxony Police.
  5. In the case of subordinate authorities and other public bodies in the state, the responsible supreme state authority, if it is not already responsible, can take over the tasks of the responsible body itself or transfer them to an authority directly subordinate to it.

On Section 6 (2):

Paragraph 2 is intended to protect the person concerned from findings from the security check also being used for personnel administration purposes. The separation applies both organizationally, i.e. the security officer may not belong to the personnel department or department, and also in terms of personnel, i.e. the security officer may not exercise any personnel administrative function. It also follows from the separation that the security files may not be made accessible to the personnel administration office.

Findings from the security check may only be transmitted to the personnel administration office under the condition of Section 19 (1) No. 2.

On Section 6 (3):

Although the NLfV does most of the security clearance work, it is referred to as the participating authority in order to make it clear that the competent authority, as the "master of the procedure", is responsible for the security clearance.

The NLfV carries out the security checks for applicants and employees of the NLfV itself; It acts both as the responsible body and as a participating authority, whereby the tasks of the responsible body and the participating authority are to be performed separately in terms of personnel and organization.

Due to its function as a cooperating authority, the NLfV should not have a special position, but here, too, it should apply that the competent authority is "master of the procedure" and uses the participating authority to carry out the security check. A merger of the competent authority with the participating authority would violate the principle of the separation of informational powers and also lead to the loss of a supervisory authority, namely the competent authority over the cooperating authority.

On Section 6, Paragraph 4:

The MI is generally responsible for setting up security areas. The two prerequisites, the scope and importance of the classified information, must be present cumulatively.It is therefore not enough if a classified information of outstanding importance is present in an authority in order to declare it as a security area.

The NLfV is to be called in for technical advice, see Section 52 (2) sentence 1 VSA. The NLfV itself can be cited as an example of a security area.

In relation to Section 7 (1):

In order not to have to carry out a security check for every person who is only supposed to work in the security area for a short time, the competent body can dispense with the security check if the type or duration of the activity allows. Such a type of activity is given, for example, when using external personnel for repair, maintenance and cleaning work. The duration of the activity should be short-term, usually up to 14 days, with foreseeable repeated use of a corresponding total duration. In these cases, constant supervision is sufficient, see Section 52 (3) VSA.

On Section 7, Paragraph 2:

No. 2 takes into account the idea that people who are supposed to inspect a large number of classified information of the VS-CONFIDENTIAL category or who are able to gain knowledge of them accumulate knowledge that reaches the SECRET category. A high number can result from one-time dealing with many classified information classified as CONFIDENTIAL, e.g. as part of an examination or investigation procedure or through a long-term activity in which classified information is to be processed again and again.

The competent body has the option of carrying out an Ü1 in individual cases despite the presence of the prerequisites of No. 1 or 2 if it considers this to be sufficient according to the type and duration of the activity. In this case - unlike in paragraph 1 sentence 2 - due to the higher security sensitivity of the activity, it must check both requirements, i.e. both the type of activity and the duration of the activity, accordingly.

Such a type of activity can e.g. exist at

- Processing of only a single classified security transaction,
-temporary transport of classified information up to and including SECRET level.

The duration of the activity is here to be understood as a period of around three months - with foreseeable repeated use of a corresponding total duration.

On Section 7, Paragraph 3:

The extended security check with security investigations - in the following: Ü3 - is to be carried out for secrets carriers of the highest degree of secrecy and regardless of the level of access to classified information for applicants and for employees of the NLfV.

As with Ü2, the responsible body can also carry out a lower type of inspection (Ü1 or Ü2) for Ü3 if it considers it sufficient for the type and duration of the activity.

Such a type of activity can e.g. exist at

-Processing of only a single classified information process classified as TOP SECRET (possibly O 2 sufficient),
-Temporary transport of classified information up to the level of confidentiality TOP SECRET including (possibly O 2 sufficient),
-temporary employment at NLfV.

The limit for the duration of the activity is here at a period of about six months - with foreseeable repeated use of the corresponding total duration of the activity.

To § 8:

The security officer decides on the requirement and the type of security check. The reasons for the decision are to be put on record.

The group of data subjects is to be limited to what is technically and organizationally absolutely necessary. In the interests of effective administration, the number of security checks should be kept as low as possible. Security checks "in advance" are not permitted. Only when there is a high probability that the respective person will be entrusted with a security-sensitive activity should the review procedure be initiated. In the case of applicants, the security check must only be initiated if all other recruitment requirements have been met.

The reduction in the number of people who keep secrets is the strongest effect of the democratization process in Eastern Europe for the protection of secrecy. The collapse of communist ideology does not make security protection superfluous, nor does it lead to a lowering of the examination standard. The opening up of Central and Eastern Europe, however, considerably reduces the areas in which confidentiality is still required.

The person concerned should have reached the age of 18 if possible, as there is no requirement in the state area to make minors into carriers of secrets.

The security check is initiated with the request for the security declaration. The security officer asks the person concerned in writing (Annex 1) or verbally to submit a security declaration (depending on the type of inspection according to Annex 2 or 3) and, if an O2 or O3 is to be carried out, to attach two current photographs. Applicants and NLfV employees must also provide the information required in Appendix 3a. If the person concerned belongs to the group of people for whom a request is to be made to the Federal Commissioner for the Records of the State Security Service of the Former German Democratic Republic (BStU) according to Section 9 (5), they must at the same time be requested to provide the necessary information in accordance with To make Annex 8 and, if necessary, to request it from your spouse or life partner; See also comments on Section 9 (5). Simultaneously with the declaration form, the person concerned receives the following documents, depending on the type of verification:

-Explanations for completing the security declaration for the simple security check (Annex 4) with the list of countries (Annex 6),
- Explanations for completing the security declaration for the extended security review and the extended security review with security investigations (Annex 5) with the list of countries (Annex 6),
-Note on the right of objection according to § 24 Paragraph 2 Clause 4 in conjunction with Paragraph 6 BDSG with regard to the control of files via the security review by the State Commissioner for Data Protection - hereinafter: LfD - (Annex 7) and
-for Ü2 and Ü3 "Application for reimbursement of passport photos" (Appendix 5a).

The data to be specified in the safety declaration for both Ü1 (Appendix 2) and for Ü2 and Ü3 (Appendix 3) are listed finally. They are limited to the data with which security-relevant information about the data subject can be obtained.

The information of the person concerned and the person involved in accordance with Section 5 (1) to (3) by the security officer or the security officer takes place by taking note of the documents submitted. Additional verbal information to the person concerned is possible.

The right of objection according to § 24 Abs. 2 BDSG is to be asserted against the LfD for data protection.

If the employment authority is not the competent body itself, it requests the initiation of a security check, stating the security-sensitive activity with which the person concerned is to be entrusted and the type of security check planned.

Re Section 8 (1):

Which organizations i.S. of No. 12 are to be regarded as unconstitutional, results essentially from the MI's annual report for the protection of the constitution and a list of the objects of observation of the NLfV, which is made available to the police authorities.

The "states with special security risks" i.S. of No. 14 are listed in Appendix 6. The list is determined by the MI, continuously checked and, if necessary, adapted to the current security requirements.

With their consent, the data specified in sentence 2 must always be provided for the person of the spouse or life partner, even if these persons were not included in the security check. The data are evaluated by the NLfV, i.e., with the basic data, the network file of all constitutional protection authorities (NADIS) and the NLfV file is queried as to whether there are any security-relevant findings, cf. § 9 Paragraph 1 No. 1.

If consent to the disclosure of data is refused, the security check of the person concerned cannot be carried out (cf. § 11 Paragraph 2 Clause 2 and VV on § 5 Paragraph 2).

In relation to Section 8 (2):

Applicants and private individuals must bear the costs for the photographs themselves; In the case of public servants, the employer pays them up to 4 euros (Annex 5a).

Re Section 8, Paragraph 4:

The relevant information must be provided in accordance with Appendix 3a.

Re Section 8 (5):

Clause 2 establishes a general obligation for the person concerned that goes beyond Section 2 Clause 2 to correct the security declaration in the event of changing circumstances while a security check is still in progress. This correction obligation is pointed out in the "Notes on completing the security declaration".

Re Section 8 (6):

1. The completeness and consistency of the information provided will be checked by the security officer. When performing a Ü2 or Ü3 for the first time, the personnel file is usually to be viewed. Otherwise, inspection can be limited to those cases in which, when looking through the declaration, certain details give rise to doubts that cannot otherwise be resolved. The right to inspect personal files is to be exercised in particular if the inspection is necessary to clarify or assess security-relevant problem areas. In addition to inspecting personnel files, sentence 2 also expressly permits the person concerned to point out any gaps and contradictions in their own information and to question them.

If, on the basis of his or her examination, the security officer determines that the person concerned has a security risk that prevents use in a security-sensitive activity, then the procedure must be in accordance with Section 11. In these cases, the NLfV does not need to be involved.

2. To carry out the security check, the security officer sends the NLfV a copy of the security declaration, four PZD documents (Annex 12) for the person concerned and, if included in the security check, also four PZDs - Receipts for the spouse or life partner (and, if applicable, a copy of the information provided by the BStU). In addition, information available to the NLfV, which may be of importance for the security clearance, is communicated.

The date of the security declaration should not be more than two months ago when it was received by the NLfV; more than six months may in no case be exceeded.

In exceptional cases, the NLfV can also be asked to provide a preliminary result.

3. The NLfV can only be granted access to the personnel file with the consent of the competent body and the person concerned, if there is a security-relevant finding, for the clarification or assessment of which it is essential to inspect the personnel file. This excludes inspection to research security-relevant findings.

To § 9:

The NLfV acts on behalf of the security officer.

The security checks by the NLfV usually take the following times:

Verification typeReview durationPreliminary result
Ü 1approx. 2 to 3 weeksapprox. 2 to 3 days
Ü 2approx. 2 monthsapprox. 2 to 3 weeks
O 3approx. 6 monthsapprox. 2 months.

On § 9 Paragraph 1:

The safety assessment of all information in the safety declaration according to No. 1 is a basic requirement for further measures. The assessment is carried out on the person concerned, on the spouse, life partner and on the other persons, addresses and objects specified in the security declaration, taking into account the findings of the constitution protection authorities, whereby the NLfV makes inquiries with the NADIS and its own official file.

The mere request of the NLfV to the other authorities for the protection of the constitution in the form of the NADIS query about any knowledge available there about the spouse, the life partner and the other persons named in the security declaration does not mean that these persons are included in the security check, as only their own Findings are used and no authorities outside of the protection of the constitution are questioned.

Requests for information take precedence over file requirements. The need to request a file must be put on record.

The use of intelligence services is not permitted during security checks. Section 6 NVerfSchG finally regulates the procurement of information using intelligence services. The NLfV's duty to cooperate in accordance with Section 3 (3) NVerfSchG in the area of ​​security and reliability checks is not mentioned there as an application, so that the use of intelligence services is prohibited in reverse.

On § 9 Paragraph 2:

Paragraph 2 is based on the case that a Ü1 is carried out for the person concerned and the NADIS query produces information relevant to security, e.g. about the person of the spouse. The implementation of the further measures of the Ü1 is then only permitted with the consent of the spouse. If information relevant to security is still in need of clarification, then proceed according to § 10.

On § 9 Paragraph 3:

As additional measures, the Ü2 requires the identity of the person concerned to be checked and the spouse or partner to be involved.

The identity check on the basis of the questioning of two respondents named by the person concerned (as per Section 10 (2) No. 2a NSiR '89) is generally dispensed with, as this measure primarily involves smuggling attempts by the former Ministry for State Security (MfS ) should be prevented. A complete waiver of the identity check is not advisable, however, since it cannot be ruled out that other foreign intelligence services also try to smuggle agents with falsified identities into the group of people who carry secrets. The measures to be taken for Ü2 and Ü3 are sufficient to determine the identity of a person with sufficient certainty. If, despite these measures, there are still doubts about the identity, proceed according to § 10: As part of the self-interview, the person concerned may be asked to name persons providing information to verify their identity.

On Section 9 Paragraph 4:

As a further additional measure, the Ü3 requires security investigations, which are carried out by interviewing the reference persons specified by the person concerned. If necessary, respondents are also interviewed, i.e. people who know the person concerned but have not been named by them. There is a step-by-step relationship between the questioning of reference persons and those providing information. Interviewing respondents only comes into consideration if the statements of the reference persons are insufficient to be able to get a complete picture of the person concerned, e.g. if the reference persons are too close to the person concerned and give the impression that they are not giving an objective testimony .

If reference persons and informants are asked, they must be informed about the purpose of the survey, the intended further processing and the voluntary nature of their information. The purpose of the survey includes the following information:

-Carrying out a security check,
-person concerned of the security clearance, possibly person to be involved,
- uplifting body.

When interviewing the reference and information persons, the disclosure of personal data of the person concerned is to be limited to the personal data essential for identification, such as surname, first name, date of birth, gender and, if applicable, place of residence. In addition, the survey on security risks should take place in an abstract form, i.e. without passing on personal data of the person concerned, which have already been collected from other bodies or persons, to the reference or information person.

The survey reports have to be limited to what is factually necessary. They are not intended to contain a detailed reproduction of the conversations with the reference persons, but rather constitute a summary report that only contains the information required for the purposes of confidentiality. In principle, no information about health, intimate affairs, official services, data of third parties and party assignments are to be included, unless these findings are directly related to confidentiality.

On Section 9 (5):

1. Inquiries from the security officer to the BStU are made in two cases. In the case of residents of the former GDR, the information relates to the question of whether the person concerned worked full-time or unofficially for the state security service, cf. §§ 20 and 21, respectively, paragraph 1 no. 6 letter g of the Stasi documents- Law (StUG). For people who did not live in the former GDR, the request will only be made if there are indications that suggest that they are working for the State Security Service.

The key date of January 1, 1970 and residence in the former GDR is due to the fact that in 1989 the peaceful revolution ushered in the end of the SED regime and with it the activities of the state security service. Those born after January 1, 1970 were no longer exposed to the access of the State Security Service shortly after they reached the age of majority, so that documents about them relating to the period after the age of majority should not be available. Another unwritten prerequisite for an inquiry is that the residents of the former GDR left it as an adult. A BStU request is only to be made for persons who were born in the former GDR and left it as minors if the requirements according to sentence 1 no. 2 are met.

The different prerequisites for inquiries take into account the fact that the residents of the former GDR were exposed to the direct influence of the State Security Service and thus it was much easier to recruit full-time or unofficial work for the State Security Service.

The term activity includes all forms of activity for the state security service of the former GDR. The group of people is wider than that of Section 6 (4) StUG, which is limited to employees.

2. In the case of inquiries to the BStU for persons born before 1.1.1970 who either lived in the area of ​​the former GDR until they joined the Federal Republic of Germany or who previously lived in the former GDR, the following procedure should be followed:

2.1 Inquiries for initial security reviews:

2.1.1 If it is certain that information from the BStU for the person concerned is neither available nor has it been requested by the personnel administration office on the occasion of personnel measures (recruitment, employment, continued employment in the public service), the person concerned will be notified of the Security check requested at the same time to provide the information necessary for an inquiry to the BStU in the "Application for determination of a possible activity for the State Security Service" according to Annex 8.

2.1.2 If the spouse is to be included in the security clearance, the person concerned will be asked at the same time to ask them to provide the necessary information in accordance with Annex 8 and to obtain their consent to the request.

2.1.3 If the personnel administration office already has information from the BStU, which should not be older than six months, for the person concerned, this will be consulted by the security officer and taken into account in the further process.

2.1.4 Does the information from the BStU contain security-relevant findings which, according to the security officer’s own assessment, pose a security risk i. S. of § 4, which precludes use in security-sensitive activities, he or she has to inform the person concerned of this. Section 11 applies to the procedure.

2.1.5 When sending the inspection documents to the NLfV, the security officer - depending on the case - will also inform you that

2.1.5.1 for the person concerned and, if applicable, the person to be included in the security clearance, an inquiry was made to the BStU on (date, reference) and the result is reported immediately, or else
2.1.5.2 the BStU has already received information from the BStU dated (date, ref.) for the person concerned, which did not provide any information, or else
2.1.5.3 information from the BStU on (date, ref.) is already available for the person concerned. If safety-relevant findings have emerged, a copy of the information from the BStU should be sent to the NLfV.

2.1.6 The application for the establishment of a possible activity for the State Security Service and also the information from the BStU must be included in the security file of the person concerned (cf. also VV on Section 15).

2.2 Inquiries about completed security checks:

2.2.1 If the spouse or life partner is subsequently included in the security review in accordance with Section 2 Clause 2, the person concerned will also be asked to ask the person to be included to provide the necessary information in accordance with Annex 8 do. When the inspection documents are sent to the NLfV with a "follow-up report on the security inspection" in accordance with Annex 11, the latter is also informed that an inquiry has been made to the BStU for the person to be involved on (date, ref A copy of the information from the BStU is reported.

2.2.2 As part of the updating of security reviews (Section 14, Paragraph 1) and repeat inspections (Section 14, Paragraph 2), a request must be submitted to the BStU

-catch up in cases in which an inquiry has not yet been made because the person concerned and / or the person to be involved belongs to the group of people for whom an inquiry to the BStU was initially not required according to previous administrative regulations, but was introduced later. The person concerned and / or the person involved is to be requested to provide the necessary information in the "Application for determination of possible activity for the State Security Service" in accordance with Annex 8;
-otherwise to repeat. The request must be repeated because the information provided by the BStU only relates to documents that have been made available up to then; the information is also subject to this reservation. Otherwise, findings from documents that were only developed later would not be taken into account.

The NLfV is to be informed of the result of the information (in the case of the repeat check, also of the renewed request to the BStU) in accordance with No. 2.1.5.

3. For residents of the Federal Republic who were not residents of the former GDR, a request to the BStU is only permissible if they have any indications for them, for example based on existing knowledge of the intelligence services or information from reference persons or informants there is an activity for the state security service of the former GDR.

On Section 9, Paragraph 6:

Paragraph 6 is intended to limit the individual security clearance measures to the extent necessary.

On § 10 Paragraph 1:

1.If the measures carried out reveal information relevant to security, the person concerned or the person involved must be given the opportunity to be heard before taking any further steps in order to contribute to the clarification of the facts by providing their own information (so-called self-assessment). This right to be heard at an early stage may prevent unnecessary data collection and transmission. The hearing envisaged here should not be confused with the final hearing in accordance with Section 11 Paragraphs 3 and 4.

2. If the person concerned was a citizen of the former GDR up to the time the border was opened in 1989, the person concerned or the person involved should belong to the travel cadre and to functions in the state, parties and society of the former To clarify the GDR.

The travel cadre had a particularly close relationship with the GDR regime. This involved a small, privileged group of people who, in addition to being loyal to the line, maintained close connections with the Stasi or were particularly subject to observation by the Stasi.

The question of a functionary activity aims to determine whether the person concerned or the person involved was a former full-time employee of the SED or a comparable mass organization. These functionaries also had a particularly close, system-oriented relationship with the GDR state. In addition, a "willingness to work closely with the MfS" was demanded of them, although they were not listed as unofficial employees of the MfS and inquiries to the BStU are irrelevant.

In order to provide evidence of the activities carried out in the former GDR, the person concerned or involved should be asked to present the ID card for work and social insurance (SVK), which each and every employed person in the former GDR received when starting work, to submit. The SVK served as proof of social security and was the basis for the later pension calculation. In addition to personal details and the personal identification number, it contains information about school visits, vocational training and further education, special qualifications, state awards, annual income, medical data and complete proof of all employment relationships with details of the respective employer.

The questions about membership of the travel cadre and functions in the state and society are security-relevant insofar as it must be checked in each individual case whether the person concerned stands up for the free democratic basic order at all times. In addition, there is a particular risk of blackmail by former members of the MfS, who have very precise knowledge of who has worked closely with them.

On § 10 Paragraph 2:

According to paragraph 2, the hearing will not take place if it conflicts with legitimate interests. It follows from the principle of proportionality that a partial hearing may take place. Interests of the federal government or a state that are worthy of protection can lie, for example, in the investigation of a suspected espionage case or in guaranteeing the protection of sources. In the case of applicants for a job in the NLfV, particular attention should be paid to the fact that third-party intelligence services try to research the intelligence services' level of knowledge or their recruitment practices through controlled applications from persons involved in the intelligence service.

In the case of the person concerned or the person involved, it may be necessary to prevent confrontation with serious suspicions until their truthfulness has been investigated. However, the interests of reference and information persons who have provided security-relevant information about the person concerned, which, due to the confidentiality commitment, cannot be made available to the person concerned until they are verified, may also be worthy of protection. The willingness to provide information and truthful information would decrease considerably if the statements of the reference and information persons were disclosed without closer examination.

On Section 10 Paragraph 3:

Sentence 1 determines the measures that may be carried out without further consent of the person concerned or the person involved. Other suitable bodies that can be questioned are, in addition to the public prosecutor's offices and courts, which are expressly mentioned in the law as the most frequent inquiry point due to criminal investigations, authorities such as the local police station of the current place of residence, associations, work colleagues, business partners, Employers and others, provided they can objectively contribute to clarifying the safety-relevant findings. The request for the criminal file based on an entry in the Federal Central Register (BZR) is a typical application. A proper assessment of the crime from a security point of view can only be made when the details of the circumstances are known.

According to sentence 2, the competent body can initiate further measures at a higher level of the security check if security-relevant findings have emerged in the course of the security check that can only be clarified by means of measures at the next higher level of the check. In these cases, the NLfV will approach the security officer and coordinate the necessary measures. The need for further measures must be documented in the security file. In contrast to the measures according to sentence 1, the consent and also the information of the affected and the person involved are required here.

On § 11 Paragraph 1:

If the NLfV comes to the conclusion that there is no security risk in accordance with Section 4 (1), it shall inform the security officer of this. If findings arise that do not justify a security risk, but are still relevant to security, these will be communicated.

Security-relevant findings from which no security risk can be derived can, for example, be clues that are too vague or relate to an issue that has been in the past that is no longer assessed as a security risk due to the passage of time. By communicating the security-relevant findings to the security officer or the security officer, they have the opportunity to carry out their own assessment. Furthermore, the security officer is put in a position to determine whether in the future, if further information is added, a security risk may arise from the previous security-relevant knowledge.

The NLfV can give safety instructions for a notified safety-relevant knowledge. This includes case-related recommendations that are used, for example, for further care of the person concerned on the occasion of relationships in states with special security risks (see Section 8, Paragraph 1, Clause 1, No. 14) or due to financial burdens (see. 1 sentence 1 no. 10) appear necessary.

The NLfV will notify you by letter in accordance with Annex 13.

If the NLfV comes to the conclusion that the security-relevant findings justify the assumption of a security risk, it will inform the security officer in writing, stating the reasons and their assessment. The security officer can, if necessary, request additional explanations from the NLfV.

In the subordinate area, information is provided by the competent highest state authority. In the event of a security risk, the competent authority is informed via the highest state authority against the background of using the experience of a highest state authority that is more frequently involved with security reviews, and because of Section 43 BZRG.

The NLfV only reports on entries in unrestricted information from the BZR that are not included in a certificate of good conduct (cf. § 41 Para. 1 BZRG) insofar as these are relevant to safety in its assessment.The NLfV reports on such entries only to the competent highest state authority with reference to the provision of § 43 BZRG; Transfers to other authorities are not permitted. Whether, in the case of a security risk, the requirements of § 43 BZRG for disclosure to subordinate authorities by the highest state authority ("... if this is essential to avoid disadvantages for the federal government or a state or if otherwise the fulfillment of public tasks is significantly endangered or would be made more difficult "), this needs to be checked on a case-by-case basis.

The information is given by letter in accordance with Annex 14.

On § 11 Paragraph 2:

The responsibility for the decision as to whether the person concerned is active in the security-sensitive area rests with the security officer. The decision should, if possible, be made in agreement with the NLfV; but it can also be taken against his vote.

The security officer makes the final decision according to his or her best judgment. If a third party, e.g. superiors, tries to influence the decision as part of a security check, the security officer can make use of the direct right to speak to the head of the authority.

If the security officer comes to a different security assessment than the NLfV, a joint discussion is required before the decision is made. If the security officer and the NLfV do not come to a uniform assessment in individual cases, either side (the security officer, if necessary via the competent supreme state authority) can switch on the MI if this appears necessary due to the special nature or importance of the case. The MI assesses the case from a fundamental point of view. The final decision remains with the security officer.

Entrusting a security-sensitive activity is not permitted if there is a security risk or the determinations required for the security check cannot be made. Since doubts about reliability already give rise to a security risk (Section 4 (1)), security interests must be given priority in case of doubt, since the security of the state as a constitutional power for peace and order and the security of the population that it guarantees are indispensable constitutional values.

The necessary determinations for the security check cannot be made, in particular, if the consent required by law of the person concerned or the person involved or the spouse who is not involved is not given, cf. also VV on § 5 Paragraph 2. The reliability of the The person concerned is not called into question in this case.

The security check cannot take place even if the person concerned has not been in the Federal Republic of Germany for long enough for their security-relevant behavior to be adequately checked. As a rule, a period of around five years is sufficient for Ü1, otherwise around ten years. A shorter period of time may be sufficient if information persons living here are named who can provide information about the identity as well as the professional and social activities in the above-mentioned periods.

If the security officer refuses to be entrusted with a security-sensitive activity, he or she shall inform the person concerned of this in writing. The rejection must be justified, taking into account the protection of sources and the legitimate interests of the persons and bodies questioned. The reason is omitted if it would result in a considerable disadvantage for the security of the federal government or a state. The decisive reasons for this are to be put on record.

The security officer informs the personnel administration office whether the person concerned is allowed to perform security-sensitive activities. At the request of the person concerned, information about the reasons for a refusal can also be given in full, as long as this is safe in terms of security. The transmission of further personal data is based on § 19 Paragraph 1 No. 2.

On § 11 Paragraph 3:

Before a negative decision is made, the hearing procedure according to paragraph 3 must be carried out. The hearing is an important means of clarifying the facts, which also includes the subjective assessment by the person concerned. The person concerned should express himself personally and not send a representative. During the hearing, the personal impression made by the person to be checked is also important. However, it is permissible to consult a lawyer at the hearing.

The consultation procedure must be designed in such a way that the interests of the federal government, a state or the persons involved are guaranteed to be protected, cf.VV on Section 10 (2).

For the decision of the security officer, the NLfV also informs in its review result whether and to what extent interests worthy of protection are to be taken into account and / or whether and to what extent a hearing or notification of negative reasons should therefore be omitted for security reasons. The NLfV also provides information on how to proceed in these cases when hearing and / or informing the person concerned (see the NLfV's report on the results in accordance with Annex 14).

The cost of legal assistance at the hearing will not be reimbursed.

On § 11 Paragraph 4:

The reasons for hearing the person concerned apply equally to the spouse or partner.

To § 12:

The regulation takes into account the requirements of administrative practice when a quick decision is required as to whether a person should be entrusted with a security-sensitive activity. The risk remaining after the planned measures have been carried out can be accepted in individual cases if other interests are more important. The notification of the preliminary result takes place in accordance with Appendix 15.

Since there is a risk that a security risk will be determined by the time the security check has been completed and damage may have already occurred, the provisional allocation should only be used in cases that cannot actually be postponed.

When assigning a security-sensitive activity on the basis of a preliminary result of the NLfV, in the case of checked persons also in the form of a lower security check that has already been completed, it must be ensured that the prescribed security check is carried out immediately.

A security-sensitive activity may not be assigned without a preliminary security review that has already been completed.

On § 13 Paragraph 1:

The mutual notification obligation is intended to ensure that security risks that arise during the implementation of the security review process or subsequently can be recognized in the first place. Furthermore, any information that has been communicated, which turns out to be incorrect or incomplete to the detriment of the person concerned, must be corrected immediately, so-called follow-up reporting.

The NLfV checks the knowledge transmitted and determines whether there is a safety risk in accordance with Section 4 (1). The security officer is to be informed of the result of the examination. This check does not require renewed consent from the person concerned. The person concerned should not be warned in advance, especially in the case of intelligence.

On the basis of the opinion of the NLfV, the security officer decides whether a repeat inspection or individual measures according to Section 9 are to be initiated (see Section 14, Paragraph 2, Clause 2).

In relation to Section 13 (2):

The information obligation of the personnel administration office must be stipulated by law, since the principle of the separation of informational powers means that the information is a data transfer in terms of data protection law.

The information mentioned in sentence 2 nos. 1 and 2 is usually obtained from the personnel administration office. According to sentence 3, the secret protection officer is obliged to transmit these data to the NLfV immediately so that the security clearance file (see Section 15 (2)) remains up-to-date.

The notification according to No. 1 about official changes of the person concerned such as transfer, secondment, transfer and resignation, through which a security-sensitive activity is ended, is significant for the observance of the destruction mentioned in § 16 paragraph 1 and § 20 paragraph 2 and deletion periods. The notification enables the NLfV to independently monitor these deadlines.

Changes to the data subject i.S. of No. 2 require a security assessment, e.g. in the case of marriage, examination of the involvement of the spouse.

The personnel administration office is obliged to inform the security officer or the security officer and from there to the NLfV, in particular with regard to all circumstances that indicate a security risk for the person concerned and for the person involved. This also applies if the person concerned is released from the security-sensitive activity on the basis of the knowledge gained at the instigation of the security officer. The data mentioned in Nos. 3 to 5 are typical findings that represent possible security risks, although the list is not exhaustive. No. 5 also covers preliminary disciplinary investigations. A transmission of the

-Evidence of mental disorders, especially pathological dependencies on alcohol, drugs or tablets,
-Evidence of over-indebtedness, in particular attachment and transfer decisions,
- Criminal and disciplinary matters as well as official and labor law measures

to the NLfV should only be made if the security officer considers them to be relevant to security and has them checked by the NLfV with regard to a security risk (cf. VV on paragraph 1).

On § 14 Paragraph 1:

The supplement to the security declaration by the person concerned means a routine update and relates to all security reviews (Ü1 to Ü3). The update must take place at the latest every five years, shorter intervals, but also slight time overruns are permitted (for a sample letter to the person concerned, see Appendix 1). If the update is carried out for a security review that was carried out before the Nds. SÜG was carried out on the basis of the security declaration form no. 022 000 070, the information can be supplemented by the person concerned on page 8 of the form mentioned.

The routine update can be dispensed with if it is certain that the person concerned will retire from a security-sensitive activity within about two years (e.g. for reasons of age).

The security officer checks whether the additions result in security-relevant circumstances and informs the NLfV of the result of the check. In particular, the NLfV must be informed of all changes that the person concerned has indicated using the form in accordance with Appendix 11 so that the NLfV can supplement or correct its database. The NLfV will only respond if the previous vote has to be changed or supplemented.

The update must be recorded accordingly in the security file (see Appendix 16 for a sample).

Section 14 (2):

In the case of Ü3, a repeat inspection must be carried out every ten years, provided that the person concerned is still employed in an exposed, safety-sensitive position. Otherwise, a repeat check (Ü1, Ü2 or Ü3) will only be initiated if safety-relevant circumstances suggest it.

In the case of the repeat inspection, the procedure is the same as for the initial inspection; in this respect, the information and the required consent of the person concerned and, if applicable, the person involved must be pointed out in particular. However, for reasons of proportionality, the identity check can be dispensed with if the person concerned has reached the age of 60.

A repeat check can be dispensed with if it is certain that the person concerned will retire from a security-sensitive activity within the next five years, e.g. through retirement. In this case an update according to paragraph 1 is sufficient.