[kyusan0]

IANAL but the law in Germany is basically the same in this case, accessing data that's meant to be protected and not intended for you is is illegal. It depends somewhat on the interpretation of what "specifically protected" ("besonders gesichert") means. https://www.gesetze-im-internet.de/stgb/__202a.html

[cryptonector]

Exactly. My apologies for not noticing this was over in Europe, but you'll find laws similar to CFAA all over the place. And in Europe it might be worse simply because you might have 27 different such laws _and_ the European arrest warrant, and you might not know which of those 27 laws applies. (I guess you could say the same about the U.S., with 50 instead of 27, but at least for this sort of thing in the U.S. it's mainly federal law that matters the most.)

[master-lincoln]

Can a non specific password constitute a specific protection? I guess no

[andersa]

It can. The fact there is a password, even if you can trivially find said password, is considered a protection. The German law is completely absurd here.