- Protecting consumers and young people
- Developing data privacy products
- Binding Corporate Rules on Privacy
- Promoting media skills
- Partnerships and alliances
- Annual data privacy report
Data privacy and data security are very important to us. In 2008, we created a special Board of Management department for this topic and introduced the Binding Corporate Rules on Privacy specifying how personal data is to be collected, stored, and processed at the Deutsche Telekom Group. Not only do we provide transparent information on all of our activities and measures in our annual Data Privacy and Data Security Report, we also take stock of the current situation: What has Deutsche Telekom achieved? What do politicians consider to be the areas needing the most improvement? And what do experts think about the current state of data privacy and data security?
Our products and services have always provided a high degree of data privacy and data security. Growing volumes of data require special precautions to protect the privacy of citizens, which is why we approved eight mandatory principles for handling big data, or large amounts of personal data, in 2013. In January 2015, we also approved specific measures to protect data and infrastructure in our "Ten-point program for increased cyber security." We also developed new protective products including our Mobile Encryption app designed to ensure end-to-end encryption of mobile communication.
Data privacy and security also play a key role in the development of our other products and services. Our Privacy and Security Assessment (PSA) procedure allows us to review the security of our systems in each step of the development process. This procedure applies to newly developed systems as well as existing systems that undergo changes in technology or in the way data is processed. We use a standardized procedure to document the data privacy and data security status of our products throughout their entire life cycle. Youth protection aspects are also taken into consideration in our product and service design. In Germany we involve our youth protection officer in all issues regarding planning and designing offers for young people. The youth protection officer can then recommend limits or changes. In 2013, we also made it mandatory for every international subsidiary within the EU to designate a child safety officer (CSO) to handle youth-protection related topics. As a result, at least one CSO was appointed in each of our European markets in 2014. The CSO acts as a central contact for members of the community in the respective EU market. They also play a key internal role in coordinating topics revolving around the protection of minors. These measures increase the consistency and transparency of Deutsche Telekom's involvement in protecting minors.
Strategic approach to protecting minors from unsuitable media content
Our strategy to protect children and young people from harm when using digital media is based on three pillars. We
- provide attractive, age-appropriate offers for children and give parents and guardians tools (filters) that they can use to restrict the access minors have to harmful content,
- work to fight child abuse and child pornography and
- promote skills to help people use the Internet safely.
We also collaborate closely with prosecuting authorities and NGOs as well as other partners from business, politics, and society to ban online content that is harmful to children and young people.
We documented our commitment to protecting minors from unsuitable media content in Germany in relevant codes and introduced minimum standards.
In 2007, we committed ourselves to fighting child pornography on the Internet throughout the European Union. At a global level, we have been a member of the global association of mobile providers, GSMA since 2008, which pursues the same objectives. In order to better coordinate our activities within the Group, we also approved a list of general guidelines in October 2013 for our activities to help protect minors from unsuitable media content and made these guidelines mandatory at international level, thereby setting new standards in our markets. In consideration of their particular cultural situation and business model, each international subsidiary in the European Union can further specify these measures, adopt additional measures, and also determine their own strategic focal points.
Because protecting minors from unsuitable media content poses a challenge that affects many industries, we cooperate with different organizations for the protection of minors and participate in coalitions that coordinate the involvement of companies and organizations from the Internet and media sector. For example, we are a member of the "CEO Coalition to make the Internet a better place for kids." We also play a leading role in the ICT Coalition for the Safer Use of Connected Devices and Online Services by Children and Young People in the EU. In this coalition, we pursue a comprehensive cross-industry approach based on six principles that expressly includes helping young people learn media skills.
In January 2013, as part of both coalitions, Deutsche Telekom announced plans to implement an EU-wide set of measures based on the principles of the ICT Coalition. The ICT Coalition published an annual report in April 2014 on the implementation of corresponding measures at all of the companies represented in the ICT coalition. The report, which was written by an independent expert from the Dublin Institute of Technology, comes to the conclusion that Deutsche Telekom's approach to implementing the ICT Coalition's principles is exemplary.
According to a survey carried out by the IfD Allensbach institute for its 2015 Security Report, Deutsche Telekom is the most trustworthy company among German telecommunications and Internet providers when it comes to data privacy. Greater value is generally placed on the protection of personal data in Germany compared to other countries, which is why the services we provide to our customers are hosted in particularly secure data centers.
We document our wide range of data protection activities in our annual Data Privacy and Data Security Report. The following are just a few examples of our activities during the reporting period.
Encrypted e-mails for everyone
As of mid-2016, Deutsche Telekom and the Fraunhofer Institute for Secure Information Technology (SIT) will begin providing Volksverschlüsselung, a simple and free e-mail encryption service for everyone. The solution is operated by Deutsche Telekom at a high-security data center. The goal is to make state-of-the-art encryption methods accessible to everyone. Cryptographic keys are created directly on the user's end device and never leave their device, making sure that they are never available to the infrastructure operator. To use the encryption, users only need to install the software and identify themselves as part of a simple one-time process. In the first step, users are identified via the established Deutsche Telekom registration processes or with the aid of an electronic ID card. Other processes for secure identification are planned at a later stage.
Testing Deutsche Telekom apps
In October 2015, Deutsche Telekom data protection and security specialists examined the security levels of 30 company apps. Focus was placed on the most popular apps in the Apple and Google download stores, including the We Care app magazine. They also checked how and when the apps provide the requested data privacy information. Can customers find sufficient information at the store - i.e., before downloading the software? How detailed is the data privacy information?
Overall, the testers were satisfied with the outcome. Results were particularly favorable with regard to data minimization and restriction of use to defined purposes, which means that apps do not store or use any personal user data not required to operate the app. But the testers also detected room for improvement. The most common criticism referred to shortcomings in data privacy notices, for example when it comes to contents or detectability within the app. Unfortunately, not all apps use the Deutsche Telekom privacy icon yet, a data protection icon developed by Deutsche Telekom that refers the user to privacy-by-design functions. The specialists also detected some potential for optimization in terms of data security. The Fraunhofer Institute for Secure Information Technology (Fraunhofer SIT) got involved in the vulnerability analyses and provided Deutsche Telekom with test software to identify critical potential security gaps commonly used by attackers. Any vulnerabilities found were documented and corrected.
TÜV data privacy certification for phone bills
Telekom issues around 27 million phone bills each month in the German consumer segment alone. TÜViT once again certified the billing processes used by Telekom Deutschland in 2015, assessing both data protection and IT security. By granting this certification, TÜV technical services agency has confirmed that Telekom handles customer data securely and in compliance with legal regulations.
Beware of fake bills
Time and again, criminals try to spread malicious code on computers using fake Telekom bills. Deutsche Telekom started adding further security features to their online bills in February 2015. In addition to addressing customers personally and including the customer's account number, online bills now also include the customer's address. Customers can recognize authentic online Telekom bills by the forgery-proof e-mail seal. It appears highlighted in customer e-mail inboxes and provides a quick overview of whether the e-mail was actually sent by Telekom. We have also introduced an invisible signature that is read by Internet providers as part of the e-mail transfer. Providers can tell from the signature whether an e-mail originates from a trustworthy sender or whether it is a fake e-mail indicating Deutsche Telekom as the sender.
The online Deutsche Telekom security guide
Information on cyber criminals, malware and phishing is distributed over thousands of websites on the Net. The www.sicherdigital.de website brings this information together, providing users with easy access to security issues. Young people, adults and businesses can find useful information and specific tips concerning security and data protection.
The "Confidential" issue of our We Care app talks about how dangerous hacker attacks can be and how users can protect themselves.
Deutsche Telekom was given three awards for its security policies at the German Security Conference in Berlin in November 2015. The Facebook Privacy app, Threat Management and Security Partnership Against Metal Theft were all singled out for recognition.
The jury decided that Deutsche Telekom was No. 1 in Germany in the Outstanding Security Provider category. Its Facebook Privacy app shows users who can see their personal content, who can find them on Facebook and who can post to their wall. Users can adjust their privacy settings with a single click to better protect their privacy.
Deutsche Telekom's threat management system was celebrated as an Outstanding Security Adviser. It ensures that all employees can get on with their jobs free of fear or violence. Anyone can contact the colleagues at Threat Management in the event of sudden physical approaches or if they feel they are being pursued, if threatened with physical or mental violence or unusual observations, such as when others express violent fantasies. Certified threat managers have helped around 200 colleagues over more than two years.
The jury also praised the SIPAM (Security Partnership Against Metal Theft) as an Outstanding Security Partnership. This partnership, composed of associations and companies from the logistics, telecommunications, mining and energy sectors, was founded in 2012 at the initiative of Deutsche Telekom, Deutsche Bahn and RWE as well as the Association of German Metal Traders (VDM). Most of the members operate critical infrastructures which are essential to the population, business, and government.
As a leading ICT provider, we promote to the best of our ability a secure, positive online experience for children and young people. With age-appropriate websites and content we provide children and young people in Germany and other countries with exciting, attractive online content. There is, however, other, unsuitable online content on the Net aside from these offers. That is why we provide filters that parents can use to make it difficult for their children to access content that is dangerous or may impair their development. One of the two programs for the protection of young people under ages 16 and 18 from dangerous content recognized by the Commission for the Protection of Minors in the Media (KJM) was our child protection software. Parents (or other legal guardians) can use the software to flexibly determine which content their children (or wards) can access.
We also developed the Surfgarten browser for the iPhone, iPad, and iPod Touch for protecting minors in Germany. Both our German child protection software and Surfgarten contain a technological solution that identifies the age-rating of websites. We also integrated the fragFinn.de search engine in both software solutions.
The cell-phone user's license for children
We also offer solutions that enable children and young people to safely use cell phones. At IFA 2015, we introduced our new Family Card Start family plan, mainly intended for use by children. In the basic version of Family Card Start, fee-based mobile data use (excluding WiFi ) is initially blocked by default. There is also the option to block calls to fee-based special phone numbers and value-added services. With the launch of the new plan and as part of the "Cell-phone beginners" campaign, we also published our cell-phone user's license on YouTube. The goal is to raise awareness among children regarding responsible smartphone use.
In addition to these solutions, we also promote secure and responsible media use among young people with our Teachtoday initiative. The initiative supports children and their families with practical and everyday tips and materials.
Deutsche Telekom considers it its obligation to take rigorous action against depictions of child abuse on the Internet. Deutsche Telekom has been involved in an EU-wide fight against the depiction of child abuse since 2007 in the European Framework for Safer Mobile Use by Younger Teenagers and Children. Since 2008 we have been committed to combating the spread of such content initiated by the global association of mobile providers GSMA.
Since 2013 we have also been participating in two cross-industry coalitions committed to fighting child abuse on the Internet, the "CEO Coalition to make the Internet a better place for kids" and the "ICT coalition for the safer use of connected devices and online services by children and young people in the EU." The ICT Coalition published its first annual report in 2014. The report acknowledges our involvement in this area. We continue to be active in both coalitions and remain fully committed to their principles.
Working with the Center for Online Child Protection
As in 2014, we continued to participate in the Center for Child Protection on the Internet (I-KiZ) during the reporting period, a project run by the German Federal Ministry for Family Affairs, Senior Citizens, Women, and Youth. The "Network against the abuse and sexual exploitation of children – No grey areas on the Internet," was initiated in 2014 as part of the project. The aim of the network, which is under the patronage of Manuela Schwesig, Federal Minister of Family Affairs, Senior Citizens, Women and Youth, is to effectively fight the online depiction of children and young people in sexual poses and ban it internationally. It started its work by setting up a competence center designed to investigate the "grey areas" facilitating sexual abuse on the Internet.
T-Mobile Netherlands undertakes various activities under the auspices of the Responsible Mobile Use Program:
Financial Responsibility Program
Due to the fact that many households in the Netherlands are struggling financially and for various reasons are having difficulties paying their monthly bills, T-Mobile Netherlands started building a new and disruptive program focusing on financial responsibility in 2015. The program follows a very innovative and personal approach that aims to make a difference for the company in terms of keeping its customers, and for society by helping customers to overcome financial difficulties.
The program is based on six projects implemented by a cross-functional team within T-Mobile Netherlands and in cooperation with different partners:
- Guest lectures on debt prevention in schools during National Money Week: This nationwide project week organized by the Ministry of Finance particularly targets primary schools. As 90% of children get their first mobile phone when they are 11 or 12 years old, T-Mobile Netherlands provided guest lectures to teach children how to prevent high costs resulting from mobile use and use their connection in a responsible way. With almost 150 colleagues involved, the guest lectures reached over 4,500 children. The company’s employees held the guest lectures with materials provided by the company. The objective is to reach out to 10,000 children in 2016.
- Financial Cafés 2.0: Situated in easy approachable community centers or libraries, Financial Cafés run by the NGO Humanitas enable people with financial problems to just drop in and get help from a volunteer or a social worker. In the 2.0 version, big corporates such as T-Mobile Netherland are working together to learn from each other now best to collect money from the same customer in a very humane way, i.e. coordinated by Humanitas volunteers. The volunteers are trained on the T-Mobile debt-collection procedures and have a direct point of contact in the company. This is helping the company to improve its dunning processes in a social and fair manner.
- Poverty Coalition: This partnership between corporate banks, insurance companies, energy companies, bailiffs, money collecting companies, universities and tax authorities is working to prevent and fight poverty among Dutch households in the Netherlands.
- Social SIMs: More than 600,000 people in the Netherlands are unemployed – not just the 40+, but also 20- to 30-year-olds. A large proportion of them are in debt and facing great problems. But in order to participate in society and the labor market it is important be reachable via phone. T-Mobile Netherlands is cooperating with local municipalities to provide the unemployed and people with debts with special SIM cards featuring a charitable tariff. In addition to the SIM cards, T-Mobile Netherlands is also offering job application workshops, short internships, soft skill training courses, and workshops on how to prevent debts.
- Outbound calling team: T-Mobile brought a team of empathic colleagues together as a special outbound calling team that calls customers involved in the dunning process. Instead of asking them to pay, the message is “How are you? We appreciate you very much as a loyal costumer. Can we help you?” This is being undertaken with the understanding that basically, every customer is willing to pay and for customers in financial trouble an appropriate solution can always be found.
- Financial debt prevention through product design: As a telecom provider T-Mobile Netherlands is aware of its responsibility to protect customers against fraud, unexpected costs, bill shocks, taking out subscriptions they cannot afford or problematic telecom debts. T-Mobile Netherlands therefore introduced new services (Stel Samen Stel Bij) that enable customers to adjust their usage in real time. With the T-Mobile App customers enjoy real-time insights into their costs and usage. To prevent bill shocks the company also contacts customers in real time if usage is high. And if a specific customer cannot be reached, the services are temporarily stopped.
In September 2014 the Dutch Transport Ministry and Safe Traffic Netherlands launched a campaign about the safe use of mobile phones in road vehicles: "Keep Your Eyes on the Road”. T-Mobile Netherlands was the first company from the telecom sector to adopt the campaign and support it through flyers in stores and especially in social media. A similar campaign was launched to encourage safe cycling since 20% of all cycling accidents in the Netherlands are caused by social media use in traffic. The fietsmodus-app activates a traffic mode that works in similar fashion to flight mode. In 2015 T-Mobile Netherlands upgraded this campaign and customized it to the T-Mobile brand by making a special promotion film featuring the CEO and adding some extra prizes. One of the prizes users can win is a T-Mobile cycle. As a result the number of users more than doubled.
Since 2010 T-Mobile has been sponsoring De Kindertelefoon, a helpline where children in particular can anonymously call for help. T-Mobile enables children and young people to use their mobile phone to make free calls to this Kindertelefoon. In 2015 the helpline was contacted nearly 600,000 times.