Data privacy and data security are very important to us. In 2008, we created a special Board of Management department for this topic and introduced the Binding Corporate Rules on Privacy specifying how personal data is to be collected, stored, and processed at the Deutsche Telekom Group. Not only do we provide transparent information on all of our activies and measures in our annual Data Privacy and Data Security Report, we also take stock of the current situation: What has Deutsche Telekom achieved so far? What do politicians consider to be the areas needing the most improvement? And what do experts think about the current state of data privacy and data security?
Our products and services have always provided a high degree of data privacy and data security. Growing volumes of data require special precautions to protect the privacy of citizens, which is why we approved eight mandatory principles for handling big data, or large amounts of personal data, in 2013. In January 2015, we also approved specific measures to protect data and infrastructure in our "Ten-point program for increased cyber security." We also developed new protective products including our Mobile Encryption app designed to ensure end-to-end encryption of mobile communication.
Data privacy and security also play a key role in the development of our other products and services. Our Privacy and Security Assessment (PSA) procedure allows us to review the security of our systems in each step of the development process. This procedure applies to newly developed systems as well as existing systems that undergo changes in technology or in the way data is processed. We use a standardized procedure to document the data privacy and data security status of our products throughout their entire life cycle. Youth protection aspects are also taken into consideration in our product and service design. In Germany we involve our youth protection officer in all issues regarding planning and designing offers for young people. The youth protection officer can then recommend restrictions or changes. In 2013, we also made it mandatory for every international subsidiary within the EU to designate a child safety officer (CSO) to handle youth-protection related topics. As a result, at least one CSO was appointed in each of our European markets in 2014. The CSO acts as a central contact for members of the community in the respective EU market. They also play a key internal role in coordinating topics revolving around the protection of minors. These measures increase the consistency and transparency of Deutsche Telekom's involvement in protecting minors.
Strategic approach to protecting minors from unsuitable media content
Our strategy to protect children and young people from harm when using digital media is based on three pillars. We
- provide attractive, age-appropriate offers for children and give parents and guardians tools (filters) that they can use to restrict the access minors have to harmful content,
- work to fight child abuse and child pornography and
- promote skills to help people use the Internet safely.
We also collaborate closely with prosecuting authorities and NGOs as well as other partners from business, politics, and society to ban online content that is harmful to children and young people. We documented our commitment to protecting minors from unsuitable media content in Germany in relevant codes and introduced minimum standards. In 2007, we committed ourselves to fighting child pornography on the Internet throughout the European Union. At a global level, we have been a member of the global association of mobile providers, GSMA, since 2008, which pursues the same objectives. In order to better coordinate our activities within the Group, we also approved a list of general guidelines in October 2013 for our activities to help protect minors from unsuitable media content and made these guidelines mandatory at international level, thereby setting new standards in our markets. In consideration of their particular cultural situation and business model, each international subsidiary in the European Union can further specify these measures, adopt additional measures, and also determine their own strategic focal points.
Because protecting minors from unsuitable media content poses a challenge that affects many industries, we cooperate with different organizations for the protection of minors and participate in coalitions that coordinate the involvement of companies and organizations from the Internet and media sector. For example, we are a member of the "CEO Coalition to make the Internet a better place for kids." We also play a leading role in the ICTCoalition for the Safer Use of Connected Devices and Online Services by Children and Young People in the EU. In this coalition, we pursue a comprehensive cross-industry approach based on six principles that expressly includes helping young people learn media skills.
In January 2013, as part of both coalitions, Deutsche Telekom announced plans to implement an EU-wide set of measures based on the principles of the ICT Coalition. The ICT Coalition published an annual report in April 2014 on the implementation of corresponding measures at all of the companies represented in the ICT coalition. The report, which was written by an independent expert from the Dublin Institute of Technology, comes to the conclusion that Deutsche Telekom's approach to implementing the ICT Coalition's principles is exemplary.
Protecting personal data
Almost one-third of all Germans are concerned about the misuse of data and insufficient data security. These were the findings of the 2016 Security Report that we commissioned from the Allensbach Institute. Deutsche Telekom is by far the most trusted company in the ICT industry when it comes to handling personal data. And we are proud of it, because protecting our customers' data is one of our top priorities.
We document our wide range of data protection activities in our annual Data Privacy and Data Security Report. The following are just a few examples of our activities during the reporting period.
A simple data privacy statement for everyone
Non-specialists often have a hard time understanding data privacy statements. Our one-pager provides our customers with an easy-to-read overview of data privacy at our company. It contains simple, condensed information on the basics behind our data processing activities. It does not replace our formal data privacy statement, to which we link in the document and which complies with legal requirements. Instead, it provides users with transparent information on how and to what extent we process and use personal data. With this one pager, we have followed an initiative launched by the National IT Summit, supported by the Federal Ministry of Justice and Consumer Protection.
Mobile Protect Pro
According to the 2016 Security Report, half of those surveyed consider an attack on their smartphone to be unlikely. But the number of attacks on mobile devices is increasing and these attacks can do just as much damage as an attack on your PC at home. With the Mobile Protect Pro application, we have been offering our business customers end-to-end protection for mobile devices since 2016. The app continuously checks the device for possible threats, similar to a non-stop ECG. It also provides protection for wireless connections like Wi-Fi.
Encrypted e-mails for everyone
Together with the Fraunhofer Institute for Secure Information Technology (Fraunhofer SIT), we launched Volksverschlüsselung in mid-June 2016. It is a simple, free way to encrypt emails. We operate the solution at a high-security data center. The goal is to make state-of-the-art encryption methods accessible to everyone. The keys are generated on the user's device. The user is the only person with access to them; they are not sent to the infrastructure operator. To use the encryption, users only need to install the software and identify themselves as part of a simple one-time process. In the first step, users are identified via the established Deutsche Telekom registration processes or with the aid of an electronic ID card. Other processes for secure identification are planned at a later stage.
The online Deutsche Telekom security guide
Information on cyber criminals, malware and phishing is distributed over thousands of websites on the Net. The www.sicherdigital.de website brings this information together, providing users with easy access to security issues. Young people, adults and businesses can find useful information and specific tips concerning security and data protection.
The "Confidential" issue of our We Care app talks about how dangerous hacker attacks can be and how users can protect themselves.
Collaboration for the protection of minors
We want to create a safe, positive online experience for children and young people. We offer them attractive, exciting content on age-appropriate websites.
Supporting standardized child protection offers
We became a member of the non-profit organization JusProg e.V. in August 2016 in order to expand our involvement in child protection efforts. Child protection programs are traditionally based on different platforms like IOS, Android and Windows. However, we feel the only way to develop a truly effective solution is within the scope of cross-system collaboration. That is why we decided to donate the rights to the program code behind our child protection software (Windows) and our child protection app, Surfgarten, (iPhone/iPad) to JusProg e.V. The organization will further develop and operate both products. They will also incorporate the JusProg filter list. These filters decide whether or not content can be accessed. With these decisions, we hope to help JusProg develop a standardized child protection offer.
Teachtoday in the Aktionsbund Digitale Sicherheit network
In addition to these solutions, we also promote secure and responsible media use among children and young people with our Teachtoday initiative. The initiative supports children and their families with practical and everyday tips and materials. Teachtoday was accepted into Aktionsbund Digitale Sicherheit in May 2016, a network of organizations and associations that are focused on providing people with tangible assistance when it comes to online safety.
Fighting child pornography
We consider it our obligation to take rigorous action against depictions of child abuse on the Internet. We have been involved in an EU-wide fight against the depiction of child abuse since 2007 in the European Framework for Safer Mobile Use by Younger Teenagers and Children. Since 2008 we have been committed to combating the spread of such content together with other mobile providers in a global association.
Since 2013 we have been participating in two cross-industry coalitions committed to fighting child abuse on the Internet, the "CEO Coalition to make the Internet a better place for kids" and the "ICT coalition for the safer use of connected devices and online services by children and young people in the EU." The ICT Coalition published its first annual report in 2014. The report acknowledges our involvement in this area. We continue to be active in both coalitions and remain fully committed to their principles.
Collaboration with the Center for Child Protection on the Internet
We continued our collaboration with the Center for Child Protection on the Internet (I-KiZ) in 2016. I-KIZ is a project of the German Federal Ministry for Family Affairs, Senior Citizens, Women and Youth. The aim of the network, which is under the patronage of Manuela Schwesig, Federal Minister of Family Affairs, Senior Citizens, Women and Youth, is to effectively fight the online depiction of children and young people in sexual poses and ban it internationally. The network was once again expanded in 2016, including expansion of the jugend.support advice and support system. It now encompasses a total of 16 advice centers that teenagers can contact with their problems. During the reporting period we also participated in the conference held by I-KIZ under the title "The latest in media protection of minors" where we discussed the latest developments on the topic with members of the network.
Digital inclusion of senior citizens and school children
The new Školák (“Schoolchild”) package is a special offer for parents of schoolchildren. Independently of the child’s mobile credit, parents can purchase the package to keep an eye on their children’s movements, protect them against inappropriate content on the internet and keep track of their mobile credit. The package is linked to the “Surfie” application. This app is provided free of charge and makes it possible to track the location of children and restrict viewing of internet content.
The app is in the Czech language, works with the iOS and Android operating systems, and includes three licenses. These can be used to protect three children or they can be installed on three different devices. The app requires internet access and the bundle therefore contains a 10 MB data allowance per month for the child. After the data allowance has been completely used up, the internet access speed slows down, i.e. children will still be able to use the app.
Also, we held two seminars for senior citizens on “How to use mobile phones” and “Internet and apps” with 25 participants in total.
Services to protect children in the digital world
T-Mobile USA has about four million customers using a free service that blocks their children from viewing sexual content, graphic violence and crude humor. It also has 375,000 customers who pay USD 4.99 a month for something called Family Allowances, which lets parents block their children from texting and calling certain phone numbers, shut down their phones during school and homework hours, and monitor how much they are texting. T-Mobile has about 100,000 subscribers who pay USD 9.99 a month for another service, FamilyWhere, which lets families keep track of the location of all phones on their accounts.