The highest standards of data privacy and data security are part of our brand identity. Our active data protection and compliance culture, which has been built up over ten years, sets national and international standards.
The Board department for Data Privacy, Legal Affairs and Compliance (DRC), established in 2008, was dissolved effective at the end of the term of office of Dr. Thomas Kremer, Board member for DRC, on March 31, 2020. As of January 1, 2020, the individual areas of this department were assigned to other Board departments (“Finance,” “Human Resources,” “Technology and Innovation”). Chief Human Resources Officer Birgit Bohle has headed up the extended Human Resources and Legal Affairs Board department since January 1, 2020.
Since 2009, the Group Board of Management has been advised by an independent Data Privacy Advisory Board comprising reputable experts from politics, science, business, and independent organizations. At the beginning of 2020, the Advisory Board took on a bigger role through the addition of new members from the Board of Management and the Supervisory Board of Deutsche Telekom AG.
Deutsche Telekom Security GmbH combines the security activities from various Group areas, thereby reinforcing our portfolio of cybersecurity solutions.
Data protection and data security at Deutsche Telekom are subject to the following regulations:
Both guidelines set forth binding standards that are in line with international standard ISO 27001. These policies allow us to guarantee an adequately high and consistent level of security and data privacy throughout the Group.
Ensuring effective data privacy
Our approach to big data and artificial intelligence
When very large volumes of data are being processed, we must take precautionary measures to protect citizens’ privacy, which is why, back in 2013, we approved eight mandatory principles for handling big data. In 2015, we also approved specific measures to protect data and infrastructure in our “Ten-point program for increased cybersecurity.” Against this background, we have developed special protective products, including our Mobile Encryption app, which ensures end-to-end encryption of mobile communication for smartphone users. Furthermore, in 2018 we published a Guideline for designing artificial intelligence (AI) in compliance with data privacy requirements.
Reviewing our products
Data privacy and security play an important role that starts during the development of our products and services. Our Privacy and Security Assessment (PSA) procedure allows us to review the security of our systems in each step of the development process. This procedure applies to newly developed systems as well as existing systems that undergo changes in technology or in the way data is processed. We use a standardized procedure to document the data privacy and data security status of our products throughout their entire life cycle.