Provision of information to security authorities
Jun 12, 2014
Under specific circumstances, Deutsche Telekom is legally obligated to provide information to the security authorities and to enable interception measures. In order to make this area of activities more transparent, Deutsche Telekom is now publishing the figures annually.
Deutsche Telekom closely observes telecommunications secrecy and data privacy regulations, which are basic rights accorded to German citizens. Wherever the authorities encroach upon these rights with requests for interception activities and data, Deutsche Telekom makes sure that they are processed strictly in accordance with the law. In particular, this ensures that Deutsche Telekom only takes action when the necessary legal preconditions are met. Support with interception activities is provided in strict compliance with the principle of double-checking, i.e., always with two employees involved, each of whom monitors the other. The application of this principle helps to prevent errors from occurring. Each individual process step is documented in detail and subject to regular inspections by the Security Officer and the Federal Network Agency. Additional checks are performed by Deutsche Telekom's Data Privacy Officer and its Internal Audit unit.
The overview below is for 2013. It shows how many times Deutsche Telekom was instructed by the authorities and actually performed line interception activities, as well as the number of data records, subscriber master data records, and IP addresses requested:
Type of measure
Data traffic records
Subscriber master data
IP address owner data
A total of 49,796 lines were intercepted. The large majority of these interception activities were carried out in accordance with § 100a of the Code of Criminal Procedure (StPO). Pursuant to § 100a StPO, if certain facts give rise to the suspicion that the individual, either as a perpetrator or accessory, has already, will attempt, or has prepared to commit a serious criminal offense as referred to in § 100a StPO, telecommunications may (with a warrant issued by the court or the public prosecutor's office) be intercepted and recorded by the authorized authorities without the knowledge of the person concerned. A small minority of the interception activities were carried out on the basis of the G 10 Law concerning Article 10 of the German Basic Law, as well as state police laws. Under the provisions mentioned, providers are obligated to allow the authorities to perform interception activities.
Requests were received for a total of 436,331 data traffic records. The large majority of these requests were based on § 100g StPO, and a small minority on the G 10 Law and state police laws. Pursuant to § 100g StPO, if certain facts give rise to the suspicion that the individual, ei-ther as a perpetrator or accessory, has committed a criminal offense as referred to in § 100a StPO (see above), traffic data may (with a warrant issued by the court or the public prosecutor's office) be obtained without the knowledge of the person concerned when it is deemed necessary to establish the facts or determine their whereabouts. These regulations obligate providers to make the requested traffic data available.
The number of requests for subscriber master data totaled 28,162. These were largely based on the provisions of § 113 of the Telecommunications Act (TKG) and § 161a StPO. Pursuant to § 113 TKG in conjunction with the obtainment of data in accordance with a particular standard, upon receiving written instructions telecommunications providers must provide subscriber master data to the authorities and public bodies stated therein (for criminal and administrative offenses, this is the relevant authorities; for defense against threats to public safety and public order, this is the relevant authorities, the authorities for the protection of the Constitution and the Federal States, the Military Counterintelligence Agency, and the Federal Intelligence Service).
Requests were received in a total of 946,641 cases for data on IP address owners in connec-tion with civil law proceedings on copyright violations on the basis of § 101 of the German Copyright Act (UrhG). Responding to these inquiries takes up a great deal of the time of the relevant departments at Deutsche Telekom. The subscriber data requested is not stored further as there is no legal obligation to do so.
Deutsche Telekom does not respond to inquiries from authorities outside of Germany. Any inquiries of this nature must be submitted to Deutsche Telekom via the relevant German authority.
Current measures and data protection incidents.