Transparency is highly important to us
Telecommunications companies are required by law to assist security authorities with surveillance measures or by handing over data for law enforcement. It is very important to us that we make our activities as transparent as possible within the framework of these legal obligations. Deutsche Telekom was the first company to publish a transparency report for Germany in 2014. After an extensive analysis of the respective legal framework in each country, the first international transparency report for our international branches followed in 2016.
In our current, cross-border transparency report, we provide information on the type and scope of information provided to security authorities in 2022. On the one hand, this involves surveillance measures through which telecommunication connections can be tracked or recorded. On the other hand, the information about line owners or traffic data is quantified here. Our support services are provided exclusively based on a clear and mandatory legal basis in the respective countries. These legal bases and the competent security authorities can also be found in the report.
How are the figures to be understood?
In some countries, only the number of requests from public authorities are counted, not the number of surveillance measures or handed over data. On the one hand, stored traffic data can be requested (when did a communication take place? Between which telephone lines ? For how long?). On the other hand, so-called subscriber data (customer data such as name, address, and date of birth) are requested. Some information must also be provided on owners of IP addresses (subscriber data for a specific IP address).
A request can refer to several lines or data sets. In addition, it must be considered that a data set can also contain a variety of information (such as several identification features like the mobile equipment identification number IMEI and the telephone number). If only a specific customer is asked, they can have both a mobile and a fixed line number. So at least two data sets must be considered. If a mobile device is to be located at a certain time, it may be that several mobile phone cells and thus also several data sets must be considered because the location had changed from one cell to another. Information can become very extensive if all logged-in devices in a mobile phone cell are to be listed over a certain period. Especially in large cities, this can result in tens or even hundreds of thousands of data records.
Information about Germany
In 2022, approximately 2,200 surveillance measures were implemented monthly for the authorities in the Telekom regional offices for special state requirements in Germany (ReSAs). This figure has decreased slightly compared to the previous year. The teams in the ReSAs also provide information about traffic data – i.e., when communication took place, between which connections and for how long. In addition, there is customer data such as name, address, and date of birth. The number of traffic and customer data reports has increased again compared to the previous year. The number of customer data requests also includes the assignment of IP addresses to the respective connection owner for law enforcement purposes . The number of copyright protection requests has also increased compared to the previous year.
Our experts check every request for legal conformity and pay particular attention to compliance with telecommunications secrecy and data protection. Support services for surveillance measures are provided strictly according to the four-eyes principle. This means that there are always two employees involved who check each other. Technically, a line interception means that the affected traffic is made available directly to the authority. Deutsche Telekom itself cannot take note of the content of these connections. Attention is also paid to the highest level of technical safety. The focus is always on safeguarding the rights of the individual, especially the protection of telecommunications secrecy.
All requirements for transparent and legally compliant action are anchored in our Security Policies, which are binding for all Telekom Group companies. Together with the disclosure principles, they form a common framework for acting.