22.06.2017

Internet Policy Party Check Wahl/Digital for the German Federal Election 2017: What the Parties are Planning on the Topics of Trust & Security in the Internet

What are the German federal parties planning for the next legislative term in regards to IT Security? What’s next for Blanket Data Retention? How should encryption be better facilitated in future and what standards are needed for product security?

These questions were in the focus of the fourth and final Internet Policy Party Check, organized by eco in cooperation with media partner WirtschaftsWoche, on Tuesday, 20 Jun 2017, in the Microsoft Atrium, Berlin.

This time on the stage, Saskia Esken (SPD – Social Democratic Party), Konstantin von Notz (Bündnis 90/Die Grünen – the Greens), Thomas Jarzombek (CDU/CSU – Christian Democratic Union) and Petra Sitte (Die Linke – the Left) faced the five fast rounds of questions on the topic of Trust & Security in the Internet. The perspective of the Internet industry was supplemented by eco Director Prof. Dr. Norbert Pohlmann.

The most important party positions from the five rounds of questions in brief:

Data Protection

  • Saskia Esken MP, SPD: “Data protection and data innovation do not need to be brought into balance, because data protection is a good foundation for data innovation. Data protectors should no longer allow themselves to be abused as inhibitors, but should in future take a stronger advisory role as to how, in the context of our high standards for data protection, data innovation can be implemented.”
  • Konstantin von Notz MP, Bündnis 90/Die Grünen: “In coming years, the currency in the Internet will be trust, and without trust in data security and data protection our innovative output and the hope that we project into the Internet and digitalization will not be fulfilled. The federal government is going in the completely wrong direction on the topic of encryption. The legislation that is currently making its way through parliament only a few weeks before the gates close is the exact opposite of what we need. It undermines trust.”
  • Thomas Jarzombek MP, CDU/CSU: “It was important to us that we take as little national unilateral action as possible. However, for continued development, it is also important to us that we bring the topics data protection and data innovation into balance, and this is why the CDU would like, in the sense of weight and counter-weight for data protection officers, to create a new pillar of data innovation next to the pillars of data protection and freedom of information.”
  • Petra Sitte MP, Die Linke: “When it comes to the content of specific regulations, then we also advocate, for example, a data-protection friendly default setting, so Privacy by Default, or clear provision for protection against state surveillance, for example.”

State Surveillance

  • Saskia Esken MP, SPD: “Wannacry was certainly a Zero Day Exploit. I am utterly convinced that we must not instruct any state-based establishment to keep such vulnerabilities open and secret.”
  • Konstantin von Notz MP, Bündnis 90/Die Grünen: “The state is the most blatant hacker of all. I find it indefensible that the state should enter into this legal grey-zone, and we urgently need rectification. The BND Act, as revised by the grand coalition in this legislative term, is not this at all, and the next scandal will definitely come and the next whistleblower too. The unfathomable extent of state-based hacking goes well beyond Snowden.”
  • Thomas Jarzombek MP, CDU/CSU: “We emphatically do not want what the Americans are doing. We do not want surveillance without cause. Rather, only in individual cases and on the basis of judicial decisions. We do not want to weaken encryption and we also do not want to build any back doors into anything. The public authority ZITIS (Centre for Information Technology of Security Authorities) is only there for cases where there is a person who is a clear danger, and the required judicial permission has been granted to gain access to that person’s devices to look at the source – by means of a Trojan – and see what kind of messages this person writes.”
  • Petra Sitte MP, Die Linke: “We would like to revoke the BND Act. We take a negative view of secret services and see them in their current setup as foreign objects in democracy.”

Blanket Data Retention

  • Saskia Esken MP, SPD: “I did not approve the Data Retention Act, because it means a far-reaching encroachment into fundamental rights, and it does not offer what it should in terms of impact. For the same reasons, I will not be able to approve the planned Quellen-TKÜ (Lawful Interception at the Source).”
  • Konstantin von Notz MP, Bündnis 90/Die Grünen: “It is completely crazy that laws that are so questionable from a constitutional viewpoint are simply brought to the parliament, with the attitude ‘if you don’t like it, then sue’. This is highly problematic from a parliamentary perspective.”
  • Thomas Jarzombek MP, CDU/CSU: “The CDU stands by the Data Retention Act. I can live with the current version, but it must not become more than that.”
  • Petra Sitte MP, Die Linke: “We have always seen the Data Retention Act as a disproportionate form of mass surveillance and have always seen our position as verified through the verdict of the ECJ. We would like to re-examine this act in the next legislative term.”

Encryption

  • Saskia Esken MP, SPD: “We must honestly say that combatting terror is already possible today in this context with telecommunication surveillance. And what is now under discussion means an expansion towards a catalog of crimes which is surely not covered by the federal constitutional court – and that is something that we just can’t allow to go through the way it is.”
  • Konstantin von Notz MP, Bündnis 90/Die Grünen: “Encryption is the answer to very many problems that we have. But it only works in conjunction with the idea that the state has a constitutional obligation to guarantee the integrity of digital infrastructure. When I break encryption, then I tear down with one hand what I have attempted to buildwith the other. I do not believe this will hold up.”
  • Thomas Jarzombek MP, CDU/CSU: “Our goal is end-to-end encryption and we are of the opinion that the state must not be allowed to interfere with end-to-end encryption, and that remains our guiding principle today. For the surveillance of persons known to be a danger, the path over the Lawful Interception at the Source (Quellen-TKÜ) with a court order is the interception method that most respects fundamental rights.”
  • Petra Sitte MP, Die Linke: “Here, the state needs to make the first move. This also means that communication with authorities, for example, must be secure, so that encrypted emails, etc. are possible.”

Product Security

  • Saskia Esken MP, SPD: “IT security is not only technology, but rather it is about safe IT behavior and safe IT processes in companies and state institutions, and here, human behavior is part of the equation. Product security in IoT is a further development that we need, but in the area of product liability, we would surely prefer to solve and develop this at the European level, rather than it being necessary at the national level. We want to approach this topic by proposing a voluntary seal of quality.”
  • Konstantin von Notz MP, Bündnis 90/Die Grünen: “So far, we have only examined the security questions in connection with this (digital) infrastructure very superficially. I believe for Germany, in particular, a strength could be created in that high standards are determined and codified.”
  • Thomas Jarzombek MP, CDU/CSU: “For me, a seal of quality is not enough. We need a minimum standard that products need to fulfill, and this should not be optional, but mandatory, like the CE seal. In addition, we need a clear specification stating for how long manufacturers are obligated to continue making security updates available for devices.”
  • Petra Sitte MP, Die Linke: “Human fallibility is the greatest weakness in the system. We will need to develop standards for product security at the European level.”

Further impressions of the event can be found in our photo gallery.

We will present the results of the Internet Policy Party Check at the Internet Policy Forum (in German) on 5 September 2017 and discuss them with high-level representatives from politics and industry.

eco netzpolitischer Abend Microsoft Berlin 05.09.2017
© eco - Verband der Internetwirtschaft e. V.