IT as it relates to mobile communications and the Internet has always been an exciting business—and this was probably especially true in 2013.
Indeed, and in more ways than one! With Edward Snowden, the term big data has now taken on a whole new meaning—and has dominated the national and international press as well as the socio-political discourse as well as for months ever since. At the same time, the fascinating dimensions and per-spectives that the Digital Lifestyle opens up for our industry have further emerged during the past year and have become manifest in specific products.
So for freenet AG it’s been exciting in a positive way?
That’s right. Although the past few years have been very exciting ones for us anyway in terms of IT, with the merging of three different IT systems and the merger of three separate service pro-viders into freenet Group in its present form.
In 2013 this was followed by the integration of further acquisitions—such as the GRAVIS retail chain—and the launch of Digital Lifestyle products. On the one hand, we obviously want to take advantage of synergy effects in our data centres. On the other, even in the new lines of business with their innovative products and applications we naturally have a duty to send our customers correct, transparent and timely invoices—month after month.
In Germany there was a huge public outcry in the wake of the former NSA employee’s revelations; beyond the wire-tapping of Angela Merkel’s phone, are we Germans particularly hard hit?
Actually no more than other countries and their citizens, but emotionally and psychologically we are. I believe that after our experience of two totalitarian states in the last century, we Germans are extremely sensitive in this regard—and therefore are more committed to privacy protection than other nations. Besides, our country—unlike, say, Britain, Spain and the United
To our shareholders
To our shareholders: Interviews with the Executive Board 36
States—has been spared massive terrorist attacks in recent decades. Apparently, the countries affected by them are more likely to accept intensive data monitoring for secu-rity purposes.
As a result, there have been several initiatives for more privacy protection as well as a significant shift of users away from U.S. email providers…
..., and freenet has been one of the beneficiaries. For instance, after the Snowden revelations we saw monthly increases of up to 80 percent in the number of our users.
The firm Convios Consulting found that 10 percent of Ger-mans surveyed who had American email accounts had swit-ched or definitely planned to switch providers, and nearly a quarter were at least considering such a change in the near future.
Because they feel safer with a German provider...
... which they in fact are as far as data security is con-cerned. With us, at least for local authorities, the German Data Protection Act applies if the provider’s jurisdiction and server are located in Germany.
Add to that initiatives such as “Email made in Germany”, which freenet was one of the first companies to join.
We have a long tradition of being a trailblazer among Ger-man providers in matters of security. More than ten years ago, we committed ourselves to basic rules regarding this.
We offer secure data hosting in German data centres, and store the data with maximum privacy in accordance with the German Data Protection Law. We also use the TLS pro-tocol to encrypt communication between mail servers for the customer, plus SSL during login and on request for the entire session.
So special security features also apply for the new Cloud that mobilcom-debitel has offered since spring of 2013?
Indeed. For a low monthly fee of a few euros, we provide various dimensions of online storage for data, documents, appointments, photos, and music. Our customers can access them anytime, anywhere—from their smartphone or tablet, at home or in the office. We are one of the very few providers to exclusively store this customer data in Germany.
To our shareholders To our shareholders: Interviews with the Executive Board 37
And now comes yet another initiative, the “Internet protection shield” that some of the German network operators claim to be working on…
... which I’m not expecting too much from at the end of the day. The shield is meant to guaran-tee that German domestic emails and other data will only be sent via hubs in Germany in future, so they cannot be spied on as easily any more by foreign intelligence services and companies.
This would require the network opera-tors in Germany to directly merge their networks to ensure national traffic management.
Yes, and later this “German Internet” could then be extended to the Schengen countries—at least that was being considered at times. However, this would require considerable investment in Ger-man hubs and higher user fees, because the local exchange points between the individual ISPs would no longer be able to cope with German domestic traffic, which in the past has frequently looked for low-cost “detours” on available connections in England or America for instance. Besi-des, this contradicts the basic idea and the outstanding success of data traffic via the Internet as a global, flexible and easily accessible network for virtually endless information and commu-nication for everyone.
It would be impossible to keep the secret services out anyway!
That would appear to be the case, if TV and press reports are to be believed. Last November the FAZ wrote: “How servilely the German intelligence services offer themselves to the British and Americans, so they aren’t always relegated to a side table during the big data roulette game.”
There’s nothing left to add to that, really.
So there won’t be a total shielding of our data, calls and emails in the future, either.
Hardly. But as a business, we can and must attempt to do our best to fend off smaller, “routine”
attacks on internal company data and customer communications. We must also at all costs avoid our IT systems collapsing as a result of attacks or overloads.
For example, through phishing, Trojans, viruses or—an extremely important field —industrial espionage.
Exactly. First of all, our own security experts at freenet AG IT are meant to ensure this. Beyond this, this year we are performing penetration tests over several months for the third year running.
This involves “white hackers”—benign IT attackers, so to speak, certified by the Federal Office for Security in Information Technology (BSI)—search for gaps in our systems, drawing on their experience at banks, insurance companies and energy groups. We also give them additional gui-dance and information about potential vulnerabilities in the system, but without the access data.
We essentially hand them the best preconditions for cracking our systems—showing them the
To our shareholders
To our shareholders: Interviews with the Executive Board 38
doors to the IT, but without giving them a key. All the better if our systems hold strong nevert-heless—as they have done very impressively so far.
So customers and business partners are in the best of hands at freenet?!
That is what we try to ensure. But ultimately, no one is immune against massive criminality, as last year’s data theft by an external service provider at a major network operator showed—or the CDs containing customer data from Swiss banks. The latter were considered the paragon of excellence in security for decades. Clearly, even intelligence services can no longer protect them-selves against data theft in their own ranks, which has a certain irony.
Basically, in IT as in real life there is a perpetual race between good and evil; between honest people and businesses who work hard for their goals and achievements, and criminal elements who want a piece of the pie with as little effort as possible. At freenet AG, we do everything we can to ensure that the “good guys” always stay one step ahead.
To our shareholders To our shareholders: Supervisory Board report: Supervision and advice in an ongoing dialogue with the Executive Board 39
In the following, the Supervisory Board reports on its activities during the financial year 2013.