Digital Independence NSA Scandal Boosts German Tech Industry
The German IT sector is hoping to profit from trust lost in American technology firms in the aftermath of the NSA spying scandal. But critics warn that plans to create a European routing system could affect the openness of the Internet.
For those interested in learning what German Interior Minister Thomas de Maizière thinks of the Internet, a visit to the little-known website bevoelkerungsschutz-portal.de (population protection) can be instructive.
The website is full of information regarding Germany's response to potential catastrophes: mass epidemics, terrorist attacks, floods and the like. Last week, the site posted a video from a conference during which de Maizière discussed Internet security with the country's digital elite.
In the video, the interior minister, a member of Chancellor Angela Merkel's Christian Democratic Union, speaks of a "devastating crisis of confidence," but he shies away from explicitly naming the danger. Instead of talking about the United States' NSA intelligence agency or about whistleblower Edward Snowden, he talks of "the recent events" and of "those who collect data." He says the task is now that of rebuilding trust.
The Internet as an issue for civil protection authorities? It's not that farfetched in Germany at the moment. The revelations made public in recent months by Snowden have shown just how easy it is to spy on Germany, how poorly prepared the country's officials are and how clueless the population is.
They have also led the government to promise a large digital offensive. No matter what areas of life are affected by the web, it is to become safer, more people-friendly and more powerful. People in Germany are to regain their digital sovereignty and be able to surf the net with confidence. And the country itself is to achieve digital independence by establishing an independent infrastructure that is free of reliance on the US.
Such are the goals of the "digital agenda" that the government hopes to assemble in the first quarter of this year. And though the starting point is poor, the Snowden affair could nonetheless become something of a turning point.
The revelations he brought to the world's attention have placed huge pressure on US Internet and IT giants. Companies that until recently were both extremely powerful and enormously arrogant are now concerned that their users could flee to firms overseas. According to market analyst James Staten of Forrester Research, US companies could stand to lose up to $180 billion (133.2 billion) in turnover by 2016 as a result of distrustful customers. More conservative estimates place the potential losses at $35 billion.
The first signs of trouble can already be found on the balance sheets of the big players. Both IBM and Cisco have seen precipitous falls in foreign sales, particularly in China. Meanwhile, Google and Facebook are pleading with the government in Washington to exert more control over the country's intelligence agencies out of fear of a user revolt.
Microsoft also generated headlines when, on the sidelines of the World Economic Forum in Davos, the company announced that foreign customers in the future would be able to store their data on local Microsoft data centers near where they live. The use of local clouds in data centers located in the Netherlands and Ireland is already possible now, but most customers are unaware of the service.
Critics have begun warning of the "Balkanization of the Internet" and doubt whether merely storing data on local servers will protect it from American intelligence. Microsoft, for example, with its headquarters in Redmond, will still have to continue obeying American law and turning over confidential data in some cases.
As a result, companies like Deutsche Telekom have demanded that data be processed within Europe to the degree possible. But the idea, known as "Schengen Routing," has been received with skepticism by European Commissioner for Digital Agenda Neelie Kroes. "It is not realistic to contain data within Europe. You cannot put up border controls. That would destroy the openness of the Internet," she told SPIEGEL.
Kroes, a native of Holland, is thus focusing on the development of a seal of quality for data protection within the framework of the European Cloud Partnership, as Europe's efforts toward establishing a digital single market for cloud computing in Europe is called. She wants to "force all companies active in Europe to report any kind of data breach, be it from hackers or from government agencies. This will be part of the Network Security Directive. Each country would be required to create a trusted platform where these data breaches must be reported by companies."
It is a proposal that could be seen as a threat on the other side of the Atlantic, but it represents an opportunity for Germany. "Our best marketing employee is Edward Snowden," goes a joke often heard these days within Germany's IT industry.
Indeed, optimism is spreading. Merkel's new government "has a unique opportunity to advance Germany as a place for doing business," says Philipp Otto from the information portal iRights Cloud.
"The Snowden effect is real," agrees Ali Jelveh, co-founder of the firm Protonet. "Many mid-sized companies that have thus far managed their communications using cloud services are now interested in re-establishing their digital sovereignty."
Jelveh, from Hamburg, has a product to fulfil such wishes. It is an elegant, orange-colored metal box: essentially a personalized cloud with a massive storage capacity. The company calls it "the simplest server in the world."
The Need for Encryption
Jelveh was born in Iran and his family was torn apart by the country's revolution and the ensuing war. He has little faith in state promises of security. Because it is difficult to attract venture capital in Germany, he requested support using the crowdfunding platform Seedmatch -- and was vastly successful. He raised the 200,000 he needed within a mere 48 minutes. Soon, he plans to expand to the US.
The small start-up Protonet is in some ways typical for the Internet sector in Berlin, with company names that are largely unknown. The list includes Secunet, G-Data, Boxcryptor, Secomba and others. A newcomer in recent years is the Berlin-based start-up Posteo. The company has nine employees and offers an encrypted e-mail service which, in contrast to many of its competitors, is easy to use and has received top marks from evaluators. Since the Snowden revelations, the number of accounts at the company has quadrupled.
Although these companies are small and relatively vulnerable, they could be nurtured by the state in order to give them a fighting chance of becoming bigger players. Current practices in Germany, however, make that especially difficult. When it comes to putting out IT security infrastructure to bid, for example, German government agencies are far more inclined to give their business to large, often American, firms rather than small German companies.
Can the Government Help?
Politicians say they want to change this. Brigitte Zypries of the center-left Social Democratic Party (SPD) -- who for a few weeks now has been a senior official at the Economics Ministry responsible for the digital economy -- is pledging creative new Internet projects in all government ministries, including her own. "In addition to crowdfunding, we also want to see if a new market segment can be created on the stock markets in order to make it easier for Internet companies to raise venture capital," she said.
It will take a long time before any of that happens. For one thing, the reallocation of responsibilities, which is common with any new government, hasn't made the environment for change any simpler. The Transportation Ministry, for example, has been given extensive new responsibilities for Internet infrastructure. Its head, Alexander Dobrindt, is a member of the Christian Social Union (CSU), the Bavarian sister party to Merkel's conservatives. Dobrindt is very conscious of his own political muscle and isn't afraid to flex it. During the 11th hour of negotiations to form the new government, Dobrindt, who is calling himself the "Internet Minister," secured responsibility for the development of the country's digital infrastructure, stepping on the toes of those who were previously responsible for this area.
Many are staffers at the Economics Ministry. At the beginning of this year, Dobrindt sent a letter to the ministry stating that he wanted to transfer the entire Economics Ministry department responsible for digital infrastructure to the Transportation Ministry.
As might have been expected, Dobrindt ruffled feathers with Economics Minister Sigmar Gabriel of the SPD, who is also Merkel's deputy chancellor in their power-sharing coalition government. Gabriel rejected the former CSU general secretary's demand, agreeing only to allow two staffers to move to the Transportation Ministry -- the officials responsible for expanding the broadband network and the mobile phone network. The uproar was so great among Economics Ministry officials that Gabriel had to quiet them earlier this month by saying employees wouldn't be lost in "wrestling over areas of responsibility." He added: "There's plenty of work here for everyone."
A Hodge-Podge of Responsibilities
As Gabriel and Dobrindt quarreled, a third cabinet member held his own Internet conference to announce his ministry's plans. Interior Minister de Maizière, also had the Internet on his agenda during his short stint as head of the ministry during Merkel's second term as chancellor. At the time, though, his focus was largely on reining in terrorist and criminal threats on the Internet.
A hodge-podge of digital responsibility is also emerging in Germany's federal parliament. Previously, the economics and consumer protection committees had been responsible for digital issues, but now a "digital agenda" committee has been created.
The existing committees, of course, are in no way keen to cede authority for Internet-related issues, particularly when it comes to legislative procedures. If that weren't all confusing enough, plans are also afoot to establish expert panels. Each government minister appears to want to create his or her own.
Worry is growing among Germany's Internet activist community that ineffective institutions will ultimately be the result. "The politicians are once again getting caught up in petty jealousies," says Holger Mühlbauer of the Federal Association of IT Security.
But Lars Klingbeil, the SPD spokesman for the digital agenda committee in parliament, seeks to calm such fears. "We consider ourselves to be a coordinated institution," he says, calling on those who are pursuing their own course to close ranks. "Net politics needs to finally grow up, and that can only happen if we pull together."
Last week, the new German government unceremoniously missed its first opportunity to strengthen Germany's position as an IT player. During a meeting of the European Union interior and justice ministers in Athens, the German government blocked the EU's planned new Data Protection Directive.
Translated from the German by Charles Hawley and Daryl Lindsey