Germany's biggest telco Deutsche Telekom says a national routing system would protect users by keeping data within the country. But how realistic is it? DW asked Telekom's Philipp Blank.
DW: A national routing system sounds like a good idea. But by definition the Internet is international - data is constantly being moved across borders. So how would a national routing system work?
Philipp Blank: The idea is that when the sender and recipient of any Internet data are in Germany their data is not sent via another country, as it sometimes is today. It's long been the case in the United States that when both sender and recipient are within the country their data is not allowed to be sent outside the country. So it is possible. What we don't want is to pull the plug on the Internet, or that users become isolated.
We are simply asking why - when both sender and recipient are in Germany - is data sent across borders, especially when there's so much insecurity among users right now about foreign intelligence agencies monitoring their Internet activity.
But we're not only talking about emails here, we're talking about Internet activity in general. So let's take Facebook as an example of social media. For Americans, it's not a problem: Facebook is based in the United States, so their data stays there. But for German users, Facebook's European servers may be in Sweden or elsewhere. That means that a national routing system, as you're suggesting it, wouldn't be able to protect the data of German Facebook users.
Of course, our proposal has its limits. If users access services outside of this national - or Schengen - routing system (we propose expanding the system to the Schengen Area), then it won't work. The data will have to be exchanged with that in the United States, and then American regulations apply.
But apart from our proposal for a national or Schengen routing system, we believe it's important for German users that a common, European data protection regulation is passed. Politicians have talked about a regulation for years, but there's been no binding agreement [- aside from a directive]. Such a regulation would ensure that providers from abroad, from the United States, for instance, would be forced to observe European data security laws when offering their services in Europe.
What stopping European politicians from passing such a regulation, particularly after Snowdon's NSA revelations about secret services snooping around our telecommunications?
You'd have to ask the politicians. We can't understand it. We think the European Union should adopt a data protection regulation as quickly as possible. It's very important in order to regain people's confidence in Internet-based services.
Back to your proposal for a national routing system - you'll need the cooperation of other providers in Germany before it can be set up. How are you going about convincing them?
We're using such a system ourselves at the moment - so all the data running over Telekom's German network stays in the country. But, yes, of course it'll make a lot more sense if all network providers in Germany work together because customers cannot possibly know which providers are linked to which networks. That would be expecting too much. They'll have to be able to rely on the system applying for all services within Germany. That's why we must all work together.
Say I have an email account with your company and the person I want to send an email to does as well, but she happens to be in Australia at the moment and calls up her emails on a smartphone or via webmail. The data will have to leave Germany, wouldn't it?
The communication would have to run over foreign networks, those in Australia. The advantage with email communication, though, is that with certain partners, such as GMX and Freenet [two German providers], it is encrypted. This means that even if the recipient is abroad, if the email is sent to one of these provider's addresses, it is at least encrypted.
And what about a cloud? Say I have a Telekom account and registered it in Germany, but I'm in a different country and want to access my data from there.
What we can guarantee in Germany is that if you've registered cloud services with us, your data is saved in German maximum-security server centers.
The Snowdon revelations about data surveillance shocked German Internet users - perhaps more than elsewhere
But of course the same thing applies: in order to access your data while abroad, you will have to go over foreign networks, and then we cannot guarantee anything beyond our own network. And those networks are bound by local regulation and law.
So how much data owned by German users would be protected by your national routing system? And can you say how much data is international and therefore unprotected?
We don't have any concrete statistics about how much data is international or runs across the German border. There's a substantial amount that remains in Germany, but - and we have to be clear about this - most Internet services are American ones that have grown on a massive scale, like Facebook and Google, and they are based in the US, so if you're using their services, a national routing system will not help.
Philipp Blank is a spokesperson and corporate blogger with Deutsche Telekom and is specialized in regulation, data protection and IT security. DW requested interviews with 1&1 and Vodafone - two other national telecommunications providers in Germany - but both declined to comment.