What’s the difference between us Germans and, let’s say Americans, if our spying or security agencies instruct the industry to provide them with all relevant data needed to “spy on friends”?
In keeping with tradition, we don’t do things informally. We document procedures in a proper contract that obliges all parties to confirm in writing that all information within the document is accurate and complete. What can we do, we are bureaucrats.
In the “Agency Contract ‘Transit'”, which has just been published, it is revealed that the German foreign intelligence service BND has been buying available “telecommunication” information from the Deutsche Telekom for a bargain of 6,800 EUR per month. That gives plenty of room for speculation about
the real reward.
If there ever was any reward, that is. Maybe the former state-owned monopoly is still acting as part of the state and in anticipatory obedience. That is also something we are prone to do, so it would not be surprising at all, if information regarding domestic telecommunications would also have found its way to an agency.
The German BND and the American NSA are not so different in the end, especially regarding their objectives and actions. The NSA might be better equipped technically and the BND signs formally correct
contracts. In any case, this shows again that we can not trust that suggestions like “Schengen-Routing”, data storage in Germany only or even German inventions like “De-Mail” serve to protect the privacy of communications and data.
In order to really protect your data, be it as a company or a private citizen, you must rely on thorough encryption. And this can be done only with open source software, as it is the only way to ensure that it can be examined any time and independently to make sure the encryption software itself does not contain any back doors.