Aspect 3: Social concerns

We are finding new solutions to many different challenges our society is currently facing as a result of the digital transformation. Since this development affects every area of our lives, access to state-of-the-art information technologies is key to participating in a knowledge and information society. As a telecommunications company, we are responsible for providing such access to as many people as possible and for promoting the competent use of . The security of our customers’ data is our top priority in this respect. When used properly, ICT can also make a valuable contribution to sustainable development.

Deployment of ICT products to the benefit of society SDG 12

As part of our climate protection activities, we are systematically working toward shrinking our carbon footprint. We can make a much larger contribution to climate protection with our products and services. According to the study “Digital with Purpose: Delivering a SMARTer 2030,” ICT products have the potential to save almost four times as many CO2 emissions in 2030 in other industries as the industry itself produces. We can also use our products, services, and activities to contribute to tackling many other ecological and social challenges, as was made clear in a comparison with the 17 Sustainability Development Goals () adopted by the United Nations. For instance, ICT solutions can help reduce resource consumption in agriculture and increase harvests, shape cities up for the future in terms of sustainability, stabilize power supply grids, or improve access to education and medical care – areas of application that offer market opportunities for our Company. In order to evaluate the concepts described in this NFS, it is important to also look to the opportunities digitalization opens up for sustainable development. For this reason, we are addressing the topic here, even though it is not required under the CSR Directive Implementation Act.

Since 2014, we have been analyzing the scope of the sustainability benefits offered by selected products. These benefits include, for example, the expansion of electromobility in towns and cities: For instance, our Croatian subsidiary Hrvatski Telekom has set up 11 connected charging stations for electric vehicles on the island of Krk, which enable a range of functions. The initiative is part of Krk’s long-term strategy to become Croatia’s first “smart” island. Hrvatski Telekom’s e-mobility solution offers state-of-the-art services infrastructure and “turnkey” charging technology. The network currently comprises 150 publicly accessible charging stations with more than 200 charging points in 80 towns and cities across Croatia and it is continuously being expanded.
SDG 7

Using the Sustainable Revenue Share ESG KPI, we determine how much revenue (excluding T‑Mobile US) we generate from products that make a contribution to sustainability. In 2019, this share amounted to almost 43 percent. We also calculate the positive CO2 effects facilitated for our customers through using selected products. We combine this figure with our own CO2 emissions to determine the enablement factor, which we use to measure our overall performance in relation to climate protection. According to this figure, the positive CO2 effects facilitated for our customers in Germany were 144 percent higher in 2019 than our own CO2 emissions (enablement factor of 2.44 to 1).

Enablement Factor ESG KPI

Deutsche Telekom Group in Germany in 2019

Enablement Factor ESG KPI (graphic)

Sustainable products are another key competition factor at our Company. In order to highlight these sustainability benefits to our customers, we have suitable products certified by recognized environmental labels such as the Blue Angel. The majority of Telekom Deutschland’s fixed-network devices and media receivers, for example, carry the Blue Angel seal of approval. In the reporting year, the Blue Angel was also awarded to the joint system of Telekom Deutschland and Teqcycle for taking back cell phones. SDG 12

To also make our efforts transparent for our customers, we introduced the “we care” label in 2019. This includes two categories for labeling products, services, measures, and initiatives offering ecological or social sustainability added value. For example, our sustainable smartphone recycling scheme for Germany has been included in the “Environment” category. Customers can sell their old devices back to us; these are then refurbished as much as possible and packed into biodegradable boxes. Other customers can then buy these good-as-new refurbished devices at a reduced price. This saves resources like water and energy, which are used in large quantities in the manufacture of new smartphones, and valuable raw materials like tantalum or tungsten, used in their components. Further information on the second category of the “we care” label – Digital participation – can be found in the next section. SDG 12

Connecting the unconnected – access to and participation in the information and knowledge society

All around the world, having access to state-of-the-art information technologies is a precondition for economic performance and participation in a knowledge and information society. That is why we continue to rapidly expand our infrastructure and improve transmission speeds with new, secure technology. At the same time, we use our social initiatives to reduce potential obstacles to ICT use. SDG 8

Demand for faster data services with full-coverage availability is growing continuously. The majority of the Group’s investment volume in Germany, which currently amounts to around EUR 5.5 billion a year, is for the build-out of broadband networks. This build-out is based on the goals of our Europe-wide integrated network strategy, which we use to help achieve the EU Commission’s network build-out targets and the Federal Government’s Digital Agenda and broadband strategy. Founded on two pillars – building out mobile networks and rolling out – our strategy sets out, among other elements, to upgrade our mobile networks with / technology so as to offer greater network coverage with fast mobile broadband. By the end of 2019, we already covered more than 98 percent of German households with LTE. We also began the build-out in eight German towns and cities in 2019. The biggest 5G area in Germany is in Berlin. At the end of the reporting year, our fixed network provided around 35 million households with fiber-optic-based technology. In addition to technology, we are using other innovative products, such as our , which combines the transmission bandwidths of fixed-network and mobile communications, thus attaining higher transmission speeds – particularly in rural areas. SDG 9

For further information about our build-out targets, please refer to the section “Group strategy.”

In general, we want to make our network infrastructure and our products as efficient, environmentally friendly, and harmless to health as possible. That is why we are committed to addressing the topic of mobile communications and health responsibly. In the context of the award of the 5G licenses, there was public debate in 2019 around the potential effects of on health. We have been providing information on the scientific evidence regarding mobile communications and health for 20 years now. Together with Telefónica Deutschland, we also support the information platform www.informationszentrum-mobilfunk.de. This platform provides expert and evidence-based information on mobile communications topics subject to controversial public debate: about health, research, technology, benefits, and applications. In 2019, Informationszentrum published a brochure on 5G and interviews with scientific experts on these topics. We adopted our Group-wide EMF Policy (EMF being short for “electro-magnetic fields”) back in 2004. It defines standard requirements – which considerably exceed the applicable national legal requirements – for addressing mobile communication and health-related matters. SDG 3

For further information, please refer to the section “Risk and opportunity management.”

Responsibility for shaping the digital transformation has to be assumed by society as a whole. Our Board of Management plays an active role in this discussion, which entails looking at matters such as how we can use artificial intelligence (AI) responsibly. AI is a well-hidden feature in an ever-growing number of ICT products and services. It opens up opportunities, but also presents challenges. Under the auspices of Group Compliance Management, we adopted guidelines on the ethical use of AI in 2018, which set out how we, Deutsche Telekom, want to use AI in a responsible manner. In 2019, we carried out training and workshops on implementing the guidelines, held a conference on digital ethics, provided employees with comprehensive information using a range of formats, integrated the AI guidelines in contract-relevant provisions for our suppliers, and developed an internal test seal for ethical AI products: AI applications that satisfy our high standards carry the seal. SDG 8

But access to technology alone is not enough to ensure everyone can participate in the knowledge and information society – people also need to know how to use digital media safely, competently, and responsibly. More and more, this issue not only has a private dimension – the protection of personal data – but also a socio-political one. Hardly any area of life is untouched by digitalization. That is why we are working to build media literacy skills in the population. We are led here by our aspiration #TAKEPART – after all, digital participation is also social participation. SDG 10

Within the company, GCR is the linchpin when it comes to digital media skills. The individual national companies are responsible for developing and implementing media literacy projects, which allows regionally specific conditions to be better taken into account. One example of the commitment of our national companies is the strategic partnership of our Greek company COSMOTE with the two charitable organizations STEM Education and WRO Hellas. STEM Education promotes education in STEM subjects (science, technology, engineering, and mathematics). WRO Hellas holds youth competitions for . Since 2013, this partnership has reached more than 18,000 school students, more than 1,500 teachers have taken part in free workshops and webinars, and more than 500 construction kits that allow children and young people to explore the world of robotics through play have been put in schools. What’s more, in 2019 COSMOTE directly helped a Greek school to set up a Junior Engineering Academy (JEA). JEA is a two-year program launched by the Deutsche Telekom Foundation that aims to promote STEM subjects at middle-school level. In 2019, the Deutsche Telekom Foundation set up such academies in cooperation with STEM Education at 16 Greek secondary schools. As one of Germany’s major corporate foundations, the Deutsche Telekom Foundation is dedicated to improving education in STEM subjects in the digital world. Since 2018, it has been supporting the initiative “The Future of STEM learning” and, together with five universities, developing concepts for good STEM teaching. In total, the Deutsche Telekom Foundation has invested EUR 1.6 million in this project. SDG 4

We present all of our initiatives for greater media literacy in Germany on the website “Media, sure! But secure.” (www.medienabersicher.de/en/), where we provide informational material for all ages. The #TAKEPART stories examine socially-relevant issues arising from digitalization from a practical perspective and translate them into a range of offers for multipliers. Many of the modules are also available in simple language. Our multi-award-winning Teachtoday initiative (www.teachtoday.de/en/) helps children and young people learn how to navigate the internet safely and skillfully. Our focus for 2019 was “digital democracy”: What benefits does the digital world offer for political participation and opinion forming? Where is democracy threatened by what happens on the internet – for instance through open or veiled populism, hate speech, fake news, and the manipulation of public opinion? Our “Media sure, but secure.” offer carries the “we care” label in the “Digital participation” category. In this category, the label highlights a positive contribution toward solving social challenges in the digital world. SDG 16 SDG 4

In addition, in 2019, we reached many thousands of people with snackable content, discussion rounds, and workshops on the topic of “digital democracy,” for instance at IFA in Berlin. We aim to raise awareness and highlight alternative courses of action, for example on the question of how to identify fake news and how to apply this knowledge when using social media. We also have a media skills offering aimed at senior citizens in collaboration with the German Association of Senior Citizens’ Organizations (Bundesarbeitsgemeinschaft der Senioren-Organisationen – BAGSO). Teaching media literacy skills is also a core focus of our corporate volunteering programs, where employees devote their free time so as to share their expertise.

Data security is another focal point of our efforts. Our advisory service www.telekom.com/en/corporate-responsibility/data-protection-data-security/digitally-secure and our app-based “We Care” magazine offer practical advice on how to use digital media safely and securely.

We measure the impact of our Group’s social commitment with a set of three ESG KPIs. The Community Investment ESG KPI maps our social commitment in terms of financial, human, and material resources. In 2019, this amounted to EUR 59 million. The Beneficiaries ESG KPI shows the number of people involved in community activities and how many people we have reached – 13 million in 2019. The Media Literacy ESG KPI calculates the proportion of the target group reached through media literacy programs as part of our social commitment efforts. In 2019, this KPI decreased slightly to 41 percent, down from 42 percent in the prior year. We aim to reach 45 percent by 2020. The 2019 ESG KPIs for the Deutsche Telekom Group in Germany were EUR 32 million (Community Investment), 11 million people reached (Beneficiaries), and 46 percent (Media Literacy).

Community Investment ESG KPI

 

Community Investment ESG KPI (graphic)

Helping refugees integrate into the German labor market constitutes another core element of our social commitment efforts, in part through the continuing awarding of internships. To encourage long-term integration, follow-on employment was found for 56 participants either with Deutsche Telekom itself or with partner companies. This was done, for example, by switching from an internship to vocational training or a cooperative study program, or from training to a permanent position. In 2019, a total of around 450 refugees held positions in the various ongoing measures and new offers. Over the last few years, we have gained a lot of experience in integrating refugees in the labor market. The special processes initially necessary for this were incorporated into our standard processes in 2019, permanently embedding them in our Company. SDG 4

Data privacy and data security SDG 16

The process of digitalization comes with new kinds of threats, such as hacker attacks on the sensitive data of private individuals or companies. People will only actually use new ICT solutions if they trust in the security of their personal data – and only then can these solutions develop their true potential for more sustainable development. As a result, we attach particularly great importance to protecting and securing data.

For further information, please refer to the section “Risk and opportunity management.”

Our active data protection and compliance culture, which has been built up over ten years, sets national and international standards. The data privacy-related compliance management system outlines the measures, processes, and audits we use to ensure compliance with laws, regulations, and voluntary commitments to uphold data privacy in the Group.

As of March 31, 2020, the current Board of Management member responsible for Data Privacy, Legal Affairs and Compliance (DRC) is leaving the Company. At its meeting on May 22, 2019, the Supervisory Board of Deutsche Telekom AG thus resolved to assign the Data Privacy, Legal Affairs, and Compliance units to the Board of Management department for Human Resources, which has been renamed Human Resources and Legal Affairs. As part of this step, the Risk Management and Internal Audit units were assigned to the Board of Management department for Finance, and the Security unit was assigned to the Board department for Technology and Innovation. Since 2009, the Board of Management has been advised by an independent Data Privacy Advisory Board comprising reputable experts from politics, science, business, and independent organizations. At the change of the year, the role of the Advisory Board was strengthened by adding additional members from the ranks of the Board of Management and the Supervisory Board of Deutsche Telekom AG.

Data privacy and data security are subject to the corresponding Binding Corporate Rules Privacy (BCRP): The Data Privacy Policy governs how the Group treats personal data. The Group Security Policy contains significant security-related principles valid within the Group, which are based on the international ISO 27001 standard. These policies allow us to guarantee an adequately high and consistent level of security and data privacy throughout our entire Group.

We issue an annual transparency report – since 2014 in Germany, and since 2016 in our national companies – in which we set out the nature and scope of our disclosures to security authorities. In doing so, we are fulfilling our statutory duty as a telecommunications company.

In order to ensure even better data privacy and data security within our Group, our corporate units are audited and certified regularly by internal and external experts. This includes the certification of the Telekom Security management in accordance with ISO 27001, regular Group-wide internal security checks, and the review of the individual Group units in connection with security maturity reporting. These audits help us assess the status quo of security in our Group.

We use two surveys – the Group Data Privacy Audit (GDPA) and the Online Awareness Survey (OAS) – to measure awareness of data privacy and security within the Company by means of random checks every two years. For the GDPA, we survey 50,000 Deutsche Telekom employees on topics related to data privacy and data security. The results are used to calculate the Data Protection Award indicator – which quantifies the level of data protection in the units on a scale from 0 to 100 percent. It is based on what the employees said they thought, did, and knew about data protection. The Data Protection Award indicator was last calculated in 2018 and stood at 76 percent (excluding T‑Mobile US; 2017: 75 percent). The OAS surveys roughly 42,000 employees and provides key data on their awareness of security issues. With academic support, we use the results from this survey to determine the Security Awareness Index (SAI). In the last survey in 2018, the index was 78.3 (excluding T‑Mobile US; 2017: 78.4) of a maximum of 100 points (higher than in any other benchmark company). We also have our processes and management systems as well as products and services certified by external, independent organizations such as TÜV, DQS, DEKRA, and auditing firms. The IT systems at Telekom Deutschland were most recently certified as secure in 2018 by the testing institute TÜV Informationstechnik (TÜViT) of the TÜV Nord Group.

Telecommunications companies are required to train their employees on issues related to data protection law when they begin their employment. Deutsche Telekom goes above and beyond these legal requirements: Every two years, we train all of our employees in Germany and place them under an obligation to uphold data privacy and telecommunications secrecy. Corresponding requirements apply to our national companies. Where there is a greater risk of data such as customer or employee information being misused, we also provide additional online training designed for self-study, give data privacy presentations, and host classroom training courses on specialized topics such as data privacy in call centers.

Our Telekom Security unit is responsible for internal security matters for the protection of all Group units, and offers security solutions for consumers, business customers, public authorities, and state agencies. In 2019, the unit broadened its cyber defense and threat intelligence capacities, and gained further DAX-listed and international companies as customers. In our Cyber Defense and Security Operation Center, more than 240 security experts around the world monitor our systems and those of our customers around the clock.

We react to new emerging threats and continuously develop innovative processes for defending against attacks. And for good reason: Cybercrime continues to rise at a dramatic rate. Cyberattacks on companies are becoming more aggressive and sophisticated across all industries. Attack numbers are increasing exponentially: In the reporting period alone, we registered on average almost 40 million attacks per day on our honeypot systems. Of course, not all of the attacks picked up by our sensors are high-level threats. Most are automatic scanning tools seeking to exploit potential vulnerabilities. While these do not necessarily count as fully fledged attacks, they are still to be seen as relevant early-stage activities. In a shielded environment, Telekom Security even develops its own malware and uses it to test whether new systems can reliably detect and mitigate new attack vectors. In this way we ensure our own critical IT infrastructure is protected. We also offer other operators critical infrastructure advisory services, for example to energy providers.

Our security experts use their experience to help develop security solutions for our customers. In 2019, Telekom Security brought a wide range of new solutions to market maturity. Data privacy and security play a fundamental role in the development of our products and services. We review the security of our systems at every step of development using the Privacy and Security Assessment process both for new systems and for existing systems when the technology or method of data processing is modified. We use a standardized procedure to also document the data privacy and data security status of our products throughout their entire life cycle. Our security management systems are certified externally. At the same time, we ensure that our services also comply with specific regulatory requirements from other industries, such as TISAX in the automotive industry.

Youth protection aspects are also taken into consideration in our product and service design. When we develop services that could be relevant in terms of youth protection in Germany, we consult our Youth Protection Officer for suggestions of restrictions or changes. In 2014, we appointed a Child Safety Officer (CSO) in each of our national companies in Europe. The CSO acts as a central contact for the relevant stakeholders of the community, and plays a key internal role in coordinating issues relevant to youth protection. Since protecting minors when they interact with media is a challenge across many different industries, we cooperate with different youth protection organizations and participate in alliances such as the “Alliance to better protect minors online,” which aims to make the internet a safer place for children and young people. SDG 3

We work with research institutes, industry partners, initiatives, standardization bodies, public institutions, and other internet service providers worldwide with a view to fighting cybercrime and enhancing internet security together. For instance, we collaborate with the German Federal Office for Information Security throughout Germany and with the European Union Agency for Network and Information Security at a European level. In 2019, we hosted the fourth Telekom Security congress in Bonn, Germany, inviting partners and customers. Issues such as data security and transparency are also becoming increasingly important at the political level. The Cyber Security Cluster Bonn is an association of authorities and companies in Bonn that are dedicated to consulting, education, and research in the field of . As an expert committee, the Cyber Security Cluster Bonn offers direct advice to German and European government bodies. SDG 17

ICT
Information and Communication Technology
Global e-Sustainability Initiative (GeSI)
GeSI is a joint initiative established by the world’s leading ICT organizations with the objective of improving sustainability in the ICT sector. Deutsche Telekom is a member of GeSI, as are many other leading enterprises.
ICT
Information and Communication Technology
Sustainable Development Goals (SDGs)
The Sustainable Development Goals form the core of the 2030 Agenda, which the member states of the United Nations adopted in 2015 to ensure sustainable global development. The aim is to enable economic development and prosperity – in line with social justice and taking account of the ecological limits of global growth. The Agenda applies equally to all nations of the world. The 17 SDGs define goals to reduce poverty and hunger, promote healthcare and education, enable equality, protect the environment and climate, and make consumption sustainable.
Optical fiber
Channel for optical data transmission.
4G
Refers to the fourth-generation mobile communications standard that supports higher transmission rates (see LTE).
LTE - Long-Term Evolution
New generation of 4G mobile communications technology using, for example, wireless spectrum on the 800 MHz band freed up by the digitization of television. Powerful TV frequencies enable large areas to be covered with far fewer radio masts. LTE supports speeds of over 100 Mbit/s downstream and 50 Mbit/s upstream, and facilitates new services for cell phones, smartphones, and tablets.
5G
New communications standard, which offers data rates in the gigabit range, converges fixed-network and mobile communications, and supports the Internet of Things – rollout starting 2020.
Vectoring
Vectoring is a noise-canceling technology that removes the electro-magnetic interference between lines, enabling higher bit rates. However, in order to cancel noise, the operator must have control over all lines. This means that other operators cannot install their own technology at the cable distribution boxes.
Hybrid router
Routers that are able to combine the customer’s fixed and mobile bandwidths.
5G
New communications standard, which offers data rates in the gigabit range, converges fixed-network and mobile communications, and supports the Internet of Things – rollout starting 2020.
Bot
A bot (short for robot) is a computer program that processes repetitive tasks in a largely autonomous manner without the need for interaction with a human user.
Cybersecurity
Protection against internet crime.