Aspect 3: Social concerns
Access to state-of-the-art information technology is key to participating in the information and knowledge society. Our promise with the #TAKEPART brand campaign is to enable as many people as possible to participate – also and especially in times of crisis. We are delivering on that promise with an array of different activities. In this context, the security of our customers’ data is of prime importance. But the internet is also supposed to be a space in which everyone can feel safe and where we interact on the basis of democratic principles. That is why we are actively pushing for a positive culture of online debate, promoting the competent use of ICT, and making a stand against hate speech and for digital civil courage.
During the coronavirus pandemic, the internet has enabled us to physically distance yet still stay close to others. In 2020, we provided practical assistance with various solutions and campaigns. In Germany, for instance, we gave our customers free data volumes under their plans. What is more, together with SAP we developed a coronavirus tracing app (Corona-Warn-App) on behalf of Germany’s Federal Government. As of December 2020, the app had been downloaded over 23 million times. Many of our national companies, too, were able to provide rapid solutions. T‑Systems Iberia, our national company in Spain, for example, cooperated with Mercabarna, a Spanish food wholesaler, to develop an app that links up supermarkets, social welfare organizations, and logistics companies in a digital marketplace. The idea behind the app was to get donations of food quickly to where they are urgently needed in Spain during the pandemic.
We can use our products, services, and activities to contribute to tackling many environmental and social challenges, as was made clear in a comparison with the 17 sustainability goals (SDGs) adopted by the United Nations. For instance, ICT solutions can help reduce resource consumption in agriculture and increase harvests, shape cities up for the future in terms of sustainability, make mobility more sustainable, stabilize power supply grids, or improve access to education and medical care – areas of application that offer market opportunities for our Company. In order to evaluate the concepts described in this NFS, it is important to also look to the opportunities digitalization opens up for sustainable development. For this reason, we are addressing the topic here, even though it is not required under the CSR Directive Implementation Act.
For further information on our sustainability risks, please refer to the section “Risk and opportunity management – Risks and opportunities.”
Using the Sustainable Revenue Share ESG KPI, we determine how much revenue (excluding T‑Mobile US) we generate from products that make a contribution to sustainability. In 2020, this share amounted to just over 44 %. For the Enablement Factor ESG KPI, we also calculate the positive CO2 effects facilitated for our customers through using selected products. We combine this figure with our own CO2 emissions to determine the enablement factor, which we use to measure our overall performance in relation to climate protection. According to this figure, the positive CO2 effects facilitated for our customers in Germany were 610 % higher in 2020 than our own CO2 emissions (enablement factor of 7.1 to 1). The substantial increase against the prior year (enablement factor of 2.4 to 1) is another consequence of the coronavirus pandemic; it results largely from the increased use of our web- and video-conferencing tools due to the growing number of people working from home and home schooling.
Sustainable products are another key competition factor at our Company. In order to highlight these sustainability benefits to our customers, we have suitable products certified by recognized environmental labels. The majority of Telekom Deutschland’s fixed-network devices and media receivers, for example, carry the Blue Angel seal of approval, which was also awarded to the joint system of Telekom Deutschland and Teqcycle for taking back cell phones.
We also use our “we care” label to identify products, services, measures, and initiatives that offer ecological or social sustainability added value, e.g., in the Environment category, our green network in Germany and our reusable carry bags. Further information on the second category of the “we care” label – Digital participation – can be found in the next two sections.
Detailed information on this will be published in our 2020 CR report.
Network access and digital responsibility
All around the world, having access to state-of-the-art information technologies is a precondition for economic performance and participation in a knowledge and information society. That is why we continue to rapidly expand our infrastructure and improve transmission speeds with new, secure technology.
Demand for faster data services with full-coverage availability is growing continuously. We invested around EUR 17 billion (not including spectrum investment) primarily in building and operating networks in Europe and the United States, with around EUR 5.5 billion of this figure earmarked for Germany alone. Hence, the majority of the Group’s investment volume in Germany is for the build-out of broadband networks. These investments have already paid off – during the coronavirus pandemic, for example, our network was running stably despite increased data traffic. This build-out is based on the goals of our Europe-wide integrated network strategy, which we use to help achieve the EU Commission’s network build-out targets and the Federal Government’s Digital Agenda and broadband strategy. Founded on two pillars – building out mobile networks and rolling out optical fiber – our strategy sets out, among other elements, to upgrade our mobile networks with 4G/LTE technology so as to offer greater network coverage with fast mobile broadband. In the reporting year, preparations were made to decommission the existing 3G network on June 30, 2021. By the end of 2020, we already covered more than 98.7 % of German households with LTE. We also pushed ahead with the 5G build-out in Germany in 2020: by the end of the year, two thirds of the population had been granted access to the new technology. In 26 cities across Germany, the 5G network is operating in the 36 GHz band, at top speeds of up to 1 Gbit/s (as of the end of 2020). At the end of the reporting year, our fixed network provided around 36 million households with fiber-optic-based technology. In addition to FTTH build-out and vectoring technology, we are using other innovative products, such as our hybrid router, which combines the transmission bandwidths of fixed-network and mobile communications, thus attaining higher transmission speeds – particularly in rural areas. We also moved forward with the build-out of fiber right to the home (FTTH) in the reporting year, connecting a further 600,000 households to the fiber-optic network in 2020 using this network technology. Thus a total of more than two million households in Germany now have the option of a direct connection to Deutsche Telekom’s fiber-optic network.
For further information about our build-out targets, please refer to the section “Group strategy.”
In general, we want to make our network infrastructure and our products as efficient, environmentally friendly, and harmless to health as possible. That is why we are committed to addressing the topic of mobile communications and health responsibly. In the context of the award of the 5G licenses, there is public debate around the potential effects of 5G on health. We have been providing information on the scientific evidence regarding mobile communications and health for more than 20 years now. Together with Telefónica Deutschland, Vodafone, and 1&1, we also support the information platform www.informationszentrum-mobilfunk.de. This platform provides expert, evidence-based information on mobile communications topics subject to controversial public debate, such as health, research, technology, benefits, and applications. In 2020, the information platform collaborated with the German Association of Towns and Municipalities to publish a series of information brochures on network build-out for municipalities. We adopted our Group-wide EMF Policy (EMF being short for “electro-magnetic fields”) back in 2004. It defines standard requirements – which considerably exceed the applicable national legal requirements – for addressing mobile communications and health-related matters.
For further information, please refer to the section “Risk and opportunity management.”
Responsibility for shaping the digital transformation has to be assumed by society as a whole. Our Board of Management plays an active role in this discussion, which entails looking at matters such as how we can use artificial intelligence (AI) responsibly. AI is a well-hidden feature in an ever-growing number of ICT products and services. It opens up opportunities, but also presents challenges. Back in 2018, under the auspices of Group Compliance Management, we were one of the first companies worldwide to adopt AI guidelines on digital ethics. These guidelines provide a framework for a responsible approach to AI. In 2020, we incorporated the requirements formulated in our AI guidelines into our Privacy and Security Assessment, a procedure we use to assess whether new or updated IT systems comply with our security and data privacy requirements. In the reporting year, we also developed internal testing procedures like the robust AI assessment and continued to apply the internal test seal developed in 2019 for Deutsche Telekom AI projects. In order to firmly entrench the AI guidelines in the Company, we continue to provide our employees with further training on how to deal with the requirements.
Connect the unconnected
But access to technology alone is not enough to ensure everyone can participate in the knowledge and information society – people also need to know how to use digital media safely, competently, responsibly, and for the benefit of everyone. Increasingly, this issue has not only a private dimension – the protection of personal data – but also a socio-political one. Hardly any area of life is untouched by digitalization. That is why we are working to build media literacy and democracy skills in the population. In doing so, we are guided by the aspiration embodied in our #TAKEPART campaign to keep everyone connected, namely that digital participation also includes participation in society.
As one of Germany’s major corporate foundations, the Deutsche Telekom Foundation is dedicated to improving education in STEM subjects in the digital world. Since 2018, it has been supporting the initiative “The Future of STEM learning” and, together with five universities, developing concepts for good STEM teaching. In total, the Deutsche Telekom Foundation has invested EUR 1.6 million in this project.
The individual national companies are responsible for implementing projects on media literacy. Examples include the youth promotion programs in Slovakia and the United States. Slovak Telekom’s national education program ENTER encourages digital education, while T‑Mobile US’ Changemaker Challenge is a contest in which young people contribute ideas for better coexistence – in the categories technology, environment, and education. Three winners were chosen from among 428 applicants.
All of our initiatives for greater media literacy in Germany can be found on the website “Media, sure! But secure.” (www.medienabersicher.de/en/), where we provide informational material for all target groups. Deutsche Telekom’s #TAKEPART stories – tales from the digital world for teenagers and young adults – are a practical take on digitalization issues of social relevance and translate them into a range of offers for multipliers. The aim is to raise awareness, highlight alternatives, try out new behaviors, and make the dialog on social media more constructive. All modules of the #TAKEPART stories are also available in simplified German. Our multi-award-winning Teachtoday initiative (www.teachtoday.de/en/) helps children and young people learn how to navigate the internet safely and skillfully. Since 2020, a new toolbox has been available for multipliers and teachers. It comprises more than 100 formats that deal with media literacy and democracy skills. They can be used without any specialist knowledge and have been designed for two key age groups: 9 to 12 and 13 to 16. The initiative also publishes the children’s magazine Scroller.
In 2020, our media literacy initiatives focused on “digital civil courage” and dealt with the question of how we want, and are able, to interact with each other on the internet and social media. The downsides of this interaction include hate speech and fake news, which are socially divisive. Together with Deutsche Telekom’s brand management, we launched the campaign “#TAKEPART – No Hate Speech.” Working closely with 44 partners – such as Gesicht zeigen! (Show your face) and #ichbinhier (I’m here) – we are setting an example for more digital civil courage and against turning words into weapons. The corresponding campaign spot was shown on television and other media. Podcasts enabled us to reach out to many thousands of people – including new target groups like teenagers and young adults. Digital civil courage was also a topic of discussion at an international meeting of Deutsche Telekom managers and at the Magenta Moon event. Overall, we reached some 15 million people through the campaign and accompanying events (not including the campaign on TV/radio and in movie theaters). The campaign and the underlying commitment to civil courage online bear the “we care” label in the “Digital participation” category. In this category, the label highlights positive contributions toward solving social challenges in the digital world.
“Act responsibly” has been specifically named in our strategy since 2020 and social responsibility aspects likewise form part of Deutsche Telekom’s brand profile. The topic also features regularly in sales support contexts and on MagentaTV. In 2020, we broadcast four programs on Scroller-TV. Scroller-TV and the children’s magazine Scroller earned us two Comenius Awards in 2020, Europe’s most prestigious honor for digital education media.
Data privacy is another focal point of our efforts. Our advisory service www.digitallysecure.en and our app-based “We Care” magazine offer practical advice on how to use digital media safely and securely.
We measure the impact of our Group’s social commitment with a set of three ESG KPIs. The Community Investment ESG KPI maps our social commitment in terms of financial, human, and material resources. In 2020, this amounted to EUR 149 million. This strong year-on-year increase was attributable in particular to donations of handsets and services of T‑Mobile US rendered as part of its “Digital participation” campaign. The Beneficiaries ESG KPI shows how many people have benefited from our community activities: 16.4 million in 2020. The Media Literacy ESG KPI calculates which proportion of the target group has benefited from media literacy programs as part of our social commitment efforts. In 2020, this KPI was 45 %, up from 41 % in the prior year and precisely at this year’s target figure of 45 %. The rising popularity of our offerings stems largely from a burgeoning interest among the public at large in acquiring media literacy and democracy skills. In times of coronavirus, social and digital media are being not only used, but also abused, more than ever – fueling growing concerns and ultimately helping to boost interest in our offerings. The 2020 ESG KPIs for the Deutsche Telekom Group in Germany were EUR 34 million (Community Investment), over 12 million (Beneficiaries), and 39 % (Media Literacy).
People will only use ICT solutions if they trust in the security of their personal data – and only then can these solutions develop their true potential for more sustainable development. As a result, we attach particularly great importance to protecting and securing data.
For further information, please refer to the section “Risk and opportunity management.”
Our active data protection and compliance culture, which has been built up over ten years, sets national and international standards. The data privacy-related compliance management system outlines the measures, processes, and audits we use to ensure compliance with laws, regulations, and voluntary commitments to uphold data privacy in the Group.
Since 2009, the Group Board of Management has been advised by an independent Data Privacy Advisory Board comprising reputable experts from politics, science, business, and independent organizations. At the beginning of 2020, the role of the Advisory Board was strengthened through the addition of new members and permanent guests from the ranks of the Board of Management and the Supervisory Board of Deutsche Telekom AG.
Data privacy and data security are governed by the corresponding Group policies: Binding Corporate Rules Privacy (BCRP) regulates how the Group treats personal data, while the Group Security Policy contains significant security-related principles valid within the Group, which are based on the international ISO 27001 standard. These policies allow us to guarantee an adequately high and consistent level of data privacy and security throughout our entire Group.
We issue an annual transparency report – since 2014 in Germany, and since 2016 in our national companies – in which we set out the nature and scope of our disclosures to security authorities. We are thus fulfilling our statutory duty as a telecommunications company.
In order to ensure even better data privacy and data security within our Group, our corporate units are audited and certified several times a year by internal and external experts. This includes the annual (re-)certification of the Telekom Security management in accordance with ISO 27001, regular Group-wide internal security checks, and the annual review of the individual Group units in connection with security maturity reporting. These audits help us assess the status quo of security in our Group.
Every two years, we perform a sample survey of data privacy and data security awareness across the Company. In the course of the Group Data Privacy Audit (GDPA), we survey 25,000 Deutsche Telekom employees on topics related to data privacy and data security. The focus of our Online Awareness Survey (OAS) is on security awareness at the Company. The results are used to calculate the Data Protection Award indicator – which quantifies the level of data protection in the units on a scale from 0 to 100 %. It is based on what the employees said they thought, did, and knew about data protection. The Data Protection Award indicator was calculated in 2020 at 86 % (2018: 76 %, excluding T‑Mobile US). The OAS surveys around 42,000 employees Group-wide (excluding T‑Mobile US) across all levels of the hierarchy and provides data on security awareness. With academic support, we use the results from this survey to determine the Security Awareness Index (SAI). In the last survey in 2018, the index was 80.3 of a maximum of 100 points (higher than in any other benchmark company). We also have our processes and management systems as well as products and services certified by external, independent organizations such as TÜV, DQS, DEKRA, and auditing firms. The IT systems at Telekom Deutschland were most recently certified as secure in 2020 by the testing institute TÜV Informationstechnik (TÜViT) of the TÜV Nord Group.
Telecommunications companies are required to train their employees on issues related to data protection law when they begin their employment. Deutsche Telekom goes above and beyond these legal requirements: Every two years, we train all of our employees in Germany and place them under an obligation to uphold data privacy and telecommunications secrecy. Corresponding requirements apply to our national companies. Where there is a greater risk of data such as customer or employee information being misused, we also provide additional online training designed for self-study, give data privacy presentations, and host classroom training courses on specialized topics such as protection of customer data.
Since July 1, 2020, the Group’s cybersecurity expertise has been pooled at Deutsche Telekom Security, a Deutsche Telekom subsidiary that leads the market for IT security solutions in Germany. Deutsche Telekom Security is responsible for everything related to internal security and its goal is to protect all Group units. It offers consumers and business customers solutions to make information technology more secure, from smartphones through to corporate infrastructure. In the Cyber Defense and Security Operation Center, more than 240 security experts around the world monitor our systems and those of our customers around the clock.
We react to new emerging threats and continuously develop innovative processes for defending against attacks. And for good reason: cyberattacks on companies are becoming more aggressive and sophisticated across all industries. In the reporting period alone, we registered on average almost 45 million attacks per day on our honeypot systems. Of course, not all of the attacks picked up by our sensors are high-level threats. Most are automatic scanning tools seeking to exploit potential vulnerabilities. While these do not necessarily count as fully fledged attacks, they are still to be seen as relevant early-stage activities. In a shielded environment, Deutsche Telekom Security even develops its own malware and uses it to test whether new systems can reliably detect and mitigate attack vectors. In this way we ensure our own critical IT infrastructure is protected. We also offer other operators critical infrastructure advisory services, for example to energy providers.
Our security experts use their experience to help develop security solutions for our customers. In 2020, Deutsche Telekom Security brought a wide range of new solutions to market maturity. Among other things, our key security and defense offerings were combined in the Magenta Security Shield package, so as to offer our customers even better protection. Data privacy and security play a fundamental role in the development of our products and services. We review the security of our systems at every step of development using the Privacy and Security Assessment process both for new systems and for existing systems when the technology or method of data processing is modified. We use a standardized procedure to also document the data privacy and data security status of our products throughout their entire life cycle. Our security management systems are certified externally. At the same time, we ensure that our services also comply with specific regulatory requirements from other industries, such as TISAX in the automotive industry.
Youth protection aspects are also taken into consideration in our product and service design. When we develop services that could be relevant in terms of youth protection in Germany, we consult our Youth Protection Officer for suggestions of restrictions or changes. In 2014, we appointed a Child Safety Officer (CSO) in each of our national companies in Europe. The CSO acts as a central contact for the relevant stakeholders of the community, and plays a key internal role in coordinating issues relevant to youth protection. Since protecting minors when they interact with media is a challenge across many different industries, we cooperate with different youth protection organizations and participate in alliances such as the “Alliance to better protect minors online,” which aims to make the internet a safer place for children and young people.
We work with research institutes, industry partners, initiatives, standardization bodies, public institutions, and other internet service providers worldwide with a view to fighting cybercrime and enhancing internet security together. For instance, we collaborate with the German Federal Office for Information Security throughout Germany and with the European Union Agency for Network and Information Security at a European level. The Cyber Security Cluster Bonn is an association of authorities and companies in Bonn that are dedicated to consulting, education, and research in the field of cybersecurity. As an expert committee, the Cyber Security Cluster Bonn offers direct advice to German and European government bodies.