Aspect 3: Social concerns
Access to state-of-the-art information technology is key to participating in the information and knowledge society. Our promise with the #TAKEPART brand campaign is to enable as many people as possible to participate – also and especially in times of crisis. We are delivering on that promise with an array of different activities. In this context, the security of our customers’ data is of prime importance. But the internet is also supposed to be a space in which everyone can feel safe and where we interact on the basis of democratic principles. That is why we are actively pushing for a positive culture of online debate, promoting the competent use of ICT, and making a stand against hate speech and for civil courage online.
During the coronavirus pandemic, the internet has enabled us to physically distance yet still stay close to others. In cooperation with SAP, we have continually improved the Corona-Warn-App that traces contact between users of the application and that was commissioned by the German government. The app now has the ability to store and display EU digital vaccination certificates. By September 2021, the app had been downloaded more than 33 million times. We also provided specific help with a range of solutions and activities in 2021. For example, Slovak Telekom supported healthcare workers, teachers, and students by providing mobile data, technical equipment, and financial aid. In the United States, T‑Mobile US continued its 10Million project, which aims to ensure school students have internet access. In Croatia and Poland, our national companies provided hardware and software to ensure that facilities for elderly people or people in need of care had internet access.
We can use our products, services, and activities to contribute to tackling many environmental and social challenges, as was made clear in a comparison with the 17 sustainability goals (SDGs) adopted by the United Nations. For instance, ICT solutions can help reduce resource consumption in agriculture and increase harvests, shape cities and mobility up for the future in terms of sustainability, stabilize power supply grids, or improve access to education and medical care – areas of application that offer market opportunities for our Company. In order to evaluate the concepts described in this NFS, it is important to also look to the opportunities digitalization opens up for sustainable development. For this reason, we are addressing the topic here, even though it is not required under the CSR Directive Implementation Act.
For further information on our sustainability risks and opportunities, please refer to the section “Risk and opportunity management – Risks and opportunities.”
Using the Sustainable Revenue Share ESG KPI, we determine how much revenue we (excluding T‑Mobile US) generate from products that make a contribution to sustainability. In 2021, this share amounted to just over 42 %. For the Enablement Factor ESG KPI, we also calculate the positive CO2 effects facilitated for our customers through using selected products. Relevant emissions generated by customers are generally taken into account, with the exception of emissions caused by operating video-conferencing facilities. Rebound effects are taken into account based on studies and expert estimates, where it is possible to do so with reasonable effort. We combine this figure with our own CO2 emissions to determine the enablement factor, which we use to measure our overall performance in relation to climate protection. According to this figure, the positive CO2 effects facilitated for our customers in Germany were 380 % higher in 2021 than our own CO2 emissions (enablement factor of 4.8 to 1). The decline against the prior year (enablement factor of 7.1 to 1) is due to the use of more differentiated data collection methods, as well as a reduction in the number of people using our conferencing solutions.
Sustainable products are another key competition factor at our Company. We work closely with manufacturers to be able to offer an increasingly sustainable product range. In Germany and Austria, we stepped up our collaboration with Fairphone – the leading manufacturer of sustainable smartphones – in the reporting year. We also entered a partnership with Samsung for increased sustainability, and aim to jointly launch a “green” smartphone on the market by the end of 2022. We also introduced the Eco Rating initiative in cooperation with four other European mobile communications operators. This rating is already in use in 26 countries. More than 150 cell phones from 15 suppliers were assessed in regard to their environmental impact throughout their entire life cycle. In this way, we can help our customers make more sustainable purchase decisions and motivate vendors to reduce the environmental footprint of their devices.
To indicate the sustainability benefits of our products to our customers, we make suitable products identifiable with recognized environmental labels. For example, several routers and mesh devices are certified with the Green Product environmental label of the TÜV Rheinland testing service provider. In addition, the majority of Telekom Deutschland’s fixed-network phones and media receivers carry the Blue Angel or Green Product seal of approval. The Blue Angel was also awarded to the joint system of Telekom Deutschland and Teqcycle for taking back cell phones.
We use #GreenMagenta and #GoodMagenta to label products, services, measures, and initiatives offering ecological or social sustainability added value. We have set out some rules for awarding these two labels. There must be proven sustainability benefits. If there are clear disadvantages for society or the environment, #GreenMagenta or #GoodMagenta may not be awarded. The decision on labeling is made by a panel of experts from a range of fields. For example, we have labeled our green network in Germany, which has been operated with electricity from 100 % renewable energy sources since 2020, with #GreenMagenta. Our Speedport Smart 4 router, with a case made from 90 % recycled plastic and packaging that is entirely plastic-free, also bears the label. For further information on our #GoodMagenta label, please refer to the following two sections.
Detailed information on this will be published in our 2021 CR report.
Network access and digital responsibility
All around the world, having access to state-of-the-art information technologies is a precondition for economic performance and participation in a knowledge and information society. That is why we continue to rapidly expand our infrastructure and improve transmission speeds with new, secure technology.
Demand for faster data services with full-coverage availability is growing continuously. Group-wide, we invested around EUR 18.0 billion primarily in building and operating networks, with around EUR 4.1 billion of this figure earmarked for the Germany operating segment alone. This is in addition to the investments that we make in acquiring mobile spectrum. Hence, the majority of the Group’s investment volume in Germany is for the build-out of broadband networks. This build-out is based on the goals of our Europe-wide integrated network strategy, which we use to help achieve the EU Commission’s network build-out targets and the Federal Government’s Digital Agenda and broadband strategy. Founded on two pillars – building out mobile networks and rolling out optical fiber – our strategy sets out, among other elements, to upgrade our mobile networks with 4G/LTE technology so as to offer network coverage with fast mobile broadband. By the end of 2021, we already covered 99 % of German households with LTE. We also pushed ahead with the 5G build-out in Germany in 2021: by the end of the year, over 90 % of the population had access to the new technology. In more than 140 cities across Germany, 5G was available in the 3.6 GHz band at top speeds (as of the end of 2021). At the end of the reporting year, our fixed network provided around 36 million households with fiber-optic-based technology. We also pushed on with FTTH rollout in 2021, making fiber-optic lines available to around 1.2 million more households. In addition to the FTTH rollout, we are using other innovative products, such as our hybrid router, which combines the transmission bandwidths of fixed-network and mobile communications, thus attaining higher transmission speeds – particularly in rural areas.
For further information about our build-out targets, please refer to the section “Group strategy.”
In general, we want to make our network infrastructure and our products as efficient, environmentally friendly, and harmless to health as possible. That is why we are committed to addressing the topic of mobile communications and health responsibly. In the context of the 5G build-out, there is public debate around the potential effects of 5G on health. We have been providing information on the scientific evidence regarding mobile communications and health for more than 20 years now. Together with Telefónica Deutschland, Vodafone, and Drillisch Netz, we also support the information platform www.informationszentrum-mobilfunk.de. This platform provides expert, evidence-based information on mobile communications topics subject to controversial public debate, such as health, research, technology, benefits, and applications. Among other initiatives, in 2021, the information platform worked with the three associations of local authorities to publish a new brochure on the topic of mobile communications and health. We adopted our Group-wide EMF Policy (EMF being short for “electro-magnetic fields”) back in 2004. It defines standard requirements – which considerably exceed the applicable national legal requirements – for addressing mobile communications and health-related matters.
For further information, please refer to the section “Risk and opportunity management.”
Responsibility for shaping the digital transformation has to be assumed by society as a whole. Our Board of Management plays an active role in this discussion, which entails looking at matters such as how we can use artificial intelligence (AI) responsibly. AI is a feature of an ever-growing number of ICT products and services that often goes unnoticed. It opens up opportunities, but also presents challenges. Back in 2018, under the auspices of Compliance Management, we were one of the first companies worldwide to adopt AI guidelines on digital ethics. These guidelines provide a framework for a responsible approach to AI. To supplement them, in 2021 we worked with experts to draw up professional ethics guidelines for all developers and product managers working with AI. The guidelines provide best practices, methods, and tips for transferring the Digital Ethics Guidelines on AI to application in development processes.
AI is used, for example, in a voice and chatbot offered by Telekom Deutschland’s business customer sales unit in cooperation with technology partner Cognigy. We had this offering reviewed in 2021 according to the Federal Office for Information Security’s Artificial Intelligence Cloud Service Compliance Criteria Catalogue (AIC4) in the form of an assurance engagement which confirmed compliance with the Federal Office for Information Security criteria. We were one of the first companies to conduct this assurance engagement. To ensure that in the supply chain, too, AI is developed that complies with our high ethical requirements, we expanded our Supplier Code of Conduct in 2020 to include relevant content from our AI Guidelines – here again, we are pioneers in the field.
Connect the unconnected
To ensure equal participation for all in the information and knowledge society, the affordability of products and services is just as important as technical access. The ability to use digital media safely, responsibly, and to the benefit of all is becoming increasingly important. That is why we are working to build media literacy and democracy skills in the population. In doing so, we are guided by the aspiration embodied in our #TAKEPART campaign to keep everyone connected, namely that digital participation also includes participation in society.
As one of Germany’s major corporate foundations, the Deutsche Telekom Foundation is dedicated to improving education in STEM subjects (science, technology, engineering, and mathematics) in the digital world. Since 2018, it has been supporting the initiative “The Future of STEM learning” and, together with five universities, developing concepts for good STEM teaching with digital media. In total, the Deutsche Telekom Foundation is investing EUR 1.6 million in this project.
The individual national companies are responsible for implementing projects on digital participation. Examples include the youth promotion programs in Slovakia and the United States. Slovak Telekom’s national education program ENTER encourages digital education, while T‑Mobile US’ Changemaker Challenge is a contest in which young people contribute ideas for better coexistence – in the categories technology, environment, and education. There was also an extra category for T‑Mobile US employees and their families. A total of 16 projects were selected as winners.
All of our initiatives for greater media literacy in Germany can be found on the website “Media, sure! But secure.,” where we provide information material for all target groups. Deutsche Telekom’s #TAKEPART stories – topics from the digital world for teenagers and young adults – are a practical take on digitalization issues of social relevance, translating them into a range of offers for multipliers. The aim is to raise awareness, highlight alternatives, and try out new behaviors. All modules of the #TAKEPART stories are also available in simplified German. Our multiple award-winning “Teachtoday” initiative promotes the safe and competent use of online media by children and young people. Since 2020, a toolbox has been available for multipliers and teachers. It comprises more than 120 formats that deal mainly with media literacy and democracy skills. They can be used without any specialist knowledge and have been designed for young people aged between 9 and 16. The initiative additionally publishes the interactive digital children’s magazine SCROLLER, which also provides material and background information to be used in media literacy lessons.
Together with Deutsche Telekom’s brand management, we launched the campaign #TAKEPART – No Hate Speech in 2020 and continued it throughout 2021. We also launched a new priority focus with the campaign Gaming – Where the Fun Ends. Gaming platforms are often a backdrop for hate speech and exclusion that aim to create rifts in society. Along with 44 partners such as the esports player foundation and the Amadeu Antonio Foundation, we are sending a message supporting more civil courage online and taking a stand in gaming. Thousands of people listened to our podcasts on this topic. Hate and gaming was also a topic of discussion at an international meeting of Deutsche Telekom managers and at the Equal Esports Festival. Since the campaign was launched in the second quarter of 2020, we have achieved a media reach of around 720 million contacts. We reached more than 3.8 million people directly or through multipliers such as parents and educators (e.g. in workshops). We have labeled the campaign #TAKEPART – No Hate Speech and our associated commitment with #GoodMagenta. We have also won a range of awards and prizes for the No Hate Speech campaign. The topic of data privacy is part and parcel of using digital media safely and securely. Our online guidebook Digitally secure offers practical advice on how to use digital media safely and securely.
We measure the impact of our Group’s social commitment with a set of three ESG KPIs. While in 2020, the focus of the KPIs was still media literacy, in 2021 we incorporated the aspect of digital participation as a key requirement of our CR and corporate strategy into new and/or revised KPIs. The Community Contribution ESG KPI maps our social commitment in terms of financial, human, and material resources. In 2021, this amounted to EUR 312 million. The new Reach ESG KPI shows the number of people we have reached with our communication on digital participation. In 2021, this figure was 968 million. The Beneficiaries ESG KPI shows the number of people who have benefited from our commitment to the issue of digital participation: in 2021 the figure was 28 million. The values of the 2021 ESG KPIs for the Deutsche Telekom Group in Germany were EUR 56 million (Community Contribution), 21 million people (Beneficiaries), and 873 million people (Reach). With the changes to the ESG KPIs as described above still in the process of being introduced from 2021, we do not yet have a Reach value for T‑Mobile US.
People will only use ICT solutions if they trust in the security of their personal data – and only then can these solutions develop their true potential for more sustainable development. As a result, we attach particularly great importance to protecting and securing data.
For further information, please refer to the section “Risk and opportunity management.”
Our active data privacy and compliance culture, which has been built up over ten years, sets national and international standards. The data privacy-related compliance management system outlines the measures, processes, and audits we use to ensure compliance with laws, regulations, and voluntary commitments to uphold data privacy in the Group. Since 2009, the Group Board of Management has been advised by an independent Data Privacy Advisory Board comprising reputable experts from politics, the research community, business, and independent organizations.
Data privacy and data security are governed by the corresponding Group policies: the Binding Corporate Rules Privacy (BCRP) policy regulates how the Group treats personal data, while the Group Security Policy contains significant security-related principles valid within the Group, based on the international standards ISO 27001 and ISO 27701. These policies allow us to guarantee an adequately high and consistent level of data privacy and security throughout our entire Group.
We issue an annual transparency report – since 2014 in Germany, and since 2016 in our other national companies in Europe – in which we set out the nature and scope of our disclosures to security authorities. We are thus fulfilling our statutory duty as a telecommunications company.
In order to ensure even better data privacy and data security within our Group, our corporate units are audited and certified several times a year by internal and external experts. This includes the annual (re-)certification of the Telekom Security management in accordance with ISO 27001, regular Group-wide internal security checks, and the annual review of the individual Group units in connection with security maturity reporting. These audits help us assess the status quo of security in our Group.
Every two years, we perform a sample survey of data privacy and data security awareness across the Company. In the course of the Group Data Privacy Audit (GDPA), we survey 25,000 Deutsche Telekom employees on topics related to data privacy and data security. The results are used to calculate the Data Protection Award indicator – which quantifies the level of data protection in the units on a scale from 0 to 100 %. It is based on what the employees said they thought, did, and knew about data protection. The Data Protection Award indicator was last calculated in 2020 at 86 % (2018: 76 %), excluding T‑Mobile US.
The focus of our Online Awareness Survey (OAS) is security awareness at the Company. The OAS surveys around 42,000 employees Group-wide (excluding T‑Mobile US) across all levels of the hierarchy and provides data on security awareness. With academic support, we use the results from this survey to determine the Security Awareness Index (SAI). In the last survey in 2021, the index was 80.9 of a maximum of 100 points – higher than in any other benchmark company. We also have our processes and management systems as well as products and services certified by external, independent organizations such as TÜV, DQS, DEKRA, and auditing firms. The IT systems at Telekom Deutschland were most recently certified as secure in 2020 by the testing institute TÜV Informationstechnik (TÜViT) of the TÜV Nord Group.
Telecommunications companies are required to train their employees on issues related to data protection law when they begin their employment. Deutsche Telekom goes above and beyond these legal requirements: Every two years, we train all of our employees in Germany and place them under an obligation to uphold data privacy and telecommunications secrecy. Corresponding requirements apply to our national companies. Where there is a greater risk of data such as customer or employee information being misused, we also provide additional online training designed for self-study, give data privacy presentations, and host classroom training courses on specialized topics such as protection of customer data.
Since July 1, 2020, the Group’s cybersecurity expertise has been pooled at Deutsche Telekom Security, a Deutsche Telekom subsidiary that leads the market for IT security solutions in Germany. Deutsche Telekom Security is responsible for everything related to internal security and its goal is to protect all Group units. It offers consumers and business customers solutions to make information technology more secure, from smartphones through to corporate infrastructure. In the Cyber Defense and Security Operation Center, more than 240 security experts around the world monitor our systems and those of our customers around the clock.
We react to new emerging threats and continuously develop innovative processes for defending against attacks. And for good reason: cyberattacks on companies are becoming more aggressive and sophisticated across all industries. In the reporting period alone, we registered on average almost 52 million attacks per day on our honeypot systems. Of course, not all of the attacks picked up by our sensors are high-level threats. Most are automatic scanning tools seeking to exploit potential vulnerabilities. While these do not necessarily count as fully fledged attacks, they are still to be seen as relevant early-stage activities. In a shielded environment, Deutsche Telekom Security even develops its own malware and uses it to test whether new systems can reliably detect and mitigate attack vectors. In this way we ensure our own critical IT infrastructure is protected. We also offer other operators of critical infrastructure advisory services, for example energy providers.
Our security experts use their experience to help develop security solutions for our customers. Deutsche Telekom Security has brought a wide range of solutions to market maturity. Among other things, our key security and defense offerings were combined in the Magenta Security Shield package, so as to offer our customers even better protection. Data privacy and security play a fundamental role in the development of our products and services. We review the security of our systems at every step of development using the Privacy and Security Assessment process both for new systems and for existing systems when the technology or method of data processing is modified. We use a standardized procedure to also document the data privacy and data security status of our products throughout their entire life cycle. Our security management systems are certified externally. At the same time, we ensure that our services also comply with specific regulatory requirements from other industries, such as TISAX in the automotive industry.
Youth protection aspects are also taken into consideration in our product and service design. When we develop services that could be relevant in terms of youth protection in Germany, we consult our Youth Protection Officer for suggestions of restrictions or changes. In 2014, we appointed a Child Safety Officer (CSO) in each of our national companies in Europe. The CSO acts as a central contact for the relevant stakeholders of the community, and plays a key internal role in coordinating issues relevant to youth protection. Since protecting minors when they interact with media is a challenge across many different industries, we cooperate with different youth protection organizations and participate in alliances such as the “Alliance to better protect minors online,” which aims to make the internet a safer place for children and young people.
We work with research institutes, industry partners, initiatives, standardization bodies, public institutions, and other internet service providers worldwide with a view to fighting cybercrime and enhancing internet security together. For instance, we collaborate with the German Federal Office for Information Security throughout Germany and with the European Union Agency for Network and Information Security at a European level. The Cyber Security Cluster Bonn is an association of authorities and companies in Bonn that are dedicated to consulting, education, and research in the field of cybersecurity. As an expert committee, the Cyber Security Cluster Bonn offers direct advice to German and European government bodies.