Deutsche Bahn

The BigBrotherAward 2007 in the “Business” category goes to Deutsche Bahn AG (German Railways PLC) represented by their CEO, Hartmut Mehdorn, for their systematic endeavours to make anonymous travelling practically impossible.

“You can get your bread rolls from the vending machine.” I have not yet heard this sentence from my bakery assistant. And she has never added that for a mere five euro surcharge I could get the same goods from her over the counter. I would only have to join the 5-metre-long queue on the right. And neither has she told me that I could also place my order on the Internet and it would then be posted to me within two days – only then my address, taste preferences and credit card number would be stored in a centralised database.

If I want to travel with Deutsche Bahn, announcements like these are a painful reality.

But this is no consumer protection anti-award, it’s not about the everyday frustrations experienced when dealing with a large company with a service-adverse culture – this award is about the data leech that is Deutsche Bahn AG. I would like to take you on a journey to my observations of the systematic erosion of anonymous travel. Get on board and let the following remarks drift by your ears.

Apparently, Deutsche Bahn want to know all, and they work the switches in a planned and effective way.

First stop. Deutsche Bahn AG are sidetracking travel agencies (traditionally a convenient alternative for buying railway tickets in Germany). Sales commissions have been reduced so much that travel agencies can no longer afford to sell tickets without a surcharge. For the agencies, this means: this is the end of the line – everyone leave, please. This has handed Deutsche Bahn immediate control on ticket sales. We will now continue to our second stop.

The ticket counter at the station: staff levels are kept so low that customers have to bring a good amount of time to buy a ticket. Buying at the counter is up to 5 euros more expensive, every seat reservation is 2 euros extra. Anyone with less money or time to spare will seek other ways to buy tickets. We have now reached a branch on our line.

You could travel via the Internet, for one thing. You can guess what that means. Deutsche Bahn, who have called themselves “enterprise future” (Unternehmen Zukunft) in the past, knows you with your full address and account number.

So you’d rather take the detour via the ticket machine? Hardly any of these accept cash, so you’ll have to take your debit card. Are you using a BahnCard 25 or 50, the pass for a year’s 25 or 50 percent discount, in other words, the key to getting tickets for a somewhat reasonable price? Before giving the discount, the machine demands – unnecessarily, as your eligibility will only be checked for real when your ticket is checked on the train – that you insert the BahnCard: time to say goodbye to privacy. Only the very savvy will discover that you can just press “cancel” on the “insert your BahnCard” screen and still get a discount ticket.

While we’re on that detour, let’s take some time to give that BahnCard a good look. Did you state your date of birth on the application form? Why? There is no reason for Deutsche Bahn to know your date of birth. This is only useful for data leeching and, by German data protection laws, it is simply illegal to make it a mandatory item. It’s been a few years now that the Berlin Data Protection Commissioner informed us in writing that he had complained about this to Deutsche Bahn. The effect, up to now, has been nil.

A junior who ordered his BahnCard at a travel agency showed his ID and insisted that instead of his date of birth, only a remark would be stored that he was eligible to buy a BahnCard for the reduced price available to customers of his age – without recording his date of birth. His BahnCard, which he had paid for in advance, was never posted to him. Discussions were conducted over the phone with the data leech’s minions, to no avail. The travel agency that had accepted the case no longer exists. The money is lost.

The Berlin Data Protection Commissioner’s representative had fewer objections to the mandatory picture on every BahnCard. Personally, it makes me feel uneasy if a state enterprise that is about to go private and is practicing almost ubiquitous video surveillance across Germany – which can probably be monitored from the centre in Berlin – receives my picture as a digital file and stores it for years on end. Especially since the picture is not actually required as an identifying feature on the BahnCard. I can always prove my identity and eligibility to possess and use a BahnCard by showing a photo ID.

That is why my own BahnCard has neither a picture nor a date of birth. My age – watch out, ladies, this is printed on the BahnCard – is given as 95 years.

In another instance this issue became an unwanted emergency brake. On a stay in Berlin, I wanted to rent one of these beautiful bicycles that you can conveniently unlock with your mobile phone. After a lengthy conversation with the friendly service assistant, during which I stated my name and address, it came to the crunch: I was supposed to give my date of birth as an initial password. That was necessary, advised the lady on the phone. I just sighed and went on to walk.

The really anonymous and comfortable vehicle must be the BahnCard 100. The fast lane for rich people, even on the data collecting highway – so you would think. Make a one-off 3,400 euro payment, then just get on the train and go for a whole year, without clicking your way through the internet or fiddling with papers. But even here the data leech is waiting in its perfidious hideaway: an RFID spychip has been integrated into the card. This chip can be read clandestinely, without consent from or a warning to the card holder. Let us remind you: In 2004 the Metro corporation was forced to recall their “Payback” loyalty cards, which they had secretly bugged with spy chips, bringing the whole RFID industry into disrepute. The responsible CEO at Metro has meanwhile had to resign from his post.

We had already mentioned the BahnCard chip in a feature on our website in 2005. Three days after publication, the company’s Data Protection Commissioner called us and asked if Deutsche Bahn was now due for a BigBrotherAward. “Bis repetita non placent”, we reassured, educated Asterix readers that we are – “repetition is unpleasant”. RFID cards were so yesterday. We could hear him sigh with relief. He promised that Deutsche Bahn would inform customers clearly about the chip in the future.

Contacted by a customer who wanted his BahnCard 100 without the chip, the same man claimed – after our phone conversation – that the chip was not activated. But the chip responds to every reader that uses the appropriate standard. If readers were as widespread as the industry was imagining back in 2003, a BahnCard 100 would ultimately be a bug that would reveal its owner’s location through its unique number. Such data must not be released! At least the owners have a right to know what they are carrying with them. I have gone to the trouble of looking through all newsletters of Deutsche Bahn published after that phone conversation. Not a word since. Nothing at all.

Then there are these fellow travellers on our round-trip who collect points. Bahn Comfort Points. Okay, word has got around by now that collecting points and privacy don’t exactly go together in harmony. But, apparently, as many as half of all BahnCard owners have opted to enter their card into the point collection scheme. Deutsche Bahn AG guarantee in the privacy statement on their website that no data would leave the corporation, nothing would be shared with third parties. This is contradicted by a remark on Wikipedia that says something different, so I investigate.

On the website of the Loyalty Partner company, there is a result. The company has gathered a consortium around it that manages Bahn bonus points. BahnCards are manufactured by Bamberg-based GHP Holding. Incidentally, GHP also manage HappyDigits transactions (HappyDigits being a loyalty program by Deutsche Telekom and other companies in the retail, tourism and other sectors). And Loyalty Partner themselves, on whose website I read this, run the Payback loyalty scheme, winners of the BigBrotherAward in 2000. Payback, HappyDights, and Bahn Comfort, all under the roof of the same consortium. What a muddle – no wonder Deutsche Bahn are not ready to admit this openly. And the train rolls on and on.

The data leech appears in many forms and places. It is therefore understandable, even though it might appear oversensitive, if people feel uneasy when the camera in the mobile device that conductors use to check online ticket barcodes is pointed straight at their face.

Where will the journey take us? Starting in early November 2007, a new billing system is going to enter a pilot trial. Test participants will receive specially prepared mobile phones that record every cell on the journey. At the start and end of a journey, they transmit their data to Deutsche Bahn AG. You could hardly generate a better movement profile.

As we move along, more and ever more data are being accumulated; in every new case, a sensibility for data economy must be insisted upon by Data Protection Commissioners before the leech withdraws its segments. With repayment coupons issued for delays or returned tickets, a legal penalty case had to be initiated before Deutsche Bahn refrained from demanding huge amounts of personal data.

It does seem in many cases that Deutsche Bahn has fairly elaborate procedures and processes in place to avoid data abuse. But a strange gut feeling remains. A state-owned company that collects such amounts of movement data is a high risk. A corporation that is given the goal of making a profit does not exactly guarantee confidentiality in handling person-relatable data.

There are 10,000 vending machines all over Germany, selling not bread rolls but railway tickets. 10,000 machines for which neither social security contributions nor income tax are paid. 10,000 machines that are all coordinated by being linked to the same large computing centre. 10,000 machines which, together with their stooges, the home PCs with an internet connection, suck data and deliver it to their masters. 10,000 machines that are monitored by video lest they run away … because even they cannot stand the cold social climate any more.

Mr Mehdorn, you’ve missed the train! Congratulations, Deutsche Bahn AG, for the BigBrotherAward 2007.