From the six awards available to vote for, our audience formed a mid field of four, but ahead of that there was a clear front-runner: with about a third of the votes, “Authorities & Administration” award came first, so the award for the German military and the Federal Minister of Defence, Ursula von der Leyen for her massive digital armament with the threats of an escalation without control or legal basis.

Here are some of the comments the audience left on the ballot shields.

Workplace

I am in favour of trust and respect. To be exploited takes away motivation. I am glad to be with a company that values respectful relations.

Something has to be done against employers’ control mania. We can already see a division forming in the workplace – into a service precariat and its managers

This is where the effects of data collection became visible most clearly and impressively. Impossible to ignore – even for people that otherwise would not think about it a lot.

Economy

It is incredible that German business have let themselves be corrupted so thoroughly!

This again confirms the power of lobbyists and the powerlessness of citizens towards their elected representatives.

Politics

Freedom of opinion is one of the most important basic rights.

The example of DİTİB shows particularly strongly how much personal data can be misused.

Very courageous! This is about human lives! Against snitchign and dictators! Keep going strong!

Education

Education is vital for society. It is not a commodity and must be available to everyone equally and freely. The education system must be free and not be monetised.

Authorities & Administration

Democracy is being undermined and peace carelessly threatened.

The aggressive potential of the “Commando Cyberspace and Information Space” and the lack of democratic control makes the German military particularly award-worthy.

A physical threat to humanity.

Because it increases the threat of war for us all on this planet.

Legal cyber war, a third world war. Citizens are incapacitated.

Human rights and data protection belong together (in all award categories). The speech explained this very well.

Because could get deadly serious in a very short time.

Consumer Protection

padeluun spoke very convincingly, the topic was super interesting.

(without vote)

I don’t want to rank, it is all reprehensible. Behind it all are people that implement this and thus expose other people.

Public-Service Media

Three cheers for critical reporting! In programmes about politics or consumer protection, our public-service broadcasters every now and then warn about Facebook and the like. But there is a lack of consistency. In broadcasts pretending audience participation, there is hardly an instance where Facebook receives no exposure. Several times a day, the audience is encouraged to “send us your photos”. To fill programme time, particularly trenchant comments from social media sites are read out or superimposed. You could get the impression that the broadcasters interpret their educational task by reaching out to people, but taking them nowhere. We would like to take the broadcasters to the Digitalcourage statement on how to handle Facebook (in German): https://digitalcourage.de/themen/facebook/facebook-eine-grundsatzentscheidung

Illegitimate ID card copies

Only a few companies are entitled to copy official identity documents or request them to be presented in the first place. Among them are banks and SIM card vendors. But landlords or companies including German Railways (Deutsche Bahn) often request that people provide official identification, or even to scan identity documents and send them in via email. This is illegal, and there is a very good reason for that: the password for the electronic features of the German ID card is printed on the card in a perfectly legible way. And you surely wouldn’t want to hand that to any random person.

Digitalcourage recommends obtaining an unofficial photo ID. With that you can even choose which data should be shown: https://shop.digitalcourage.de/lichtbildausweis-mit-selbst-gewaehlten-daten.html

BlaBlaCar and Immobilienscout24

Many Internet and web applications, apps and portals mediate between supply and demand, e. g. car-sharing agencies and real estate service providers. Contact between suppliers and customers is established after registration via a communication server owned by the intermediary. But say that you, as a potential passenger, want to get into touch directly with the driver after an initial contact. Let’s say you want to discuss the crucial details before entering a formal contract, and for that you want to exchange phone numbers. You will be surprised: The messages are not transmitted but deleted by the intermediary’s portal software. Communication is only allowed via the company’s server. The reason is that the intermediary companies fear they might be circumvented and lose their commission. This mistrust of the customers’ honesty is at least very annoying and inconvenient, perhaps even a breach of the Telecommunications Act. This alone surely deserves a reprimand.

Outright mischievous, however, is the demeanour of the BlaBlaCar company: To circumvent the Telecommunications Act, the company publishes all the messages they accept on their website in a slightly concealed place. As a result, there is no such thing as a “private message” in the strict sense on BlaBlaCar. The legality of this trick again seems highly doubtful to us.

Federal Intelligence Agency (Bundesnachrichtendienst, BND) – Update May 2017

No reprimand, but an update to https://bigbrotherawards.de/2015/behoerden-verwaltung: According to a project plan published by Netzpolitik.org, the German Federal Intelligence Agency plans to acquire funding of 150 million Euro from politics to be able to decrypt and read digital communications. In particular, the BND is targeting popular messaging services that have meanwhile enabled end-to-end encryption. This assault on encryption as a means of user self-protection is flanked by further initiatives of the German federal government aiming to break the basic right to confidential communication. The primary focus here is on the Central Agency for Information Technology in the Security Sector (Zentrale Stelle für Informationstechnik im Sicherheitsbereich, ZITIS). In 2017 alone, ZITIS will receive 12.5 million Euro for the “research and development of new methods, products and strategies” extending the surveillance of citizens’ digital communication.

Reprimand: The European Commission

The European Commission and the Council of the European Union have proposed a 5th directive on money laundering which would lead to a complete ban of anonymous online payments and a restriction of offline anonymous payments via eCash to 150 Euro. At the same time, they are planning to create an infrastructure that would effectively force financial service providers to disclose individual financial transactions to the security authorities. Another part of this “campaign” are political aspirations to push back the use of anonymous cash even for private consumption. An expert assessment of the Data Protection Expertise Network has concluded that the envisaged 5th directive on money laundering would have a similarly unconstitutional surveillance effect as the former regulations concerning telecommunications data retention, which have been revoked by the German Federal Constitutional Court and the European Court of Justice.

Reprimand: WhatsApp

“You provide us the phone numbers of WhatsApp users and your other contacts in your mobile phone address book on a regular basis. You confirm you are authorized to provide us such numbers to allow us to provide our Services.”

The above is taken from the WhatsApp small print (terms of service) as of May 2017. This is how the instant messaging service seeks consent from its users to store and merge all contacts from all its users, and to try converting any contacts who aren’t users yet.

Hamburg's data protection officer Johannes Caspar has strong doubts whether such a clause is permitted in the terms because it seems unrealistic that a user has really asked all contacts for consent before giving this confirmation.

We, too, have our doubts, and we think it's a disgrace.

Reprimand: WordPress / Google Fonts

When we visit a web page these days, the data almost never comes from just one server. We navigate to a web address without realising that content is retrieved from various sources: Texts and photos might come from the actual provider, advertisements will arrive from a number of ad networks, videos from YouTube, and web fonts from Google. Web fonts are used to make text look the same in all web browsers. Google Fonts is a popular provider of free web fonts. When a web page embeds Google Fonts, each visit to that web page also leaves traffic metadata (IP address etc.) on the Google Fonts server. But Google would not dream of doing anything nefarious with our data, now would they? (Be sure to consult our laudation on the occasion of giving the BigBrotherAward 2013 to Google: https://bigbrotherawards.de/en/2013/global-data-acquisition-google.)

We find it unacceptable that the default installation of the popular blogging system WordPress uses fonts that are downloaded straight from Google. A court should decide if this automatic remote retrieval is legally permissible – after all, the user is “betrayed” in a way. Certainly most web sites do no inform about this data protection risk, and even if they did, it would actually be too late when a visitor reads about it.

The BigBrotherAward in the category “Workplace” goes to PLT – Planung für Logistik Transport GmbH, because with their PLT Staff Tracker, they offer a device that makes “by-the-minute” and “interruption-free tracking” of field staff possible. This results in a gapless, total surveillance of the employees who are obliged to carry this device.

The tracker is just a few centimetres in size. It contains a GPS receiver, a GSM/GPRS modem, a powerful battery, and an internal data-storage unit to ensure that the tour data remains accessible even if the mobile network fails.

PLT also offers the “TrackPilot” software which, when implemented, makes real-time localisation especially convenient. TrackPilot’s integrated extremely accurate map data enables employers to display the exact route the employee has completed. According to PLT, users are thus provided with exact logbooks and working time reports as well as numerous analyses and statistics for the effective management of vehicle fleets and staff. With just a few clicks, various reports can be generated and, if desired, exported. With the promised metre-perfect tracking it is possible, for example, to determine the speed at which the deliverers are moving, how long they linger at a door or in an office and when they have a break.

The PLT company receives the BigBrotherAward on behalf of all providers of the kind of surveillance technology that is implemented without regard to employee rights. Our award aims to stop this trend.

PLT in particular deserves to win the BigBrotherAward, because this company misrepresented legal regulations in their advertising in order to portray the implementation of Staff Trackers not only as lawful, but even as practically required by law. PLT claims on its website:

“In particular the minimum wage law (Mindestlohngesetz or MiLoG), which came into effect on 1 January 2015, makes it necessary in many industrial sectors to monitor employees’ working hours and document them, accurate to the minute, so that it can be proved later that they were actually paid the minimum wage of 8.50 € per hour. In many sectors this entails immense additional effort just to document compliance with the law and meet the obligation to provide proof. Especially hard hit by the minimum wage law are delivery services and deliverers in newspaper and mail logistics. The actual working hours for deliverers must be recorded and kept for examination by the authorities for ten years.”

This advertising message is real “fake news”: actually the only thing correct about it is that the minimum wage law from 1 January 2015 imposes certain obligations on employers to supply records. According to § 17 section 1 there is an obligation to

“record begin, end and duration of the daily work time for these employees not later than at the end of the seventh day following the day the work was performed, and retain these records for at least two years, starting from the time relevant for the recording.”

It would suffice for employees to fill out a time sheet, as they have been doing for decades. There is no mention of an obligation to monitor every minute of work time, nor of the right for employers to continuously register the exact location of each employee. A requirement to retain records for ten years does not exist, not even for the authorities. The claims made on the PLT website falsify the legal situation.

The overblown advertising claims on the PLT website do nothing to change the very clear situation in employment and data protection law, which in almost all cases prohibit a permanent and metre-perfect electronic complete monitoring of the position and movements of personnel. Data protection law permits exact online localisation of persons only in a few exceptional cases, such as for the crew of a loaded money transporter or firemen while on duty in a burning house. For “normal” staff such as delivery drivers it is thoroughly sufficient if their approximate position or estimated arrival time is transmitted to the headquarters.

The down-to-the-minute and metre-accurate tracking promised by the PLT Staff Tracker runs into easily recognisable and unambiguous legal limitations. For the sectors mentioned on their website:

“winter service, watch duty, property protection, patrol services, agriculture and forestry, sports events or delivery services, deliverers in newspaper and mail logistics”

there is no legal authorisation. The use of staff trackers in these cases is therefore impermissible under employment and data protection law.

All the more astonishing is that, according to the PLT website, their Staff Tracker has already been “legally” implemented in several instances:

“Already numerous delivery services have equipped their deliverers with the PLT Staff Tracker and have reached an appropriate internal labour-management agreement. Accordingly, the completed delivery tours are precisely tracked and the TrackPilot positioning system produces clearly structured work time reports. The reports can be stored as files and permanently archived.”

The reference to labour-management agreements, which allow for precise personal tracking of deliverers, amazed us. That would mean that works councils agreed to a form of complete monitoring that is impermissible according to rulings of the Federal Constitutional Court (Bundesverfassungsgericht) and the Federal Labour Court (Bundesarbeitsgericht).

That is why we had a closer look at the page “labour-management agreement” on the PLT website. We expected to find a reference list of examples from already negotiated agreements. Instead we found general information about possible regulation provisions and legal obstacles. This part of the of the PLT presentation is another clever marketing message pretending that everything is legally sound.

Another formulation that seems peculiar is this:

“Due to its extremely small size, the device can be easily worn on the body or concealed, and it fits in every trouser pocket.”

Why does PLT indicate the possibility of concealing the Staff Tracker, possibly in the delivery vehicle or in a carrier bag? The position monitoring could then be carried out without the deliverer’s knowledge. That would clearly violate current law.

The use of staff trackers for the total surveillance of employees – whether the device is from PLT or another company – is degrading, unlawful and pointless. These devices, exactly like workplaces under total video surveillance, are a manifestation of an exuberant control mania and of an exaggerated distrust towards staff on the part of employers, who feel they must watch over and record every metre and every minute of their employees’ workday.

What is more: there is neither a legal requirement, nor does tracking a letter carrier to the exact minute and metre provide a savings potential for the business. Quite to the contrary: such control mechanisms cost money initially. Companies like PLT profit from the control mania of employers and from the absurd, but widespread notion that “surveillance equals security”. The technology offered for sale comes at the expense of the workers’ personal rights.

Hopefully, with this BigBrotherAward we will be able to prevent a number of company heads from falling for this propaganda. Try it the opposite way: convey trust and esteem to your staff. Optimise tour routing cooperatively and work collectively towards improved efficiency. Take seriously that these people know best about their tours and work procedures. That will surely have a positive influence on motivation – and it might just improve the work pace at no additional cost.

Congratulations on your BigBrotherAward 2017, PLT Planung für Logistik and Transport GmbH.

The BigBrotherAward 2017 in the “Education” Category goes to Technical University of Munich (TUM) and Ludwig-Maximilians-Universität München (LMU Munich), represented by Prof. Dr. Dr. h.c. mult. Wolfgang A. Herrmann and Prof. Dr. rer. pol. Bernd Huber, respectively, for cooperating with the online learning provider Coursera.

It sounds like a tempting idea: A professor or lecturer teaches a course at a university. This lecture happens to be recorded, and the result is offered to students all over the world. They can now listen to and watch lectures that are not offered in the city or country where they study. This form of globalized education is called MOOC, or “massively open online course”. US company Coursera is the undisputed global leader¹ in the MOOC market.

A company? That’s right, it’s about making money. Accessing most of the educational resources is free once you registered with your personal data. Payment is typically required if the student needs a transcript with credit recommendations that they can present to their university or college. But does this generate a lot of money?

Let’s take a look at the contract between Coursera and, say, the University of Michigan: Under the heading “Outlook – Monetarization” there is a paragraph allowing Coursera to offer companies the service of filtering students according to courses and learning outcomes, and to approach matching students. What a convenient opportunity for employers and recruitment agencies to identify and contact potential candidates for top jobs! This offer is not for free, of course.

This is enough to get an idea of the treasure trove of data Coursera can pile up aided by colleges and universities: who takes which course, how quickly or how well do they complete the exams – these details are extremely interesting.

But it’s not just companies that use Coursera’s treasure trove: Student data are stored and processed in the USA where they are within reach of US government agencies and might affect decisions on things like entry permits etc. So how transparent and open is Coursera about how they handle student data and critical questions about them? This was found out by a Swiss Professor who tried to ask Coursera for information about the data stored about him and his course participants: He and his course were rigorously blocked by Coursera.

The Munich universities that receive the BigBrotherAward today have entered a cooperation agreement with Coursera. The universities produce selected lectures for online presentation and upload them to Coursera. Students can take online lectures and receive credits for the courses they are enrolled in.

We regard this cooperation of the Munich universities with Coursera as a marketing operation. The two universities can present themselves globally together with top international universities. Conversely, Coursera adorns itself with their names.

It seems that data protection has not been given much thought. Likewise, we miss a critical discussion of who owns the content produced and who profits from it.

By the way, taking Coursera courses is still voluntary for the students. This BigBrotherAward is meant as a warning to colleges and universities not to make participation in MOOCs offered by privacy-ignoring companies a mandatory way to earn study credits.

Actually it’s bad enough that education increasingly becomes a commodity as publicly financed institutions of higher education distribute their offerings via commercial providers. If an appropriate European MOOC platform does not exist, then it is the the universities’ duty to create such a platform.

By giving a BigBrotherAward to TUM and LMU Munich, we would like to remind both universities and all other education institutions that the long-term business model of such “education providers” hinges on contracts in which the students are not the customers of the MOOC provider, they are the product being sold.

Congratulations to Technical University of Munich and Ludwig-Maximilians-Universität München for receiving the BigBrotherAward 2017!

The BigBrotherAward 2017 in the “Business” category goes to the German IT business association, Bitkom, represented by chairman Thorsten Dirks. The German IT business association Bitkom receives this BigBrotherAward for their uncritical promotion of big data, for obtrusively lobbying against data protection, and for being a front organisation for big US companies, who call the shots within Bitkom.

Bitkom – what is that in the first place, and what do they do? The basic facts, staccato-style: Bitkom is the German IT business association, founded in 1999, 1.600 members at present; they host the annual “National IT Summit” of the German government (called “Digital Summit” since 2017), conduct studies, are consulted by the German Federal government whenever “something to do with computers” is discussed, and have splendid relations with the political sphere.

So what does Bitkom think about data protection?

Data protection – as Bitkom finds – “is not suited to the present time”, is “outdated”, “analogue”¹, “last century”², over-regulated and no longer up to date³. Apparently, existence determines consciousness here. Burglars similarly think that property is an outdated principle.

But let us grant the Bitkom representatives a chance to speak for themselves:

The managing director of Bitkom, Dr. Bernhard Rohleder, says:

“Naturally, there can be no question of abolishing data protection. On the contrary: The more data is used, the more it must be protected against abuse – legally, technically, organisationally. However, this very distinction is rarely made: reasonable use versus undesirable abuse.”

But wait – who does actually decide what is “abuse” and what is “reasonable use”? In plain language, this presumably means: “In order to protect your data, we have to possess it in the first place! So hand over your data, because we make reasonable use of it: turn it into money! On the other hand, if someone else wants to access our data treasure, it’ll clearly be abuse.”

Next, I’d like to cite the words of Dieter Kempf, former Bitkom chairman, during the Safer Internet Day 2015:

“It must be allowed to raise the question if this absolute notion of data minimisation is still suitable today to regulate modern data processing.”

Bitkom propagates “data opulence” instead of data minimisation. For example, in the Bitkom position paper on “digital sovereignty”. A quote:

“The two basic principles of data protection – data minimisation and predetermination of use for specific purposes – have to be revised and complemented or replaced by the principles of data diversity and data opulence.”

Susanne Dehmel, member of executive management and responsible for data protection within Bitkom, advertises:

“Let’s admit data opulence.”

Euphemism alert: Whoever speaks of “data opulence” keeps secret who actually wants to get rich here, and who will be the resource to be exploited in the future. That’s why the expression already received our Newspeak Award last year!

Bitkom is promoting “data sovereignty” instead of data protection. Its managing director Rohleder, for example, advocates that “the competent consumer must be able to decide in a data-sovereign manner” which services she wants to use, and with whom she wants to share personal data.

Euphemism alert: “data sovereignty” is a nice idea, but whoever says the word acts as if consumers were indeed in power to decide who is getting what information about them. But that is not the case. The word “sovereign” is used to purport that protective laws are unnecessary, and that consumer protection is paternalism.

Whoever requests to replace data protection by “data sovereignty” doesn’t want to protect the citizens’ personal rights, but aims to protect data leech companies against effective laws. “Sovereign” might sound great, but it’s fuzzy instead of legally binding.

Whoever is talking about “individual data sovereignty” is invoking a digital version of the “responsible citizen” – who is usually ignored, but summoned whenever she is to be bamboozled.

“Sovereign” sounds nice at first impression. Isn’t that just what we all want – to be sovereign? The word “sovereign” is magical pixie dust, and Bitkom sprays it over our critical eye like icing sugar. Whoosh – farewell to personal rights. Hello to data as a commodity that consumers can easily give away. By this magic, the economic resource of the 21st century is created. Which – abracadabra – only becomes valuable when it gets into the hands of a data collecting company.

Bitkom chairman Thorsten Dirks even goes the extra mile:

“The principle of data minimisation has become outdated in nearly every aspect of life. We do not want a super basic right for data protection.”

In my mind I can instinctively see a totally unfair super basic right pestering the economy. Seriously: That is completely absurd!

All this has been repeated over and over again. We could also describe this as “whining”.

The worst thing is:

The whining proves effective.

Chancellor Angela Merkel has meanwhile softened and is ready to fulfil every wish of the IT kindergarten Bitkom. Because these children claim to be our future.

Tugging on one coat tail, there are the companies selling surveillance technology, tugging on the other are the companies asking for free rein to do big business with big data. The common enemy has already been spotted: It’s data protection, aiming to protect citizens from the worst excesses.

The whining is taking its effect not only on the chancellor, but also on the three of ministers who share responsibility for the digital realm: Thomas de Maiziére, Minister of the Interior, Alexander Dobrindt, Minister of Transport, and Sigmar Gabriel, (until recently) Minister for Economic Affairs.

When you listen to the members of the government, you get the impression that you are actually hearing the Bitkom spokespeople we just cited.

Sigmar Gabriel during the National IT Summit 2016 in Saarbrücken:

“I believe we have to definitively bid farewell to the classical notion of data protection, because it is no more than a minimising principle for data. That is more or less the opposite of the big data business model. But that doesn’t mean abolishing any kind of data protection, but to focus on ‘data sovereignty’ instead of data protection when it comes to political discussion as well as the actual data handling.”⁴

The Minister of Transport, Alexander Dobrindt, during a reception hosted by Bitkom:

“The previously valid tenet that data minimisation is the measure of all things has become outdated and must be abandoned. Data opulence must be the benchmark guiding our policies.”

For this the government would like to stand, together with Bitkom⁵.

Angela Merkel also showed a great deal of understanding for the big data aspirations:

“You need sufficient freedom to use new data, new possibilities of managing data, of big data mining or the cloud for your business models. I think this is a kind of revenue that isn’t yet properly recognized, at least in Germany. Data is the resource of the 21st century”,

she said during a publishers conference in Berlin in 2015.

“If we don’t do it, others will,” Thomas de Maiziére said in his parliament speech on the act to amend federal data protection law after the commencement of the European General Data Protection Regulation. But that is an argument that could as well be used to justify arms trafficking, pimping and drug trade – which we nevertheless consider morally reprehensible.

Bitkom is enjoying its influence on the government. Sometimes a little too much. For instance, a Bitkom representative uttered triumphantly during a hearing on Germany’s draft eGovernment law: “How could I possibly criticise a law that I have written myself?!” The participants of the hearing didn’t seem to take offence at this, because even that degree of lobbying influence seems to be taken for granted.

And now, guess what might be next in our points of criticism:

The well-known strategy of “voluntary self-commitment of the economy”.

To exert its influence in Brussels, Bitkom has founded a charitable association called “Self-regulation Information Economy” (Selbstregulierung Informationswirtschaft e.V., SRIW) – which is promoting “self- and co-regulation”, for example in a committee of the EU Commission. In other words: It covers the field of data and consumer protection, in order to suggest that customers can trust businesses to take care of these concerns. Besides Bitkom, the following are members of SRIW: Deutsche Telekom, DHL, Map & Route, two companies active in panorama images, surveying and georeferencing à la Streetview – and, of course, Google.

A fun fact on the side: The exuberant joy about how well the political lobbying works has led to not one but two written Freudian slips on the SRIW website. First: the word for “reinforced with sanctions” (sanktionsbewehrt) was misspelled and became “sanction proven” instead (sanktionsbewährt) – that’s obvious because SRIW’s strategy to prevent proper legislation by staging self-commitment ballyhoo is indeed “proven”; on the other hand, they do not want personal rights to be “reinforced”.

Telling typo number 2: the website refers to “the digital agenda of the federal regulation”, not the federal “government” (Regierung was changed to Regulierung) – they seem to have already managed to substitute government entirely by self-regulation. Obviously a case of wishful thinking here. Or Google assisted in the translation.

Free rein for big data

Joking apart, the matter is serious. What is Bitkom’s lobbying actually all about? It’s about a free rein for big data business models. Big data means: Piles of data about us are collected en passant – not only which websites I read for information, what I buy, where I travel, but also where I move, how fast I type and how often I mistype, how many messages I send, whether I click on special offers, whether I can be forced into decisions under pressure of time … and on and on. Companies want to let their algorithms loose on such diverse data, aiming to find interesting patterns.

From the collected data, they draw conclusions about our behaviour and our motives and derive projections of our future behaviour. The people applying those projections, in turn, are those who want to take advantage. We are not consulted anymore. Big data is taking away our sovereignty.

It’s very moving to see the intense search for good causes that big data can supposedly support: healthcare, better traffic management, medical insights, identification of fraudulent second hand car dealers, … oh, and jobs, too, naturally.

Big data is a euphemism. In fact, big data is about dispossession – dispossession of people from their data, their motives, their wishes, plans and dreams, and from making their own decisions. It’s about manipulation and control. It’s about staking claims.

But isn’t lobbying what Bitkom is there for?

Precisely – they are doing their job. However, they are doing a bad job! For they are not only working against basic rights and social justice, in the end they are also harming to the German and European digital economy. The uncontrolled growth of data appropriation is fraying consumer confidence – which will lead to distrust and poor acceptance in the long term.

The Bitkom lobbyists are acting as if we were afraid of innovation. But in reality it’s them who are lacking the courage to create novel solutions and handle things differently from the big bros in the US. Why don’t they make use of the assets that German and European companies have due to their long-standing expertise in the fields of data protection, consumer protection, labour rights, environmental protection and more? With the European General Data Protection Regulation, the lex loci solutionis principle will apply from 2018. This means that everyone who wants to do business in Europe must conform to local data protection legislation – no matter where the company is based. That’s one more reason why “if we don’t do it, others will” is a poor argument.

So why are the people in charge at Bitkom not acting with self-confidence and furthering the German economy? Why aren’t they making use of the quality and competence German companies are offering in this area? Interesting question – we have a possible answer:

US concerns are dictating the course of Bitkom

8 percent of the 1.600 Bitkom members come from the US. That doesn’t sound too much at first sight. However, when we take a closer look beyond the mere number and notice which companies are represented by those 8 percent, frolicking about next to German mid-size companies, then the penny should drop: Amazon, Apple, Cisco, Ebay, Facebook, Google, Hewlett Packard, IBM, Intel, Paypal, Xerox and Microsoft – these are big fish in a small pond in terms of revenue, power and market dominance. Additionally, there are market research companies (Forrester), corporate consultancies (Accenture), financial auditors (PriceWaterhouseCoopers), cloud and CRM providers (Salesforce), providers of GPS navigation products (Garmin), credit scoring companies (Fair Isaac), tracking providers (Zebra Technologies) and really popular actors like the taxi business disruptor Uber.

The distribution of power is mirrored by the Bitkom executive committee: 5 out of 16 members belong to a US affiliate (nearly every third).

Indeed, US internet companies have been determining the course of Bitkom for years. That’s where the resources come from. They are in the driver’s seat. We could as well call it non-governmental colonialism. Bitkom is no longer a German IT business association – it has turned into an advocacy group of US concerns sailing under false colours.

Dear Bitkoms: We wish you more courage for an independent German and European path, for autonomy, your own big visions, real innovation! Focus on your own qualities, strip the US concerns of their power and stop whining about data protection.

Dear Federal Government: Stop fulfilling every wish of the Bitkom kindergarten, as long as they haven’t liberated themselves from the influence of the US concerns. If you keep indulging those whining children, it won’t be a benefit for society in the long run, or for the children themselves.

May the BigBrotherAward remind you of this – congratulations, Bitkom!

The BigBrotherAward 2017 in the “Consumer Protection” Category goes to Jens Scholz, CEO of Prudsys AG, Chemnitz, for their price discrimination software, in other words, for being an accessory to profiteering and for promotion of social discord.

Science – including mathematics and computer science – is a good thing. It is about doing research, gaining insights and putting them into practice (e. g. as an academic spin-off company) for the benefit of humanity.

Our laureate, Prudsys, is a spin-off of the Chemnitz University of Technology. The company’s business is data mining. For as long as we have been issuing the Big Brother Awards (since the year 2000), Prusys has hosted the “Data Mining Cup”, an event where the best of the best compete to extract one or the other data nugget from huge buckets full of big data. With these methods – so they say – unknown diseases could be cured, and the global hunger problem could be solved.

Prudsys, however, doesn’t seem to be interested in these philanthropical concerns. Their business model offers something different: Price discrimination. In 2000, we already encountered a similar case at the BigBrotherAwards: The company Payback received one of our pretty but undesirable awards for their loyalty cards.

Prudsys develops algorithms and strategies enabling retailers to charge the highest price possible for a given product, be it apples, milk or a digital camera, be it online or offline, without losing you as a customer. It’s no longer the value of the product that determines the price, it’s you. You and me. The retailer has to gather enough information about us to determine the maximum price we are willing to pay. Translated into marketing jargon this is called “exploratively and dynamically testing the price acceptability threshold”¹. This might sound absurd, but it’s a fact.

Let’s assume that you are a single father: After work, you have to hurry to the daycare to pick up your daughter and – quickly! – do some shooping before preparing dinner. In this situation, I assume, you won’t check out three different shops to compare prices and buy at the most favourable price. Instead you will choose the shop that can be visited on the way home or with the shortest detour and throw into the trolley whatever is written on the shopping list. If the shop doesn’t happen to guarantee “permanent low prices instead of special offers”, you will surely pay more than someone having more time for shopping.

“Ha!”, you might anwser. “But I have my loyalty card. Therefore I get everything at lower prices anyway.” Double-HA! is my answer. Now you are doomed more than ever! Because now, your retailer knows what you buy habitually, when you buy it, how much you spend on average, and if you pay in cash or with your debit or credit card. The retailer can estimate how many persons belong to your household, and can use discount coupons to steer you where they want to have you. Away from the products that generate smaller profits, towards the more lucrative goods. The retailer can estimate how many customers won’t come back anymore, and whether it will pay off anyway to take the 2 kg pasta packages off the shelf and only offer 250 g packages instead. Which are, unfortunately, a little more expensive.

All these decisions, by the way, are not taken by the friendly store manager but in the head office. The head office can surely take better decisions than the local staff, because the head office amalgamates all the data, analyses it, enriches it with further information such as the weather, the season, weekday, time, as well as the fact that the competitor has just launched a special promotion (we’re not joking) – and just like that the electronic price tag on the shelf can be changed.

This is possible because the head office has competent advisors: The pricing systems are connected to the “realtime decision engine” software, or just RDE, developed by Prudsys. This is how they describe it in their own words:

“The prudsys RDE is the first dynamic pricing tool to be able to find the best possible pricing in real time. The prudsys RDE is used to completely automatically adapt thousands of product prices to customer behavior as well as to the constantly changing market and company situation.

Thanks to the combination of personalized product recommendations and personalized price advantages, customers are rewarded with discounts on products that are relevant to them. Personalized coupons created automatically in customer newsletters, mass mailings and mobile apps are particularly useful ways of implementing personalized pricing. Personalized discounts can also be generated as part of check-out couponing on the receipt, using customer loyalty cards or by way of in-store kiosk systems.”

What Prudsys describe here clearly escalates what we already know today: the same DVD is always 30 % more expensive in the Marktkauf store in Rahden (a rather poor neighboorhood) compared to the Marktkauf in Lübbecke (where the locals tend be better off).

So if this works great in the retail store on the street, shouldn’t it work even better for online shops? Here, as one of the Prudsys CEOs said in an interview, retailers just can’t do without price discrimination (which of course is not really called price discrimination but “dynamic pricing”) in the age of Amazon and the like: without “dynamic pricing”, online shops soon just won’t sell anything anymore.

So what can we do? Here’s some practical advice: When you want to book a trip, use a Windows computer instead of a Mac. Otherwise it will be more expensive. Want to book a trip with your mobile phone? A very bad idea, as that can get seriously expensive. But if you insist on taking this road, you’d better not use your iPhone but a phone that runs Android instead.

That is just a first and rough distinction. The Prudsys algorithms are much more discerning in how they amass their data – data that many people deem “insignificant anyway” and negligently give away. Every coffee you buy may be used against you! Whenever you buy online, what you see is an interface or surface created by a designer on behalf of the retailer. Your neighbour is seeing another. Your colleague yet another. The word ‘surface’ hits the nail on its head. You can just see a tiny tip of the process behind your decision-making and purchase. Under the hood, data is being shifted back and forth, calculations are carried out, the price is haggled over internally, all for the one and only purpose: To rip you off. Whenever you buy online, you have to imagine that under the surface, you could hear a faint giggling noise and the sound of merchants rubbing their hands in glee.

This is a world driven by greed. In this small universe, there are no humans, no individual products, no satisfaction, no service. Here, there’s only numbers. Ones and zeros, and in the end they are taking the shape of a massive profit in Euros and Dollars. Prudsys says that every day, one billion decisions are taken via their algorithms. The annual turnover of goods that are traded using these algorithms amounts to 8 billion Dollars. Even though you might already have learned that terms like “premium customer”, “discount” or the promise “save …” are to be avoided like the plague – there’s virtually no escape. Even if you do as a young woman who wanted to book a hotel room in Brussels did, and cancel your reservation 17 times just to save 1.38 € in the end. The world won’t turn into a funny, gigantic oriental bazaar. You as a customer are no longer dealing with the market trader woman, with whom you can bargain for the price on a par. Only one party is bargaining here, because the merchant knows everything about her customers, but the customers don’t know anything about the merchant. There is no more equal basis in this, no peace, but a constant trigger for the bad feeling of losing out. And rightly so.

With data mining, dear Prudsys, with your capabilities it would probably be possible to overcome incurable diseases and the global problem of hunger. Sadly, you have chosen the dark side of the force: greed.

You have already received a number of awards: “Top 100”, “IT innovation award”, “Top Product Commerce”, “City of Chemnitz mile stone” … and now you get a “Top BigBrotherAward 2017” on top of that. Congratulations, Jens Scholz of Prudsys.

The Big Brother Award 2017 in the category Authorities and Administration goes to The German Federal Military (Bundeswehr) and the Federal Minister of Defence, Dr. Ursula von der Leyen (CDU) as commander-in-chief.

This year’s award marks the first time in the 17-year history of the BigBrotherAwards that we venture into military terrain, in other words, into an exclusion zone. Ms von der Leyen however has made an appearance before – in 2009 she received this anti-award in her position as Minister for Family Affairs. Under the nickname of “Zensursula” (censorship-Ursula) she was awarded for her foray into controlling content of and impeding access to websites. But how are the Minister of Defence and the military connected to surveillance, censorship, and data misuse in general? Why is the military in particular, with its tanks, bombs and grenades, an award-worthy data leech?

Well, today’s award is granted for the massive digital arms build-up of the federal military that is the “Commando Cyberspace and Information Space” (“Kommando Cyber- und Informationsraum”) – that means: for establishing a full-blown digital combat unit with a planned strength of 14,000, its own coat of arms, insignia and flag – even its own cyber march. There is already a small, secretive IT unit in Rheinbach near Bonn (“computer network operations”) of between 70 and 80 soldiers tasked with operative measures. This unit will be amalgamated with several other IT units, such as the Commando Strategic Reconnaissance, and centralised into the new cyber combat unit. Extensive advertising campaigns were started to attract new IT specialists.

This digital armament will open a new, fifth battlefield (besides land, air, sea and space), the so-called “battlefield of the future”, and will declare cyberspace – also known as the Internet – a new potential war zone. With this build-up of its cyberwar capability, Germany will take part in a global arms race in cyberspace – mostly without parliamentary oversight, without democratic controls, without legal basis.

This sounds somewhat worrying, but it remains rather abstract. What has all this got to do with us? What must we prepare for? Who will be affected? These are valid questions, but they are too limited. There are things that we won’t experience and suffer directly in this country but which can still cause harm or problems elsewhere. After all, basic human rights extend to people in other countries, who could well be affected – not to mention the potential escalation of this digital armament that may have a backlash effect; or the unsolved problems in international law.

It is, of course, a legitimate concern for the military to take appropriate protective measures to defend against foreign cyber attacks on its own military IT systems – allegedly thousands per day. But the Ministry of Defence is not satisfied with that alone. On the contrary: it claims – contrary to the rule of law, in our opinion – that the military should have co-operative responsibility for what it calls “pan-national security provision” and defence against cyber attacks. This includes the protection of other national, regional and civil networks within the country’s borders – but the responsibility for these in times of peace lies exclusively with the police, intelligence agencies and the courts, as well as the Federal Agency for IT Security (Bundesamt für Sicherheit in der Informationstechik, BSI) and the National Centre for Cyber Defence. Domestic military operations for the protection of non-military IT systems from cyber attacks are therefore neither constitutional nor necessary.

But that is not all: its euphemistically labelled combat unit “cyberspace and information space”, commissioned by you, Ms von der Leyen, exactly one month ago today (05 April 2017) in Bonn, is not only tasked with defensive measures – your cyber warriors are also to be empowered to mount their own cyber attacks on other countries and their infrastructure. To put it bluntly: the intention is to wage cyber war – also as accompanying measures in conventional warfare abroad. This is outlined in the ministry’s 2015 secret Strategic Guidelines for Cyber Defence (Strategische Leitlinie Cyber-Vertei­digung) and also in the Whitebook of Security Policy and the Future of the Federal Armed Forces 2016 (Weißbuch zur Sicherheitspolitik und zur Zukunft der Bundeswehr 2016). This means that the military shall develop their own arsenal of cyber weapons to be able to covertly break into foreign IT systems and use security vulnerabilities, trojan horses, viruses, etc. to be able to spy on, manipulate, control, disable, damage or destroy them.

But even if this is not considered an act of war in and illegal under international law in itself, but seen as the application of cyber force for self-defence against foreign military attacks, such activities might be permissible under international law in principle but they would still be highly risky. Why? Because not only military targets would be affected but civil infrastructure as well, at least as “collateral damage”. Cyber attacks, even if only targeting military installations, can spread like wildfire when they reach critical civil infrastructure, and disable or even destroy it. In a networked world, digital weapons are not precision weapons, and their scattering action can be extensive. The effects on the population can be grave if the attacks cause long-lasting disruption of electricity, water supply, or of medical, healthcare, or transport infrastructure. This would constitute a violation of international humanitarian law.

In addition to these effects of cyber attacks, a militarisation of the Internet will lead to further and almost intractable problems and threats:

First, there is a great danger that a wrong interpretation of a cyber attack as an act of war or a non-military attack might lead to premature self-defence action – and thus a dangerous and grave escalation. There is currently no clear and binding definition in international law under what conditions a cyber attack is to be considered an act of war. According to currently prevalent opinion¹ among experts in international law, this is only the case when the destructive effects are comparable to those of conventional weapons – that is when online-attacks cause trains to derail, planes to crash, power plants to explode, and when people are injured or killed. But NATO as well as the German military explicitly reserve the right to decide in each individual case whether it is interpreted as an act of war, and what the reaction will be – “because we want to and have to remain unpredictable to a certain degree”, according to a lieutenant colonel at the Ministry of Defence².

Second, there are no opposing armies in a cyber war, no soldiers in uniform. Instead, viruses, worms, or trojan horses are employed, in a covert and sometimes indirect way – software without uniform or national insignia. Data traces can be easily manipulated, obscured or attributed to someone else as false-flag operations to incite conflict or create a casus belli. Not only is it very hard to figure out whether IT attacks are civilian criminal acts and economic operations or executed by foreign intelligence organisations and the military, but the country under attack is faced with the problem of unambiguously identifying the perpetrator in order to react in a lawful, appropriate and targeted manner. Creating the chain of evidence is usually extremely difficult. The International Court of Justice requires clear evidence; there is no right to military self-defence as an arbitrary action or on the basis of circumstantial evidence; retaliatory action without a clearly identifiable aggressor is a violation of international law in any case.

Third, these problems are exacerbated by a dangerous legal interpretation in the “Tallinn Manual”, a NATO handbook for applying international law to cyber warfare (2013). Twenty legal experts mostly with close ties to the military, from NATO member states including Germany, have created these guidelines. Its 95 rules are supposed to serve as advice to NATO members in case of a cyber war, so they apply to the German military. But what makes these rules so dangerous? Here are three examples:

• The manual classifies as cyber war attacks even such operations that only create economic and financial losses for the affected country, as long as they are of a certain magnitude, such as a stock market crash. The guidelines would then justify military self-defence, even with conventional means, which could lead to an uncontrollable escalation of the conflict.

• According to the handbook, civilian hackers (so-called “hacktivists”) can be regarded as active combatants when they execute cyber actions in the course of armed conflict; this means they can be attacked and killed. Even searching for and publishing vulnerabilities in an adversary’s computer system would thus be considered an act of war. This effectively expands the combat zone to encompass civilians and their laptop computers.

• NATO’s Tallinn Manual also provides for a right to a preemptive self-defence strike – even before any digital attack has occurred. As with conventional military first strikes there is a high risk of misuse and misinterpretation.

The legal interpretation in this NATO document lowers the high threshold in international law for military action between nation states to an irresponsibly low level and weakens the restrictive criteria for the right to self-defence. This is a substantial threat to the civil population and international security. What has been compiled here by influential experts on international law is capable of blurring the line between interior and exterior security, between civil and military matters, between peace and war, between attack and defence; and it allows for a swift escalation from a severe data attack into a real war with missiles, bombs and grenades.

The conclusion is that this armament of the German military for cyber war will increase the probability for escalation, the readiness and the real threat for a war to start – and the requirement for parliament to approve any military action won’t offer strong protection either. In the end, the minister’s cyber concept for the German military is hardly controllable by democratic means.

Although we present this award for evil plans and deeds, we never give up hope for our awardees and gladly grant them probation. This would require that you, Minister, step back from this digital arms build-up, renounce offensive cyber weaponry for the military and pursue a purely defensive cyber security strategy to protect the population effectively. This should be accompanied by trust-building measures within a peace-oriented foreign policy and diplomacy (“cyber peace”). Furthermore, we call for global cyber disarmament and international condemnation of cyber espionage and cyber weapons. We call for the creation of an independent United Nations agency for investigating inter-state cyber attacks and finding commensurate defences.

But what are you doing instead, Ms von der Leyen? You are, in your own words, “wringing your hands” in the search for “nerds”: “hackers, IT programmers, IT security specialists, penetration testers, system administrators or IT developers.” The military is said to have a need for some 800 IT administrators and 700 IT soldiers, that is, cyber combatants, per year. With a nation-wide large-scale recruiting campaign in railway stations, at universities and in the media the military is looking for experts and career changers. Civil experts from businesses, from associations and NGOs are courted to create a powerful “cyber reserve”. Following the war slogan “Germany’s freedom is also defended at the Hindu Kush” of your pre-predecessor Peter Struck, you have created the advertising motto “Germany’s freedom is also defended in cyberspace – do what really counts …”. That sounds exciting and possibly enticing.

Have you and your advertising team ever paid a visit to the Chaos Computer Club or Digitalcourage? In this hall tonight I’m sure there are lots of technophile and tech-savvy people perfectly matching your prey preference. And thus we really hope that this speech and our award ceremony will encourage these people to put their skills to work for peace and understanding in the Internet, instead of wasting them on digital attacks and cyber warfare on the “battlefield of the future”!

Congratulations for this negative Big Brother Award 2017, Ms Minister of Defence and commander-in-chief of the German Federal Military.

Deutsch • Türkçe

The BigBrotherAward 2017 in the “Politics” category goes to the Turkish-Islamic Union for Religious Affairs, in short DİTİB, represented by its General Secretary, Dr Bekir Alboğa, because imams working for DİTİB are said to have spied upon DİTİB’s members and visitors, exposing them to persecution by the Turkish state.

This BigBrotherAward is unusual. For once it is not – as you would normally expect from us – about a data leech that depends on the digital world and has some kind of technological requirement. But this award is about hands-on espionage, about exploiting face-to-face contacts, and all this in the context of a religious community.

The practice of religion, freedom of speech and social contact, “real life” as it is called today – spying in this context by DİTİB imams is a violation of elementary basic and human rights in Germany, on the request of state agencies in Turkey.

What happened?

In December 2016, the Turkish paper “Cumhuriyet”, known for its critical stance towards the Turkish government, published documents proving that imams for DİTİB, an association registered in Germany, had collected information on members and visitors and had passed it on to Turkish government agencies. At the heart of their interest were suspected followers of the influential Islamic cleric Fethullah Gülen. The Turkish government accuses the Gülen movement of being responsible for the attempted military coup of July 2016. No hard evidence for this has been brought forward so far.

The imams’ dossiers contain detailed information about alleged Gülen followers, such as details on their mosque visits or personal links in Turkey. A private tuition centre for children was described in the dossiers as a “haven of evil”. An evaluation by the interior intelligence agency of the German Federal State of North Rhine-Westphalia (Landesamt für Verfassungsschutz Nordrhein-Westfalen) found that among the people targetted were at least five educators of German nationality. Those targets who were later informed by German agencies about their findings denied being Gülen sympathisers.

Imams working for DİTİB are civil servants of the Turkish state, subject to the Turkish Presidency of Religious affairs, Diyanet. Their dossiers were compiled in response to a request from Diyanet to Turkish embassies and consulates in September 2016. But the contents of the dossiers indicate that DİTİB’s snitching has been going on for a longer amount of time.

After the “Cumhuriyet” publication in December 2016, a German member of parliament for the Green party, Volker Beck, immediately filed charges with the Public Prosecutor General of the Federal Court of Justice (Generalbundesanwaltschaft) for suspected espionage (§ 99 German penal code [StGB]: secret service agent activity). It took several weeks for the investigation to start. A search of the homes of four imams only took place on 15 February 2017, after Chancellor Merkel had returned from a visit to Turkey. In the meantime, six prime suspects (of the sixteen that were inculpated by the Public Prosecutor) had returned to Turkey under directions from Diyanet.

When the dossiers were made public, DİTİB indignantly spoke of insinuations at first. Soon the DİTİB general secretary Bekir Alboğa promised that these “grave allegations” would be investigated in a “clean and transparent” way. He did admit that dossiers had been compiled, but said that this had been a “mishap” based on a “misunderstanding”. Soon after that, Alboğa denied having confirmed any spying activities.

In their sparse communications on the matter, DİTİB continually point out that these had been private activities by Diyanet imams without any organisational participation from DİTİB. They do not accept responsibility for what happened in DİTİB premises, under their roof. Also, we have not heard of DİTİB regretting or condemning espionage activities in their mosques.

The President of the Presidency of Religious Affairs (Diyanet), Mehmet Görmez, declared that “there is no espionage activity”. The imams ordered to return to Turkey had exceeded their authority, but not committed a crime. He spoke of his “great sadness” that efforts to protect mosque congregations in Germany had been labelled as espionage. DİTİB had been operating “on the basis of the law” for decades. He said he could not imagine mosque associations ignoring the law. DİTİB declared that the affair had been resolved internally.

The Turkish Minister of Justice, Bekir Bozdağ condemned the police searches of imams’ homes as “a clear violation of international agreements and of the German constitution”, which codified freedom of religion and faith.

These dossiers compiled by imams are part of a comprehensive intelligence gathering by Turkey and especially by the Turkish secret service MİT, which according to an unnamed “influential security politician” quoted in the German paper “Welt am Sonntag” oversees more than 6,000 informers in Germany. According to this report, German security authorities assume that around 150 MİT personnel are working at the Turkish embassy and in the consulates. The teachers union GEW (Gewerkschaft Erziehung und Wissenschaft or German Education Union, literally “Education and Science Workers’ Union”) even reported that school students of Turkish origin had been encouraged to film teachers making critical remarks about the Turkish government, and pass these recordings on to consulates.

The objective of these MİT activities is to monitor the Turkish community in Germany, to influence it in Erdoğan’s favour, to intimidate and isolate government opponents, and to influence German authorities and public opinion in Germany. Supposed regime critics spied upon in Germany that travel to Turkey have to fear arrest, criminal persecution and mistreatment, possibly even torture. And even German politicians such as Cem Özdemir of the Green party, Michelle Müntefering of the Social Democrats (SPD) or Emine Demirbürken-Wegner of the conservative CDU are under MİT observation for alleged sympathies with the Gülen movement.

German authorities are making a lot of allowances for the sensitivities of the Turkish government, not least because they want to avoid any threat to the refugee deal that is supposed to block the so-called Balkan route. DİTİB is given a ‘soft treatment’ for the sake of maintaining communications with Islamic communities in Germany. In spite of all that, the Public Prosecutor General and the Police have opened investigations and taken first steps to pursue the rights violations, and to protect the affected people.

What is obvious, however, is that the German authorities are mainly guided by diplomatic interests. These highly political considerations must not lead to a sacrifice of personality rights and human rights of the mosque visitors that were spied upon.

It would be fatal if people were impeded from exercising their religion by espionage. DİTİB cannot be allowed to simply declare their spying scandal to be over, they must make their internal affairs transparent and face public scrutiny.

On the other hand, it would be too simple for us to only make demands on DİTİB. The German state and German society, too, must move and and open the way for a free exercise of the Islamic faith – for example, by supporting politically independent Islamic groups.

A turnaround towards transparency at DİTİB will only be possible if the Turkish-Islamic Union liberates itself from its dependence on and from the influence of Turkish authorities such as Diyanet. German institutions must make this a condition for continuing to recognise DİTİB as a partner. Also, all espionage activities, including those under the roof of a religious organisation, must be fully investigated and treated as crimes and prosecuted without diplomatic considerations, not just addressed within the organisation. Twenty individual criminal investigations have been opened by now. Espionage is a violation of German criminal law. It is not “an internal matter”.

The fundamental right of informational self-determination does not only apply to ethnic Germans but also to people with a migration background. They must be able to engage in peaceful religious or political activities without fear of reprisal.

For having destroyed that certainty, DİTİB deserve the BigBrotherAward 2017 in the Politics category. Congratulations!

The result of the audience vote 2016 was strikingly clear, compared to earlier years. Since we had a slightly lower number of “candidates”, it was more likely that the result would feature higher percentages. Still it is remarkable that for the first time we have a single, clear “front-runner” with an absolute majority: the lifetime award for the interior secret service that calls itself “Protection of the Constitution”. All other votes were fairly evenly distributed between the other categories.

Here is a selection of the comments that we asked our audience to give us on their ballot papers:

Technology

First they commission a standard implementation for the cards, then they say “we didn’t commission it” …

Workplace

How dare they to first exploit us and then even spy on us!

I have read “The Circle” (or rather listened to the audio book) and I completely agree with the laudator.

Economy

change.org have shown courage. Although open questions remain and the criticism of change.org might be wholly justified, Mr Hackmack has stood up for himself and invited a debate. That takes guts, and it’s an invitation to a constructive dialogue. My respect for that!

Severe contradictions between the official line and the actual practices in data protection.

He has shown by his attitude that he has not understood anything (except that it was a rather negative award).

For the threat that such a campaigning platform (change.org) might receive a position of enormous power in political opinion-forming, and exploit this in unpredictable and arbitrary (e.g. undemocratic or socially unacceptable) ways.

The bigotry between external presentation and true intention – of course this item also had the highest entertainment factor, with the German executive director.

Consumer Protection

The erosion of solidarity in society is the biggest threat to democracy – it has begun stealthily and is manifested through gamification.

The one closest to people’s lives.

I believe that what Generali does, many others are doing as well. The capturing of data in all aspects of life is spreading. We must be aware of it everywhere.

Lifetime

Important to society as a whole.

It was time.

Who will protect us from the “Protection of the Constitution”?

Very good laudation.

A truly democratic state that respects fundamental and human rights can not afford to run such an operation.

Dissolve the Federal Office for the Protection of the Constitution immediately. Give a BigBrotherAward to every individual informer.

Ten (known) murders are enough!

Finally! So many reasons, for decades!

Jan Philipp Albrecht is the EU politician thanks to whom we now have a real chance for data protection in Europe. As rapporteur for the EU’s General Data Protection Regulation, his work has been seminal. Through his and his team’s efforts, a harmonised approach to data protection in Europe is now within reach.

Strong data protection in Europe

Many of our goals have actually been implemented in the regulation – but unfortunately, many are still missing. The new data protection regulation is a good start. Now we must keep a careful eye on the way the EU member states will put the regulation into practice. There are many decisions that will be taken at this step, for example in the field of employee data protection. So things are still on edge.

Without Jan Philipp Albrecht, his assistant Ralf Bendrath and the whole team, we would not have the General Data Protection Regulation in the form it has today. Perhaps there would be no new regulation at all. Jan Philipp Albrecht has enduringly fought off manipulative interventions from lobbyists over four years. With patience and competence, he managed to even convince political opponents or at least negotiate acceptable compromises.

Hard work for freedom and fundamental rights

Jan Philipp Albrecht has lived up to his MEP’s mandate and worked in the interests of European citizens. He has shown hat engaging for freedom and fundamental rights is worth the effort. There is a documentary movie, “Democracy”, that impressively shows this work. To watch these people working is a real appetizer to join the political debate.

Trailer „Democracy“