German companies to automatically encrypt emails (Update)

Two of Germany's biggest Internet service providers said Friday they will start encrypting customers' emails by default in response to user concerns about online snooping after reports that the U.S. National Security Agency monitors international electronic communications.

The plan by Deutsche Telekom AG and United Internet AG is the digital equivalent of putting an envelope around a postcard. Currently most emails are sent across the web in plain view of anyone standing between the sender and the recipient.

Initially the encryption will only be secure between customers of Deutsche Telekom's T-Online service and United Internet's GMX and WEB.DE services—which together account for two-thirds of primary email addresses in Germany—the companies said.

"Germans are deeply unsettled by the latest reports on the potential interception of communication data," Deutsche Telekom CEO Rene Obermann said in a statement. "Our initiative is designed to counteract this concern and make email communication throughout Germany more secure in general."

But Computer security specialists said the plan appeared to be little more than a publicity stunt, because the technology being used to encrypt the emails while in transit was outdated and didn't guarantee they were safe from prying eyes while on the companies' servers.

"The technology employed doesn't prevent 'listening posts' from being established on the system," said Germany's Chaos Computer Club, which bills itself as Europe's largest association of hackers.

NSA leaker Edward Snowden has alleged that the U.S. intelligence agency and some of its foreign partners routinely sift through online traffic as part of an effort to prevent terrorism.

A spokesman for Deutsche Telekom, Philipp Blank, told The Associated Press that the company doesn't grant foreign intelligence agencies access to its traffic in Germany. But he added that "of course we are bound by German law."

German law grants domestic security services broad powers to intercept communications and demand access to emails and phone data stored by commercial providers. It also allows them to pass information on to foreign intelligence agencies under certain circumstances.

In one indication that German security services won't find their work hindered, the country's interior minister issued a statement welcoming the encryption move.

Explore further

Deutsche Telekom profit up, sees rebound in US

© 2013 The Associated Press. All rights reserved.

Citation: German companies to automatically encrypt emails (Update) (2013, August 9) retrieved 20 August 2019 from
This document is subject to copyright. Apart from any fair dealing for the purpose of private study or research, no part may be reproduced without the written permission. The content is provided for information purposes only.

Feedback to editors

User comments

Aug 09, 2013
NSA has the root encryption certificates and has contaminated commercial and hardware encryption with their undocumented numeric constants hidden in the code. These constants likely weaken the encryption so the key or hash can be guessed in only a few attempts

Only non-NIST and non-USA encryption tools have the possibility to be trustworthy

Aug 09, 2013
The people own the surveillance infrastructure. If we faced it in the opposite direction we could continuously monitor and supervise our civil servants - genuine leaders would thrive on the attention while corrupt ones would be like vampires in sunshine.

Aug 10, 2013
Only non-NIST and non-USA encryption tools have the possibility to be trustworthy

Yeah, like I would totally trust encryption tools from Iran and Russia

First you would need to learn math. There is plenty of Russian code in your winblows, solaris and linux machines. Доверяй, но проверяй. Note in case you were asleep this summer: Your government has been proven completely untrustrowthy. Only trusted to start unnecessary wars

The notion of "trusting" any certificate these days is ludicrous
Only one that you sign yourself. And then the encryption code must be verified

Please sign in to add a comment. Registration is free, and takes less than a minute. Read more