To buttress the security of Germany's IT systems and digital infrastructure, the Ministry of the Interior is working on an IT security act. The draft text was published in August, with Federal ministries invited to comment.
"The bill goes beyond the minimum requirements for IT security of critical infrastructures defined in the Coalition Agreement to address the security of systems and public protection in general. The Federal Government wants Germany's IT systems and digital infrastructure to be the most secure in the world", the ministry said in an announcement on 29 August.
"We must improve security. Anyone who creates risks for others must be held accountable. Anyone who operates critical infrastructures must make sure they are secure," the ministry quotes Federal Minister of the Interior Thomas de Maizière as saying.
The Interior Ministry hopes that the law will help to:
- improve IT security in businesses, in particular critical infrastructures
- protect individual IT users with a secure network
- protect the IT of the Federal Government and federal agencies
- strengthen the Federal Office for Information Security (BSI)
- expand the investigative authority of the Federal Criminal Police Office in the field of cybercrime.
Once the federal ministries agree on the draft, the proposal will be discussed with stakeholders in business and society in a broad public debate, the ministry writes.
Privacy advocates and Internet activists are sceptical about the proposed bill. The German daily Der Spiegel for example points to a statement by a group of privacy advocates, who fear the law will increase the retention of data of Internet users. The newspaper also refers to a statement by a trade association of Data Protection Officers, suggesting a few changes to protect the privacy rights of citizens.