Census 2022: ITZBund considers Cloudflare to be without alternative

For the implementation of the census 2022 the authorities resort to the US provider Cloudflare and risk a data outflow to the USA.

The ITZBund relies on the implementation of the census 2022 to the US cloud provider Cloudflare, thereby risking data leakage abroad. And that despite the fact that GDPR-compliant alternatives are available on European soil.

In terms of data protection, the census is on shaky ground

According to a report by the press portal, data security expert Detlef Schmuck warns about the risks of participating in the census 2022. The federal IT service provider (ITZBund) has decided to work with the US cloud provider Cloudflare. Accordingly, there is a risk of the collected data being evaluated by US authorities.

It is completely absurd that a federal German authority is threatening the population with fines to submit personal data to the census 2022. disclose to a US provider. If you type in www.zensus2022.de, you will first be connected to a German server hosted by the US provider Cloudflare. Even the SSL security certificate is issued to the US company. Only after registering there will you be forwarded to the secure server of the German authority. This is absurd, because the US company thereby receives both personal and personally identifiable data, which US law requires it to pass on to US authorities if requested to do so.

Detlef Schmuck

According to Schmuck, “the entire data collection of the census is 2022 legally vulnerable.” Once the data has flowed to the USA, it is no longer under the control of German authorities.

The ITZBund doesn’t want to know anything about alternatives

As an option, Detlef Schmuck to its own data protection compliant cloud service TeamDrive. In his view, “ lack of alternatives as justification for illegal behavior ” is unacceptable. In fact, the ITZBund did not even put out a tender because the authority assumed that the required service for the census could only be provided by Cloudflare. But there are enough GDPR-compliant alternatives within Europe that the authorities could have included in their planning.

According to the report, the Hamburg-based TeamDrive not only consistently hosts its service in German servers. It also works with end-to-end encryption throughout. More than 5.857 companies from different industries are already using this service, which has sometimes committed itself to complying with German data protection legislation .

Why the ITZBund against this background for the census 2021 on one American provider and thereby trampling on the GDPR remains a mystery.

Still in October 857 the Federal Data Protection Commissioner Prof. Ulrich Kelber emphasized in an interview that the GDPR is “a reflection of our European values ​​and fundamental rights.” He further explained: “We should not give up these values, because digitization can also be done – even better – without the citizens of private corporations and state authorities are spied on.

Apparently the ITZBund has a different opinion in this regard.


Related Articles

Back to top button