De-Mail
De-Mail [ deːˈeː | mɛɪ̯l ] is a means of communication based on e-mail technology, but technically separate from it, for "secure, confidential and verifiable" communication on the Internet ( Section 1 (1) De-Mail Act ). De-Mail is usually implemented and operated by companies, De-Mail providers or De-Mail providers.
background
The main goal is to send and receive messages and documents confidentially, securely and verifiably via the Internet and thus to establish an electronic counterpart to today's letter post. The Citizen Portals project, later renamed De-Mail, reacted to the lack of acceptance for the court and administrative mailbox EGVP . As early as 2006, it was criticized that the alleged security advantages of the EGVP system based on the ( XML- based) OSCI protocol can also be achieved with e-mail specifications ( SMTP / S / MIME ) and therefore there is no need for a state-mandated compulsory communication an EGVP system exists. De-Mail is partially taking up this criticism and wants to enable private providers on the basis of international standards to offer secure and legally binding e-mail communication. The state does not provide the De-Mail service itself, rather certified providers are entrusted with it. These are entrusted , that is, they are sovereignly active insofar as they make public deliveries .
With the introduction of De-Mail, the Federal Government is implementing the EU Services Directive into national law. The directive requires public authorities to accept electronic communications as a mandatory medium by the end of 2009.
Scope of service
The mailbox and dispatch service De-Mail is a central service for reliable and confidential communication. De-Mail is supplemented by a trustworthy document storage (De-Safe) and reliable proof of identity (De-Ident).
Mailbox and mailing service De-Mail
The central De-Mail service should enable citizens, businesses and administrations to communicate electronically in a cost-effective, reliable and confidential manner. Secure communication is mainly based on TLS- secured communication channels ( transport encryption ). The end-to-end encryption is according to the technical guideline, an additional option is that the service provider has to support (criteria 3.1.3).
Different shipping methods are possible, which can also be used independently of one another:
- De-Mail
- The technical guideline prescribes encryption and checksum mechanisms that are intended to help protect messages from the loss of confidentiality and integrity .
- De-Mail registered mail
- The sender also receives qualified signed confirmations of when he sent the message and when it was delivered to the recipient's mailbox.
A sender can also choose the following options before sending a De-Mail:
- Personally
- The required authentication level of sender and recipient must be at least high in order to be able to read the message, for example because of the special confidentiality of the message.
- Sender-Confirmed
- The required level of authentication of the sender must be at least high due to the special nature of the message . After receiving the message, the sender's De-Mail provider confirms by means of a qualified signature that he has received the specified message content from the sender and that the sender has at least authenticated himself with high . This gives the recipient credible (“strong”) evidence of the authenticity of the sender and the integrity of the message.
- Shipping confirmation
- The sender's De-Mail provider creates a qualified signed confirmation that he has received a referenced message at a specific point in time to be sent to a specific recipient.
- Confirmation of receipt
- After the message has been stored in the recipient's mailbox, the recipient's De-Mail provider creates a qualified signed confirmation that he has placed a referenced message in the recipient's mailbox at a certain point in time.
- Collection confirmation
- The recipient's De-Mail provider creates a qualified signed confirmation that the user was able to view a message after the user has logged on securely and if there is a message with a request for a collection confirmation in the recipient's mailbox.
In addition, the sender can additionally sign his messages with his own existing components (qualified) or encrypt them end-to-end . De-Mail providers are obliged to offer a directory service in which users can, among other things, store encryption certificates for their De-Mail addresses.
The shipping methods and options are noted as a header in the finished document.
De-Mail user accounts and addresses
Both natural persons and legal entities such as companies, partnerships or public bodies (authorities and ministries) can use De-Mail . To open a user account with De-Mail, users must first register and identify themselves with their provider . Every time you change your address or name you have to register again. For natural persons, all ID data such as first and last name, registration address and date of birth are transferred in accordance with the Money Laundering Act. For example, they present their identity card to the provider for identification. For legal persons, in addition to information on the legal person itself, the data of their natural persons authorized to represent are recorded. For identification with the provider, a person authorized to represent, such as the managing director or authorized signatory, presents an extract from the trade / cooperative register.
Since the reliable initial registration is the basis for the necessary identifiability of the communication partner, only procedures that meet high security requirements are accepted, for example using the electronic identity card or by establishing identity . These security requirements can be compared with those for opening a bank account. Each De-Mail account is assigned at least one De-Mail address in the form of an e-mail address . The addresses of a legal person must contain their name, i.e. the company name. Natural persons may also maintain additional addresses under a pseudonym , but the pseudonym must be recognizable as such.
The address of a natural person is expected to correspond to the following syntax : <first name>. <Last name>. <Distinguishing feature> @ <de-mail provider> .de-mail.de. If a name occurs several times with the same De-Mail provider, the address is supplemented by a point and a number. A De-Mail address will therefore correspond to the following pattern: [email protected] . Pseudonyms should be preceded by the prefix pn_ so that such an address could be [email protected] . Legal persons should be able to receive their own domain in the form <Domain-Name> .de-mail.de as a namespace for their De-Mail addresses. The legal entity can set up various sub-accounts, for example with the names of individual employees or departments.
De-Ident
As part of the De-Mail services, there will be a simple way of establishing identity. At the request of the user, the De-Mail provider creates an identification confirmation, which is then sent by De-Mail to the recipient's De-Mail address. Citizens should be able to register with online shops, for example, or prove that they are older than 18 years. This content is qualified by the De-Mail provider to confirm the correctness of the transmitted data. The process is defined in a further technical guideline. Since the Ident-Shops only exist in Germany, residents outside of Germany are excluded from the service without this being indicated from the start when they register with De-Mail.
De-Safe
A common requirement is that important documents can be securely stored in electronic form. In this case, the De-Mail providers should provide document safes that enable long-term storage and protection against loss and manipulation. Here, too, all documents handed over to the safe are encrypted and their integrity is protected immediately after they are received. The process is defined in a further technical guideline. Legal requirements for archiving or storage of documents, e.g. § 147 Tax Code (AO), are not met by this service.
Registration to use the De-Mail account
The basis for using the De-Mail services is logging into the user's De-Mail account. The De-Mail Act distinguishes between two security levels.
- The secure application is the rule ( § 4 para. 1 sentence 2 De-Mail Act). Two independent securing devices are required for this. Each provider must offer at least two different procedures, one of which is the use of electronic proof of identity with the electronic identity card . Such methods typically require two elements: possession (e.g. a chip card or a mobile phone) and knowledge (password or PIN).
- At the request of the user, registration can also take place without this security. A single means of security is sufficient for this (usually user name and password, Section 4 Paragraph 1 Clause 3 of the De-Mail Act).
The sender of a De-Mail can demand that the recipient registers securely in the above-mentioned sense before calling up the message ( Section 5 (4) De-Mail Act); He can also ask his provider to make it clear to the recipient that he (the sender) has safely registered ( Section 5 (5) of the De-Mail Act). Secure registration is required in order to set up automatic forwarding to another De-Mail address ( Section 5 (11) of the De-Mail Act). When using the document storage, the user can specify for each individual file whether he wants to be able to use it only after secure registration or without these requirements ( Section 8, sentence 3 of the De-Mail Act).
Accredited service providers
Accreditation process
Section 17 of the De-Mail Act provides that De-Mail providersmust prove that technical and organizational measures have been implemented, for example internal or external access,as part of an accreditation by the Federal Office for Information Security (BSI) prevent the data from being used by unauthorized persons.
This includes, on the one hand, evidence of functionality, interoperability and security and, on the other hand, evidence of data protection. The requirements to be met for functionality and interoperability are defined in the technical guideline BSI TR-0120 [TR-DM], which covers the following areas: IT basic infrastructure, user account management, mailbox and dispatch service, identification service Light, document safe Light , Safety. A test report is created to check these requirements and is assessed by the BSI. If the test is successful, a certificate will be issued and, if requested by the provider, will be published on the BSI website.
In order to meet the security requirements, an ISO27001 certification based on IT-Grundschutz - supplemented by specific De-Mail requirements - must be carried out. The auditor creates an audit report for this purpose, which is checked by the BSI . If the exam is successful, a certificate will be issued which will be published on request.
For the accreditation, the De-Mail provider must also prove that it also fulfills the data protection requirements . Proof must be provided by a certificate from the Federal Commissioner for Data Protection and Freedom of Information (BfDI). For this, the De-Mail provider must submit an expert report to the BfDI. The basis for the assessment is the BfDI's catalog of criteria.
Accreditation as a De-Mail service provider is not compulsory, but on the one hand it offers the service providers the advantage that they receive a quality mark that signals the accreditation to the user. On the other hand, messages are usually only exchanged between accredited De-Mail service providers. To do this, they must also prove that they offer the De-Mail services interoperably, i.e. that they work seamlessly with the other De-Mail providers on a technical level.
Detailed and current information on the certification and accreditation process is published on the BSI website. The technical specifications were also published by the BSI.
Approved auditors and test centers
The BSI has published auditors for testing IT security, interoperability and functionality on its website. The Federal Commissioner for Data Protection and Freedom of Information (BfDI) dates back to the also required in addition to the technical examination of data protection test another way: As a reviewer for the privacy exam come from the federal government or a state-recognized or publicly appointed or beliehene expert bodies for data protection used. You must be professionally approved for the two areas of law and technology . Such positions are currently approved by the Independent State Center for Data Protection Schleswig-Holstein (ULD).
Accredited providers
Four companies are currently accredited with the following domains:
- Mentana-Claimsoft GmbH with fp-demail.de, mc-demail.de, fpbrief.de-mail.de and anwalt.de-mail.de
- 1 & 1 De-Mail GmbH with 1und1.de-mail.de, gmx.de-mail.de, sec.de-mail.de and web.de-mail.de
- T-Systems International GmbH with de-mail-t-systems.de-mail.de
- Telekom Deutschland GmbH with t-online.de-mail.de
At Cebit 2012, Mentana-Claimsoft GmbH (subsidiary of Francotyp-Postalia ) and Deutsche Telekom AG, two companies, were accredited by the Federal Office for Information Security (BSI) as service providers for De-Mail. United Internet AG followed in March 2013, offering De-Mail products under the name 1 & 1 De-Mail GmbH for GMX , Web.de , and as a business solution from 1 & 1 , De-Mail products.
Access opening and use
The use of the service by citizens should be voluntary. The transmission of electronic documents from companies and authorities to consumers is permitted provided that the recipient has opened access for this purpose (so-called access opening). Section 7 (3) of the De-Mail Act stipulates that "the publication of the De-Mail address in the directory service at the request of the user as a consumer [...] alone [...] does not constitute opening of access within the meaning of Section 3a Paragraph 1 of the Administrative Procedure Act, Section 36a Paragraph 1 of the First Book of the Social Security Code or Section 87a Paragraph 1 Clause 1 of the Tax Code ”applies. The consumer must explicitly declare the release for delivery. The following options are available to him:
- The consumer contacts the company or institution via De-Mail. They can then respond to his request.
- The consumer declares his consent in another way that companies and authorities can contact him at his De-Mail address. This explanation could e.g. B. be done via a web platform, with the help of which consumers can manage the access openings.
Access openings can also be withdrawn. The creation of a mailbox, the sending of messages and the confirmation of the dispatch can be offered for a fee.
safety
De -Mail differs from unencrypted e-mail primarily in that the messages are sent encrypted in sections. However, the existing technical standards are not to be expanded to operate De-Mail; Rather, the additional security should result from the mandatory use of standard functions, which are actually considered optional and in practice are rarely used to their full extent.
- Mandatory authentication should be an integral part of De-Mail so that the systems of the sender and recipient can ensure the identity of the other side. One possibility for this is the use of digital certificates .
- A section-by-section encryption of the transmission paths is intended to provide security against unauthorized access.
If the confidentiality of the messages is particularly high, De-Mail users have the option, as with conventional e-mails, of additionally encrypting the content transmitted with De-Mail themselves (" end-to-end encryption "). In this case, the encryption takes place on the sender's computer and the content is only decrypted on the recipient's computer. However, this requires the installation of additional software that performs the encryption and decryption. The directory service, which must be offered by the service provider in the case of De-Mail, supports the user in that he can make his public key available to other users. It should therefore be possible to search for public keys of people at a central point in order to communicate with them confidentially. Up to now this has only been possible with great difficulty and represents the main “stumbling block” for the spread of end-to-end encryption methods (“Where can I find the valid encryption key of my communication partner?”). In this way, De-Mail is intended to support and promote the use of end-to-end encryption.
S / MIME or OpenPGP can also be used by the user to map end-to-end security. The list of the main safety functions has been summarized in a document from the BMI.
Technical conception
The technical concept is described in technical guidelines that are published on the BSI website.
Standard transport security
Both the communication between De-Mail users and their De-Mail providers and communication between De-Mail providers as a matter of principle takes place via TLS-secured communication channels. If the security level achieved in this way is not sufficient for a user, he can also encrypt his messages and documents end-to-end or (qualified) sign content .
Sending the message from the sender to the De-Mail provider
The message is transmitted from the user's web or message client to the provider's mailbox service.
Checking and completing the metadata
Immediately after receiving the message from the sender, the De-Mail provider checks the metadata transmitted with the message. Among other things, the De-Mail address specified in the message as the sender address must be assigned to the De-Mail account from which the sender sent the message. The sender's authentication level must also be at least high if they have selected the De-Mail-specific sending option sender-confirmed . After checking the metadata, the message content is checked for malware . The sender's De-Mail provider then adds additional metadata, including the current time.
Integrity assurance and encryption
With the aim of ensuring the integrity of the sender, the De-Mail provider adds a hash value to the message, including metadata . However, a hash value does not represent integrity protection in the sense of a message authentication code . For messages that are sent with the sender-confirmed sending option , the hash value is also electronically signed by the provider and the signature is stored in the metadata of the message (header).
The De-Mail provider then encrypts the message content both for itself and for the recipient's De-Mail provider.
At the beginning of March 2015, the De-Mail providers Deutsche Telekom , Francotyp-Postalia and United Internet ( 1 & 1 , GMX and Web.de ) announced that they would offer plugins for the Firefox and Chrome browsers via the content of De-Mail with the PGP processes can be encrypted end-to-end .
Shipping confirmation
Immediately before the message is transmitted to the recipient (s), the sender's De-Mail provider - if requested by the sender - issues a qualified signed confirmation of dispatch. The dispatch confirmation is sent to the sender as an attachment to a De-Mail. The dispatch confirmation contains, among other things, the hash value of the original message and the time of transmission. This enables the sender to prove to third parties that he sent the referenced message at a certain point in time.
Transmission of messages to De-Mail providers
The De-Mail is transmitted from the De-Mail provider of the sender to the De-Mail provider of the recipient using SMTP secured by TLS. After the messages have been received, a copy of the message is temporarily decrypted and the integrity of the message is checked. Any existing forwarding order is processed. The recipient's provider then stores the encrypted message in the recipient's mailbox and discards the decrypted copy of the message.
Confirmation of receipt
Immediately after the message has been stored in the recipient's mailbox, the recipient's De-Mail provider issues a confirmation of receipt for the sender of the message - if requested by the sender. This confirmation of receipt of the message is also called confirmation of receipt by the BSI in its technical guideline. The De-Mail provider signs the confirmation in a qualified manner and sends it back to the sender as an attachment to a De-Mail. The confirmation of receipt contains, among other things, the hash value of the original message and the time at which the message was stored in the recipient's mailbox. The sender of the original message can use the confirmation of receipt to prove to third parties that the recipient had access to a specific message from a certain point in time.
De-Mail protocols and data formats
Two communication routes are relevant for De-Mail communication: on the one hand the route between the user and his De-Mail provider and on the other hand the "internal" route between two De-Mail providers.
For the communication channel between the user and his provider, there is the security requirement that communication must take place via a mutually authenticated and confidential channel, such as SSL / TLS. However, this can also be implemented via OSCI Transport. The technical implementation and thus the choice of the transport protocol and the data formats used can be carried out individually between the De-Mail provider and the user. In principle, the sender and recipient can also use different protocols or data formats and thus also client applications. De-Mail providers must support at least web browsers with HTTPS as client applications. In addition, e-mail clients with SMTP for sending and POP3 or IMAP for receiving messages - each used via a secure communication channel - are possible.
In contrast to the channel between users and De-Mail providers, the protocols and data formats between two De-Mail providers are precisely specified so that all providers can communicate uniformly (interoperably) with one another. SSL / TLS is always used to secure communication between two De-Mail providers. This encrypted channel uses SMTP to transmit the messages and the standard e-mail format (Internet Message Format) as the data format.
status
The citizen portal project was implemented by the German government together with private sector partners. The project was presented to the public for the first time in November 2008 at the IT summit in Darmstadt. On February 4, 2009, a corresponding bill was passed by the federal government.
Instead of the previous draft law regulating citizen portals, a new draft law entitled “Draft law regulating De-Mail services and amending other regulations - De-Mail law” was submitted to associations and clubs for comment. The Financial Times Deutschland reported in September 2009 that Deutsche Post AG delayed the legislative process in order to give its own E-Postbrief service a head start. A De-Mail pilot project in the Friedrichshafen area ran for six months (October 2009 to March 2010). The pilot systems were still available to users.
In the following year, the De-Mail Act was passed as Art. 1 of the Act regulating De-Mail services and amending other provisions and came into force on May 3, 2011 according to Art . The introduction of De-Mail was initially planned for spring / summer 2011, but it was delayed. The BSI justifies this with the lengthy certification process of the services submitted for testing by the future De-Mail providers.
In December 2011, the BSI announced in a press release that “Mentana-Claimsoft AG had been granted an ISO 27001 certificate based on IT-Grundschutz”. The certificate contains additional aspects from the technical guideline TR 01201 De-Mail. The company is the first to meet the safety requirements for accreditation. On February 3, 2012, Peter Schaar , Federal Commissioner for Data Protection and Freedom of Information, published a press release that he had also given this company a data protection certificate for the De-Mail service planned there. The German Telekom announced in March 2012, to start the service for major corporations in the same month and small and medium enterprises and private users can use it as of August 31 2012th After Deutsche Post was unable to enforce its standard E-Postbrief with the legislature, it wanted to offer De-Mail from December 2012. In April 2013, Deutsche Post backed out and discontinued its De-Mail plans.
The internet provider 1 & 1 has been offering a service for business customers since the second half of 2012 after being accredited by the BSI. GMX and web.de , which also belong to the 1 & 1 group, introduced a De-Mail offer after the accreditation in March 2013.
The central gateway for connecting the federal authorities to De-Mail went into operation on March 23, 2015. Every federal authority that has access to this gateway has been obliged to open access for De-Mail in accordance with Section 2 (2) EGovG since March 24, 2016 . According to the public De-Mail directory, only 60 percent of the administrations and ministries opened such access on the reporting date.
According to the De-Mail providers within the De-Mail working group, over a million private customers, tens of thousands of medium-sized customers and around 1000 major De-Mail customers from business and administration have authenticated themselves since the market launch in September 2012.
According to a study as of 2015, 13% of the German online users surveyed had a De-Mail account over the age of 18. Another 12% are planning the establishment. 28% of the respondents said they were not familiar with De-Mail. 47% rejected De-Mail.
In the past, De-Mail users could also encrypt their documents end-to-end on the already encrypted transport route. Since April 20, 2015, the De-Mail service providers have greatly simplified the option of using end-to-end encryption with De-Mail.
In a decision of November 19, 2018, the Federal Constitutional Court declared a constitutional complaint lodged by De-Mail with reference to the non-compliance with the written form requirement as inadmissible. The court's interpretation of the word "in writing" in Section 23 BVerfGG to the disadvantage of De-Mail and contrary to the requirements of the EU Services Directive is viewed critically in the specialist literature.
criticism
safety
There was criticism of the system back in 2011. The Chaos Computer Club and other experts had given De-Mail a catastrophic certificate in terms of security. The main point of criticism is the lack of end-to-end encryption, which gives De-Mail providers, police, secret services and potential attackers access to the unencrypted communication data. The planned relaxation of administrative laws, which, despite this deficiency, is intended to legally enable the use of De-Mail in public authorities in the future, will from now on expose sensitive data from citizens to an unacceptable risk.
Linus Neumann , who was invited to the Bundestag as an IT expert on De-Mail in 2013, presented a comprehensive analysis of De-Mail at the 30th Chaos Communication Congress (30C3). He found clear words in his lecture entitled Bullshit made in Germany . De-Mail is "intentionally built insecure" to enable German services to spy on German citizens. The providers or hackers could theoretically read the messages on the sender and recipient side and in between on the De-Mail provider's servers. On closer inspection, many features such as the automatic virus scan are not a usage argument, but on the contrary: Due to the few servers with sensitive data, the attractiveness of an attack from a hacker's point of view is even increased.
Technical conception
De-Mail uses mutually authenticated and encrypted communication channels to secure communication between users and providers as well as between two providers. When sending, the message content is therefore only secured in terms of integrity on the provider side and encrypted for the recipient's provider. The recipient's provider must also decrypt, check and encrypt the message content again before it is transmitted to him. No so-called end-to-end encryption is used here. However, even with De-Mail, the user can sign his own messages and encrypt them end-to-end, with encryption being carried out by the provider and decryption being carried out locally at the user. De-Mail supports this operation with a directory service in which users can or must publish their own encryption certificates. A verification service for the qualified electronic signature should make it easy for the user to verify the electronic signature.
If a message has not been encrypted by the user, it is in principle possible that employees of the provider can read or change the messages. This risk is to be countered by technical and organizational measures that are checked in the certification process. By implementing a suitable role concept and other technical measures, the provider must prove that individual employees of a provider cannot access the users' messages.
Communication between De-Mail addresses and regular e-mail addresses is not possible.
However, the EGVP of the courts can be reached via a gateway via De-Mail since January 1, 2018. You can be addressed according to the scheme "SAFE-ID [email protected]" or "[email protected]" (e.g. [email protected]) . The SAFE ID of the respective court can be looked up in an EGVP client in the directory service.
privacy
Before setting up a De-Mail mailbox, you have to identify yourself, which is not necessary with a normal mailbox or when sending letters. Due to the architecture of De-Mail, all data and contacts that can be traced back to the person flow together at a central point. The use of several identities that cannot be linked is not possible.
The stored personal data of the user can be requested by a large number of security authorities and secret services without a judicial order ( Section 113 TKG), the identity behind a De-Mail address can be accessed online by around 250 authorities registered with the Federal Network Agency ( Section 112 TKG), in which almost 100,000 accesses to customer data are made every day at around 140 telecommunications providers. According to Section 16 of the De-Mail Act, private individuals also receive information about the name and address of a user in certain cases. The prerequisite is, among other things, that the third party needs the data in order to pursue a legal claim against the user that arose using De-Mail.
The draft law does not clearly rule out the retention of all De-Mail correspondence (see Section 100 TKG). The user ID and password for a De-Mail mailbox are to be issued at the request of a law enforcement authority, a police authority, the Federal Office for the Protection of the Constitution, the Federal Intelligence Service or the Military Counterintelligence Service without a judicial order ( Section 113 TKG). The documents and information in the De-Mail inbox are by no means as protected as paper documents or letters in your own home. The right to request a password exists for all e-mail accounts. There you can protect yourself against access with anonymous mailboxes, multiple identities and foreign accounts, which is not possible with De-Mail.
Although the application for a De-Mail address is supposed to be voluntary, it is feared that authorities and companies that have previously offered their services anonymously or without checking the customer details will in fact gradually receive a personal and identity-verified e-mail address as a prerequisite for their offer Will make achievements. According to the Federal Ministry of the Interior, the aim of the project is actually to make “non-anonymous and secure electronic communication the norm”. The clear identification on the Internet can be used to exclude certain customer groups, for example because of allegedly poor creditworthiness or just because of displeasure or criticism of the company.
The working group on data retention draws the conclusion that the use of De-Mail can "only be advised against". In order to prevent a de facto compulsion to use De-Mail, the service must be boycotted so that it does not prevail.
implementation
A former state-owned company , Deutsche Telekom, is involved in implementing the service . The Strato AG criticized the applied regulatory practices, after it had been self-excluded claims to be eligible. Nevertheless, the legally required proof of a data protection concept for De-Mail providers can increase the trustworthiness of other e-mail providers.
Legal Aspects
Since January 1, 2018, De-Mail has received special funding from the legislature by introducing it in Section 130a of the German Code of Civil Procedure as one of three electronic means of transmission to courts and authorities and thus for the first time for citizens without a card reader the "lawsuit by e-mail "has become possible. The other two ways, the special electronic attorney 's mailbox and the EGVP, were either closed to him or had proven to be too cumbersome in practice due to the obligation to sign with a qualified electronic signature (i.e. using a card reader).
It should be noted that § 130a para 3 sentence 1 ZPO provides additional requirements. It must first the login process the identity be promptly confirmed only according to § 4 paragraph 1 sentence 2 of the De-Mail Act of users " secure "registered. In practice, this is usually done with an mTAN sent to the user's cell phone via SMS .
When the message is sent, the secure registration must also be visibly confirmed for the recipient in accordance with Section 5 (5) De-Mail-G. For this purpose, the De-Mail provider uses an attachment that he signs with his own qualified electronic signature, which is why this service is usually chargeable to the end user. The corresponding selection field is usually "send confidential".
The other consequences of using De-Mail mainly depend on the conclusiveness of De-Mail. This has not yet been clarified.
Lawyers such as Wolfgang Steppling, Vice President of the Higher Administrative Court of Rhineland-Palatinate , criticize the possibility provided by law to electronically deliver official notifications without confirmation of receipt . This would allow notices in existing power grow without the person ever knowing. In contrast to conventional mailboxes, the ongoing monitoring of the electronic mailbox would require technical and financial prerequisites, the creation and maintenance of which the citizen cannot simply demand. However, this circumstance was taken into account in the implementation, which means that an administrative act is only considered announced after a collection confirmation has been sent and this must be terminated if no dispatch took place within 10 days ( Section 41 (2a) VwVfG).
There should be no significant changes to the delivery fiction , because for the beginning of a period of appeal, the case law has so far not taken into account whether the third day fell on a weekend; only for the end of the period, §§ 188 ff apply via the VwVfG of the federal and state governments . BGB. Compared to a simple e-mail, De-Mail (in the absence of a qualified electronic signature) does not provide a way of fulfilling the written form requirement (according to Section 126 (3 ) BGB ). The e-Government Act from 2013, however, changed the Federal Administrative Procedure Act so that in many cases the electronic form via De-Mail is sufficient. Most of the federal states also adapted their state administrative procedure laws accordingly in 2014.
It is unclear who should bear the burden of proof for misuse, because De-Mail only delivers the mailbox that is clearly assigned to a user via ID control. What is sent within this black box can still be manipulated because it has not been signed. The Chaos Computer Club fears that the burden of proof - similar to the misuse of EC cards - could lie with the consumer (user). Since the identity check is now carried out in Telekom shops and Hermes acceptance points, it can hardly be ensured that the identity has been securely checked.
However, this problem can be countered within certain limits with the largely unknown but much more practical stepchild of the qualified electronic signature, the advanced electronic signature : With it, the unchangeable content is also assigned to the signer. According to EU law, the evidential value may only be called into question through qualified disputes, so that the result is a reversal of the burden of proof.
On December 7, 2018, the Federal Constitutional Court announced that the means of transmission by De-Mail to the Federal Constitutional Court must first be opened by the legislature.
financing
The service is financed through monthly contributions and electronic franking ("e-postage"). In March 2014, free offers for private customers were introduced.
Differentiation from other offers
E-mail letter
Observers see that traditional letter writing is being replaced by De-Mail offers. According to Christian Schlesiger, the expected decline in conventional letter post will change the business model of Deutsche Post significantly. Not least because of this, the company launched a competing product with similar security features: the E-Postbrief , which went into operation on July 14, 2010. Sometimes the public did not notice the difference between E-Postbrief and De-Mail.
However, since politicians only made the De-Mail solution legally binding, authorities can only work with products that comply with the De-Mail standard for legally binding communication. At the legal level, De-Mail therefore prevailed against the E-Postbrief in this area.
In April 2013, Deutsche Post AG stopped trying to have its existing E-Postbrief service accredited as a De-Mail service. The attempt failed because of the requirements of the data protection for data reduction when used PostIdent method.
Comparable services in Europe
- Finland: Netposti
- Italy: Posta elettronica certificata (PEC)
- Austria: Electronic delivery
- Czech Republic: Datové schránky
- Denmark: E-post (e-boks)
See also
Web links
Government sites
- De-Mail on the website of the Federal Government Commissioner for Information Technology
- Announcement of the technical guideline "De-Mail" of the Federal Office for Information Security from February 15, 2019 ( BAnz AT March 20, 2019 B4 )
- Information on De-Mail from the Federal Ministry of the Interior
- DE-Mail (PDF; 65 kB) in the series Current Concept of Scientific Services from November 3, 2011, publisher: German Bundestag, author: Sabine Horvath
private sites
Individual evidence
- ↑ CeBIT 2012: DeMail online letter competes with Post. March 7, 2012, accessed March 17, 2018 .
- ↑ Mail, die or das. In: duden .de. Bibliographical Institute , accessed March 17, 2018 .
- ↑ IT Commissioner of the Federal Government - Frequently Asked Questions . Retrieved November 5, 2011.
- ^ Uwe Berlit: The electronic court and administrative mailbox. JurPC 13/2006.
- ^ Raoul Kirmes: Electronic right-hand traffic in the intermediary model. In: Kommunikation & Recht (K&R) 10/2006, Verlag Recht und Wirtschaft.
- ↑ a b c Technical Guideline - IT Basic Infrastructure Interoperability Specification ( Memento of the original from July 14, 2014 in the Internet Archive ) Info: The archive link was automatically inserted and not yet checked. Please check the original and archive link according to the instructions and then remove this notice. (PDF).
- ↑ a b c d e f Technical Guideline - PO Box and Dispatch Service Functionality Specification (PDF; 2.6 MB).
- ↑ a b BfDI: De-Mail criteria catalog (PDF; 468 KB) ( Memento of the original from January 25, 2014 in the Internet Archive ) Info: The archive link was inserted automatically and has not yet been checked. Please check the original and archive link according to the instructions and then remove this notice. BAnz AT 07/01/2014 B4 .
- ↑ [TR BP IO] Technical Guideline Interoperability Specification PO Box and Dispatch Service of a Citizen Portal, Draft, Version 0.99 (PDF; 739 kB) Federal Office for Information Security (BSI). 2009. Retrieved on July 23, 2010: "Overview of the headers of citizen portal messages"
- ↑ Technical Guideline - Account Management Functionality Specification (PDF; 404 kB).
- ↑ Technical Guideline - Identification Service Functionality Specification (PDF; 671 kB).
- ↑ Technical guideline - data safe functionality specification (PDF; 1.7 MB).
- ↑ a b Schumacher, A .: Accreditation and certification of De-Mail service providers . In: Data protection and data security . No. 9 , 2010, p. 302-307 .
- ↑ BSI (2011): Accreditation of De-Mail service providers ( Memento of the original from September 3, 2014 in the Internet Archive ) Info: The archive link was inserted automatically and has not yet been checked. Please check the original and archive link according to the instructions and then remove this notice. (accessed on April 25, 2012)
- ↑ BSI, An overview of the technical requirements for ensuring the secure communication infrastructure ( page no longer available , search in web archives ) Info: The link was automatically marked as defective. Please check the link according to the instructions and then remove this notice. , June 15, 2010.
- ↑ BSI, Certification as Auditor De-Mail ( Memento of the original from December 1, 2010 in the Internet Archive ) Info: The archive link was inserted automatically and has not yet been checked. Please check the original and archive link according to the instructions and then remove this notice. .
- ↑ ULD, seal of approval at the Independent State Center for Data Protection - Expert Register ( Memento of the original dated November 2, 2011 in the Internet Archive ) Info: The archive link was inserted automatically and has not yet been checked. Please check the original and archive link according to the instructions and then remove this notice. .
- ↑ Accredited De-Mail service providers. Federal Office for Information Security, accessed on April 22, 2019 .
- ↑ De-Mail service provider accredited . Federal Office for Security in Information Technology. Accessed on September 10, 2012: “[…] Mentana-Claimsoft GmbH, Telekom Deutschland GmbH and T-Systems International GmbH can now offer their De-Mail services to companies, administrations and private individuals. [...] “ ( page no longer available , search in web archives ) Info: The link was automatically marked as defective. Please check the link according to the instructions and then remove this notice.
- ↑ De-Mail web page of the BSI ( Memento of the original dated December 1, 2010 in the Internet Archive ) Info: The archive link was inserted automatically and has not yet been checked. Please check the original and archive link according to the instructions and then remove this notice.
- ^ Charlie Kaufman, Radia Perlman, Mike Speciner: Network Security : Private Communication in a Public World . Prentice Hall PTR, Upper Saddle River, New Jersey 2002, ISBN 0-13-046019-2 , pp. 123-124 (American English: Network security: private communication in a public world .): “The obvious thought is that MD (m) is a MAC for message m. But it isn't. Anyone can compute MD (m). (German: The obvious thought is that MD (m) is a MAC for message m. But that's not so. Everyone can calculate MD (m).) "
- ↑ spiegel.de
- ↑ cf. TR - De-Mail IT basic infrastructure interoperability specification p. 5
- ↑ a b Drucksache 174/09 - Draft of a law regulating citizen portals and amending other regulations. (PDF; 472 kB) (No longer available online.) Federal Council, February 20, 2009, archived from the original on November 22, 2010 ; Retrieved July 25, 2010 . Info: The archive link was inserted automatically and has not yet been checked. Please check the original and archive link according to the instructions and then remove this notice.
- ↑ Financial Times Deutschland: Post torpedoes government project ( Memento of September 27, 2009 in the Internet Archive ), accessed on September 24, 2009 (subject to a charge).
- ↑ Statements by the BSI to the "Wirtschaftswoche"
- ↑ De-Mail: BSI issues ISO certificate to Mentana-Claimsoft. ( Memento of the original from November 14, 2012 in the Internet Archive ) Info: The archive link was inserted automatically and has not yet been checked. Please check the original and archive link according to the instructions and then remove this notice.
- ↑ De-Mail: BfDI issues data protection certificate to Mentana-Claimsoft. ( Page no longer available , search in web archives ) Info: The link was automatically marked as defective. Please check the link according to the instructions and then remove this notice.
- ↑ Telekom De-Mail homepage
- ↑ onlinekosten.de: Deutsche Post also relies on De-Mail , March 7, 2012, accessed on March 17, 2012.
- ↑ SpiegelOnline Netzwelt: Deutsche Post exits from De-Mail , accessed on June 28, 2013.
- ↑ Christian Wolf: 1 & 1: De-Mail registration for corporate customers starts , onlinekosten.de, April 27, 2012, accessed on May 5, 2012.
- ↑ Art. 31 Paragraph 4 of the Act for the Promotion of Electronic Administration and the Amendment of Other Regulations
- ↑ Computerwoche: De-Mail is still not an official standard.Retrieved on July 14, 2016.
- ↑ a b BT-Drs. 18/5440
- ^ Initiative D21; ipima (Ed.): eGovernment MONITOR 2015. Use and acceptance of electronic citizen services in international comparison ( memento of the original from September 21, 2015 in the Internet Archive ) Info: The archive link was inserted automatically and has not yet been checked. Please check the original and archive link according to the instructions and then remove this notice. (PDF; 1.97MB), 2015, p. 21.
- ↑ BVerfG, decision Spruchkoerper_1__Senat_4__Kammer of November 19, 2018 - 1 BvR 2391/18 - Rn. (1-7). Retrieved December 7, 2018 .
- ↑ The Federal Constitutional Court is uncomfortable with electronic legal communication, constitutional complaints by De-Mail are not permitted. Retrieved December 18, 2018 .
- ^ Opinion of the CCC
- ^ Linus Neumann : Bullshit made in Germany. (-Page with embedded video) How to host your De-Mail, E-Mail and Cloud directly with the BND! In: 30th Chaos Communication Congress (30C3). Chaos Computer Club eV , December 28, 2013, accessed on March 24, 2016 (video download in various formats, plus slides in PDF format ).
- ^ Allegedly secure De-Mail intentionally built insecurely , Die Zeit, December 29, 2013
- ↑ cf. BSI TR 01201 part 3.1 p. 24f
- ↑ Technical Guideline - IT Security, Superordinate Components (PDF; 994 kB)
- ↑ name = " http://ervjustiz.de/ " [1] accessed on July 21, 2018
- ↑ vorratsdatenspeicherung.de (PDF; 136 kB): Statement by the working group on data storage , p. 12 f.
- ↑ vorratsdatenspeicherung.de (PDF; 136 kB)
- ↑ bundesnetzagentur.de ( Memento of the original from May 22, 2012 in the Internet Archive ) Info: The archive link was inserted automatically and has not yet been checked. Please check the original and archive link according to the instructions and then remove this notice. : 2012 annual report of the Federal Network Agency, p. 112.
- ^ E-Government 2.0 - The Federal Program . IT staff in the Federal Ministry of the Interior. S. November 15, 2006. Accessed on July 25, 2010: “Citizen portals give citizens a face on the Internet. They make non-anonymous and secure electronic communication the norm [...] ” ( page no longer available , search in web archives ) Info: The link was automatically marked as defective. Please check the link according to the instructions and then remove this notice.
- ↑ Statement on the dialogue event "Data protection and data security on the Internet" (PDF; 136 kB) Working group on data storage (AK supply). P. 12. January 16, 2010. Accessed on July 25, 2010: “De-Mail and electronic identity cards cannot be used for better self-data protection. Conversely, we can only advise against using these offers. "
- ^ A b Thomas Wendel: Strong criticism of federal email. (No longer available online.) Financial Times Deutschland, October 9, 2008, archived from the original on October 10, 2008 ; accessed on July 25, 2010 (fee required).
- ^ Witte: New legal weekly . No. 18 , 2009, p. III .
- ↑ Jura-specific: time limits in public law ; a. A. Jürgen Kuri: Legally secure citizen email De-Mail: special features and pitfalls (heise.de, July 13, 2010)
- ^ E. Jung: Government plans for the IT summit "No more spam". Sueddeutsche.de , November 20, 2008, p. 2 , accessed on May 26, 2015 : “We fear that, similar to EC cards, the burden of proof in the event of abuse will be imposed on the citizen,” says Frank Rosengart from the Chaos Computer Club . "
- ↑ BVerfG, decision Spruchkoerper_1__Senat_4__Kammer of November 19, 2018 - 1 BvR 2391/18 - Rn. (1-7). Retrieved on December 7, 2018 (cf. von Coelln, in: Maunz / Schmidt-Bleibtreu / Klein / Bethge, BVerfGG, § 23 Rn. 49 ff. <May 2009>; Puttler, in: Burkiczak / Dollinger / Schorkopf, BVerfGG, 2015, § 23 Rn. 9; Lenz / Hansel, BVerfGG, 2nd edition 2015, § 23 Rn. 10).
- ↑ De-Mail Web at a glance. (PDF) (No longer available online.) Telekom Deutschland GmbH, January 2014, archived from the original on January 22, 2014 ; accessed on March 11, 2014 . Info: The archive link was inserted automatically and has not yet been checked. Please check the original and archive link according to the instructions and then remove this notice.
- ↑ De-Mail Telekom for business customers. Deutsche Telekom AG, accessed on March 11, 2014 .
- ↑ CeBIT Free De-Mail at GMX and Web.de. Heise Zeitschriften Verlag GmbH & Co.KG, March 10, 2014, accessed on March 11, 2014 .
- ^ Christian Schlesiger: De-Mail-System: Struggle for electronic mail. Wirtschaftswoche, June 4, 2009, p. 1 , accessed on July 25, 2010 : “And like wireless technology 18 years ago […], De-Mail will almost completely wipe out letter writing in the long run - and shake Deutsche Post to its foundations . "
- ↑ Arndt Ohler: Post gives the go-ahead for online letters . Frankfurter Allgemeine Zeitung. July 13, 2010. Accessed on July 22, 2010: "In addition to Deutsche Post, other companies such as Deutsche Telekom, GMX and Web.de also offer the new De-Mail procedure"
- ↑ Tina Klopp: Online letter for 20 cents . Zeit online GmbH. February 8, 2010. Accessed on July 23, 2010: "It should be ready in summer: Deutsche Post wants to offer the DE-Mail, which has been discussed for a long time, nationwide from June."
- ^ Deutsche Post - E-Postbrief: E-Postbrief now with TÜV seal, accessed on January 2, 2012.
- ↑ E-Post vs. De-Mail: Deutsche Post is finally leaving De-Mail , Heise online , accessed on April 12, 2013.
- ↑ Deutsche Post does not want to deliver De-Mails, Frankfurter Allgemeine Zeitung, accessed on April 12, 2013.
- ↑ posti.fi ( Memento of the original from January 16, 2014 in the Internet Archive ) Info: The archive link was inserted automatically and has not yet been checked. Please check the original and archive link according to the instructions and then remove this notice.
- ↑ postacertificata.gov.it ( Memento of the original from March 15, 2015 in the Internet Archive ) Info: The archive link was inserted automatically and has not yet been checked. Please check the original and archive link according to the instructions and then remove this notice.
- ↑ datoveschranky.info