
Germany's Privacy Stance Boosts Berlin's Tech Startups - lelf
http://www.forbes.com/sites/alisoncoleman/2014/01/20/germanys-privacy-stance-boosts-berlins-tech-start-ups/
======
junto
I think there are some small green shoots in Berlin, but I'm not sure whether
it is anything to write home about.

It is true that Germans are more privacy conscious. Yesterday for example, the
Federal Bureau of Information Technology (BSI) launched a tool that allowed
Germans the possibility to see if they are 1 of the 16 million identities
recovered from a botnet analysis project. Although the site went down after it
was featured on the nightly national news, it shows that the German government
is actively encouraging and publicizing privacy and crime related issues
affecting the German public.

[http://translate.google.com/translate?sl=de&tl=en&js=n&prev=...](http://translate.google.com/translate?sl=de&tl=en&js=n&prev=_t&hl=en&ie=UTF-8&u=http%3A%2F%2Fwww.spiegel.de%2Fnetzwelt%2Fweb%2Fbsi-
warnt-vor-identitaetsdiebstahl-16-millionen-nutzerkonten-
betroffen-a-944643.html)

Of course it doesn't address the issues of the EU data retention laws and the
access that the BND have to access email whenever they feel like it.

Also, the recent "efforts" of the largest internet service providers in
Germany to encrypt email transport between each other has been seen as more of
a publicity stunt then anything of any real value concerning privacy. Emails
are still unencrypted when stored.

~~~
sentenza
You are aware that Berlin isn't the biggest IT/software cluster in Germany?
There are a lot more companies with a lot more revenue in the Rhein-Main-
Neckar area[1](pdf, image page 3).

It's just that the "sexy, webby" stuff is in Berlin, so it has more
visibility.

[1]
[http://www.softwareclusterbenchmark.eu/images/images/Downloa...](http://www.softwareclusterbenchmark.eu/images/images/Downloads/EU-
Softwarecluster-Benchmark_2013_en.pdf)

------
raverbashing
Let me explain a little bit about the level of privacy in Germany.

In Germany you _don 't_ put the apartment number in a letter. The mailman
matches your name to the name on the mailbox to give you the letter

Even when registering with the government they have what floor number you
live, but not the apartment number.

This is mostly because of the Stasi.

~~~
Argorak
This is not mostly because of the Stasi, which became a hot topic in western
germany after the wall came down.

e.g. in 1981, there was a census planned. It met so much opposition that it
had to be delayed until 1987, especially because of data protection issues
[1].

The main issue is that conflicts with the state have always been common in
Germany, so there is a general distrust towards data collection. Also, privacy
is a regular debate, keeping the whole topic warm. E.g. during the 90s, there
was an attempt to allow acoustic surveillance on a large scale.[2]

BTW: I had to accurately describe where I live. Apartments don't have numbers
in germany, so I live "3rd floor, next to the stairs".

Sorry for the german sources, I couldn't find good english ones.

[1]
[http://de.wikipedia.org/wiki/Volksz%C3%A4hlung_in_der_Bundes...](http://de.wikipedia.org/wiki/Volksz%C3%A4hlung_in_der_Bundesrepublik_Deutschland_1987)
[2]
[http://de.wikipedia.org/wiki/Gro%C3%9Fer_Lauschangriff](http://de.wikipedia.org/wiki/Gro%C3%9Fer_Lauschangriff)

~~~
sentenza
It might be that the gravity of the second sentence in your comment is lost on
the non-Germans here, so let me fill in some more detail: The protests and
controversy regarding the census led to a legal dispute that reached the
constitutional court, from whose ruling a new fundamental right called
"informational self-determination"[1] is derived.

This is unique to Germany.

To understand why this happened, you have to remember that during the 80s,
most Germans had personal experience of organized privacy invasions with
extreme consequences. A "Blockwart"[2] was an NSDAP official _from your
neighborhood_ with the right and duty to sniff out any "ideologically
problematic" behaviour and report it to the Gestapo.

[1] [http://en.wikipedia.org/wiki/Informational_self-
determinatio...](http://en.wikipedia.org/wiki/Informational_self-
determination) [2]
[http://en.wikipedia.org/wiki/Blockleiter](http://en.wikipedia.org/wiki/Blockleiter)

@Argorak: I usually just post a google translate link of the German page.
Better than nothing and so far nobody has complained.

~~~
DanielleMolloy
Just want to emphasize this:

Germany has a __fundamental right on "informational self-determination"__ [1].

From the wiki article:

<< On that occasion, the German Federal Constitutional Court ruled that:
"[...] in the context of modern data processing, the protection of the
individual against unlimited collection, storage, use and disclosure of
his/her personal data is encompassed by the general personal rights of the
[German Constitution]. This basic right warrants in this respect the capacity
of the individual to determine in principle the disclosure and use of his/her
personal data. Limitations to this informational self-determination are
allowed only in case of overriding public interest." >>

This is still quite interesting in several current debates.

[1] [http://en.wikipedia.org/wiki/Informational_self-
determinatio...](http://en.wikipedia.org/wiki/Informational_self-
determination)

------
chmars
The expectation of a higher level of privacy in Germany and other European
countries is usually based on a common misunderstand:

Privacy does not protect against state surveillance, on the contrary: State
Surveillance is always excluded from privacy laws. All European countries, in
particular Germany, cooperate with the US in surveillance.

And while the data privacy regulation in Europa is without any doubt much
stricter in Europe than in the US, it is also very ineffective since there are
usually no direct sanctions except for political cases like Google's
collection of WLAN data. In addition, most start-up companies rely on American
services providers. The advantage of using American service providers is
simply to great to be ignored, and data privacy is rarely an issue. American
service providers are usually much better at offering superior functionality
at a better price.

~~~
sentenza
NO.

There are differences that have everyday consequences. It is illegal in
Germany to share information gained by intelligence agencies with the regular
police[1]. This is eroding, but we are fighting against it.

State surveillance is specifically regulated in a fundamental right that is
unique to Germany[2]. There are officials trying to ignore this (Autobahn
toll-collection), but we are fighting against it.

Most people here use American service providers, American social networks and
the like. Those who are not uneasy regarding the privacy of the data are quite
the minority. Many people use fake names on facebook that only their friends
know (Yea, doesn't work, but they try!) and are very picky regarding the
information they share. German companies with critical information are
avoiding American services or, for those that were to blind to see what was
coming, moving away from American services. Everybody here knows that US
companies are unavoidable these days, but we are trying do do something
against it.

Germans are extremely suspicious of intelligence agencies and completely
disapprove of data sharing with the US and UK. However, it still happens
because, as a consequence of that war we lost, the Western Allies have access
to our intelligence agencies. This seems to be impossible to change, but we
are fighting against it.

[1]
[http://translate.google.com/translate?sl=de&tl=en&js=n&prev=...](http://translate.google.com/translate?sl=de&tl=en&js=n&prev=_t&hl=en&ie=UTF-8&u=http%3A%2F%2Fde.wikipedia.org%2Fwiki%2FTrennungsgebot_zwischen_Nachrichtendiensten_und_Polizei)
[2] [http://en.wikipedia.org/wiki/Informational_self-
determinatio...](http://en.wikipedia.org/wiki/Informational_self-
determination)

~~~
andrewfong
It is (was) also illegal for the NSA to share most of the information it
gathered with local law enforcement but that didn't stop it. There are also
people fighting against it in the U.S., but that doesn't mean it isn't
happening.

Also see [http://arstechnica.com/tech-policy/2013/10/europe-wont-
save-...](http://arstechnica.com/tech-policy/2013/10/europe-wont-save-you-why-
e-mail-is-probably-safer-in-the-us/). The argument there is that (a) a mutual
assistance treaty nullifies Germany's protections because it requires
cooperation with U.S. intelligence and (b) German companies are forbidden from
notifying users if data is requested for law enforcement purposes.

------
f_salmon
What exactly IS "Germany's Privacy Stance"? I'm not sure there's any real
consensus on this question. Or have you all already forgotten about this story
here:

[http://www.spiegel.de/international/world/germany-is-a-
both-...](http://www.spiegel.de/international/world/germany-is-a-both-a-
partner-to-and-a-target-of-nsa-surveillance-a-916029.html)

------
lorenzfx
While there are some houses blurred out (I believe mostly in wealthy
neighbourhoods), Google's Streetview is available in Germany.

~~~
brazzy
When Google was preparing to launch Streetview in Germany, there was a big
media hoo-ha about it and they reacted by givng property owners the
opportunity to have their house blurred; wealth has nothing to do with it,
except that the wealthy are more likely to own the property they live in and
pay attention to stuff like this.

------
themckman
Certainly unrelated to the article, but I've been considering moving from the
US to Germany. As I understand it, Berlin has a pretty thriving tech scene and
I'm targeting it as my destination (Munich has come up, too). Anyone care to
comment on how easy this might be?

~~~
mlent
If you can get the job contract, it's very easy. There are a couple documents
you need (e.g. work contract, local residency registration, flat contract, tax
registration, proof of german health insurance [which is a special letter
written from the health insurance company to the Ausländerbehörde]), but
basically if you have a contract and you're a skilled worker, they'll grant
you residency.

The employer may have to prove, as they did with me, that no one else in the
EU could fill the job as well as you can. So they'd have to put up a listing
for a certain time before you could have the job. If possible, I'd arrive in
Germany with a certain job offer as opposed to being sure you can find one
within your three month tourist visa period.

The more difficult part would be that people who work in foreigner's office
and all other government offices (I had to go to at least three different
offices), as a rule, don't speak English. And you'll visit the
Ausländerbehörde itself at least three times, and they will give you
instructions, orally, in German, on what to do/where to go next.

Further, just as a rule, you will need to learn German in order to feel
comfortable in your day to day life in the country and to integrate. Many tech
companies say that you don't need to know German to work in Berlin -- though
your workplace may operate in English, the rest of your life won't. Learning
the German language is much more difficult than getting residency itself.

Let me know if you have any more questions. I moved from the US to Germany for
a technical job about 6 months ago so I remember full well the procedure.

~~~
themckman
I appreciate the response. I do plan on starting German classes this Spring
and, also, visiting Berlin in the later Summer months. If you have any
pointers on what the best way to look for work is in this situation, I'd love
to hear them. I would like to connect with a few people when I'm out there
and, maybe, planned on working a day or two at a local coop space (if any
exist) just to meet a few people. Thanks, again.

~~~
playing_colours
Hi, please any questions or advice on job search, visa, etc. I am an expat,
software developer, working in Berlin at some startup. My email: 2belikespring
at gmail. Welcome!

------
frenger
I know this is why I use Wunderlist (Berlin), rather than RTM or Things or
similar (USA) - I'm more comfortable under their local privacy obligations.
(In reality I don't know how much difference it makes?)

~~~
WA
In reality it depends on at least two things:

1\. Is their team capable of securing their environment and releasing code
that isn't vulnerable to data theft attacks?

2\. Do they also store all their customers' information in Germany or is it on
some US-based servers?

~~~
Argorak
6wunderkinder seems to use Amazon AWS:

[http://aws.amazon.com/solutions/case-
studies/6wunderkinder/](http://aws.amazon.com/solutions/case-
studies/6wunderkinder/)

~~~
WA
Interesting. Amazon AWS in Europe is hosted all over Europe, e. g. Ireland
etc. They should comply to EU privacy laws, but not necessarily to Germany's
privacy laws. Difficult.

~~~
Argorak
Also, US companies have to comply with the patriot act even for data centers
outside of the US.

EC2 in Europe is hosted in Ireland only.

~~~
lmm
Like any other company operating in Europe, they're subject to punishment if
they're violating EU privacy regulations. That US law obliges them to do so is
no defence.

~~~
Argorak
Sure, they are between a rock and a hard place in that respect. But that
doesn't help you if you want to push your data somewhere out of access from
the US. The company in question has to comply to the requests just as they do
in the US, fine or not.

~~~
lmm
Well it's very hard to make it _physically impossible_ for the US to access
your data. The most practical thing you can do is store your data somewhere
with a solid, well enforced legal system where it would be illegal for anyone
to transport it to the US, or for the US to access it.

I mean, it's just as illegal for the US to access private data in Europe if
the server it's on is owned by a US company or a European one. So it's not
like AWS is especially vulnerable.

------
junto
Here is a nice little anecdote. I previously mentioned that the official
German Federal Bureau of Information Technology (BSI) launched a tool [2] to
help the public find out if their identities were included in the analysis of
a recently cracked botnet that resulted in a database of 16 million people's
identities [1].

Germans can enter their email address and you are given a result as to whether
you were included or not. If you are, you are advised to assume that you
computer is compromised.

I told my office colleagues about this (who are German and not tin-foil hat
wearers by any means), who immediately stated that they wouldn't use it
because they don't trust the government not to spy on them. They specifically
referenced the backdoor / trojan that was attributed to the BND back in 2011
as a case in point [3].

Personally, I think that this little story quite accurately sums up German
attitudes to privacy and distrust of government.

[1]
[https://www.bsi.bund.de/DE/Presse/Pressemitteilungen/Presse2...](https://www.bsi.bund.de/DE/Presse/Pressemitteilungen/Presse2014/Mailtest_21012014.html)
[2] [https://www.sicherheitstest.bsi.de/](https://www.sicherheitstest.bsi.de/)
[3] [http://theconversation.com/ein-spy-is-the-german-
government-...](http://theconversation.com/ein-spy-is-the-german-government-
using-a-trojan-to-watch-its-citizens-3765)

~~~
Perseids
I would like to add that the German distrust of government is fundamentally
different to what I've come to know about the American distrust of government.
We are very careful to give the government power that might be used to control
the populace and further a totalitarian regime. But otherwise we have a strong
government with a robust public health care system, free education (including
great public universities) and reasonably good unemployment insurance. Some of
that is eroding away unfortunately, but by an large Germans have a much more
positive attitude regarding government organization and regulation than
Americans.

~~~
peteretep

        > including great public universities
    

Citation for German universities being great?

~~~
DasIch
I think the focus here is on the public part. Private universities in Germany
don't have a particularly good reputation in general and are considered to be
a way out for children who didn't do well in school but have parents rich
enough to buy them into a university.

Public schools on the other hand are all considered to be more or less equally
good, so it doesn't really matter which one you attended later in life, which
as I gather is different in the US.

------
Mommo
Hey there!

This is Moritz from ZenGuard (the company behind ZenMate).

We really appreciate being mentioned in the article.

Shameless plug: We're currently hiring to build more great products with
privacy in mind, if you're interested in joining our berlin based startup you
can see the open positions here:

[https://zenmate.io/jobs](https://zenmate.io/jobs)

Thanks!

------
igl
Privacy? lol-wat? 1990 is over. Berlin is hyped because it's a cool city at
very low costs with easy visa's.

