Case study: How Deutsche Telekom promotes data privacy and security
As a leading global information and telecommunications technology company, present in over 50 countries worldwide and with 165 million mobile customers, 28,5 million fixed-network lines and 18,5 million broadband lines, promoting data privacy and security is a top priority for Deutsche Telekom Tweet This!, in trying to gain customers’ trust.
This case study is based on the 2015 Corporate Responsibility Report by Deutsche Telekom published on the Global Reporting Initiative Sustainability Disclosure Database that can be found at this link. Through all case studies we aim to demonstrate that CSR/ sustainability reporting done responsibly is achieved by identifying a company’s most important impacts on the environment and stakeholders and by measuring, managing and changing.
Abstract
According to a survey conducted by TNS Emnid for Deutsche Telekom in February 2016, nearly half of the German population (48%) has fallen victim to Internet crime. Guaranteeing data privacy and security is, thus, highly important for Deutsche Telekom. In order to promote data privacy and security Deutsche Telekom took action to:
- publish an annual data privacy and Transparency Report
- provide employees with data privacy training
- annually audit data privacy standards
- raise employee awareness about data privacy
Subscribe for free and read the rest of this case study
Please subscribe to the SustainCase Newsletter to keep up to date with the latest sustainability news and gain access to over 100 case studies. These case studies demonstrate how companies are dealing responsibly with their most important impacts, building trust with their stakeholders (Identify > Measure > Manage > Change).
With this case study you will see:
- Which are the most important impacts (material issues) Deutsche Telekom has identified;
- How Deutsche Telekom proceeded with stakeholder engagement, and
- What actions were taken by Deutsche Telekom to promote data privacy and security
Already Subscribed? Type your email below and click submit
What are the material issues the company has identified?
In its 2015 Corporate Responsibility Report Deutsche Telekom identified a range of material issues, such as ICT solutions for a low-carbon economy, service quality, ICT and child safety, cyber safety, talent acquisition, retention, development and staff reduction, climate change mitigation. Among these, promoting data privacy and security stands out as a key material issue for Deutsche Telekom.
Stakeholder engagement in accordance with the GRI Standards
The Global Reporting Initiative (GRI) defines the Principle of Stakeholder Inclusiveness when identifying material issues (or a company’s most important impacts) as follows:
Stakeholders must be consulted in the process of identifying a company’s most important impacts and their reasonable expectations and interests must be taken into account. This is an important cornerstone for CSR / sustainability reporting done responsibly.
Key stakeholder groups Deutsche Telekom engages with:
| Stakeholder Group | Method of engagement |
| General public / all stakeholders | · Annual CR report · Telekom.com/responsibility · We Care app magazine |
| Employees | · engagement@telekom corporate citizenship program · Telekom Social Network · Internal events such as Guiding Principles Day |
| Customers | · Free 24-hour service · Used cell-phone collection campaigns · Involvement in product development |
| Suppliers
| · Development programs for suppliers · CR Stakeholder Forum |
| Analysts and investors | · SRI roadshows · Webinars |
| Non-governmental organizations (NGOs) | · Collaborations · Stakeholder dialog |
| Politics | · Political advocacy at EU, Germany-wide and state level · Memberships, e.g., in the ZIRP Rhineland-Palatinate initiative for the future (www.zirp.de) |
| Journalists | · Workshops, e.g., with Deutsche Journalistenschule students |
| Compliance experts | · Exchange and membership in international and national organizations |
| Corporate partners | · Collaborations and partnerships for the development of sustainable solutions |
How stakeholder engagement was made to identify material issues
To identify and prioritize material aspects Deutsche Telekom evaluated the results of an online stakeholder survey among 312 stakeholders (including customers, employees, analysts and investors, NGO representatives, suppliers and others).
What actions were taken by Deutsche Telekom to promote data privacy and security?
In its 2015 Corporate Responsibility Report Deutsche Telekom reports that it took the following actions for promoting data privacy and security:
- Publishing an annual data privacy and Transparency Report
- Deutsche Telekom was the first DAX-30 company to publish an annual data privacy report in 2008, regarding all relevant processes, and since 2011 has been also publishing an integrated data privacy and data security report. Additionally, since 2014 Deutsche Telekom has been publishing an annual Transparency Report, relating to the amount and types of information shared by the company with German and international security agencies.
- Providing employees with data privacy training
- Every two years Deutsche Telekom’s employees receive data privacy training, with specific trainings carried out in the company’s customer and human resources departments to minimize the risk of data abuse, which include online courses, presentations, and face-to-face courses on topics such as “Data privacy at call centers”.
- Annually auditing data privacy standards
- Deutsche Telekom carries out an annual data privacy audit, intended to measure and improve the company’s general data privacy standards. In 2015, 30 per cent of Deutsche Telekom’s employees were randomly chosen and interviewed online, with the data privacy audit accompanied by data privacy officers’ self-assessments at Deutsche Telekom’s national companies, relating to the implementation of the Binding Corporate Rules on Privacy.
- Raising employee awareness about data privacy
- Deutsche Telekom launched, in January 2015, an international campaign aimed at increasing employee awareness of data privacy’s importance. Approximately 150 employees participated in the “Don’t give the data slob a chance” ideas competition, addressing the issue of dealing with data privacy lightly in a number of ways, including cartoons and videos.
Which GRI indicators/Standards have been addressed?
The GRI indicator addressed in this case is: G4-PR8: Total number of substantiated complaints regarding breaches of customer privacy and losses of customer data and the updated GRI Standard is: Disclosure 418-1 Substantiated complaints concerning breaches of customer privacy and losses of customer data
78% of the world’s 250 largest companies report in accordance with the GRI Standards
SustainCase was primarily created to demonstrate, through case studies, the importance of dealing with a company’s most important impacts in a structured way, with use of the GRI Standards. To show how today’s best-run companies are achieving economic, social and environmental success – and how you can too.
Research by well-recognised institutions is clearly proving that responsible companies can look to the future with optimism.
7 GRI sustainability disclosures get you started
Any size business can start taking sustainability action
GRI, ISEP, CPD Certified Sustainability courses (2-5 days): Live Online or Classroom (venue: London School of Economics)
- Exclusive FBRH template to begin reporting from day one
- Identify your most important impacts on the Environment, Economy and People
- Formulate in group exercises your plan for action. Begin taking solid, focused, all-round sustainability action ASAP.
- Benchmarking methodology to set you on a path of continuous improvement
References:
1) This case study is based on published information by Deutsche Telekom, located at the link below. For the sake of readability, we did not use brackets or ellipses. However, we made sure that the extra or missing words did not change the report’s meaning. If you would like to quote these written sources from the original, please revert to the original on the Global Reporting Initiative’s Sustainability Disclosure Database at the link:
http://database.globalreporting.org/
2) http://www.fbrh.co.uk/en/global-reporting-initiative-gri-g4-guidelines-download-page
3) https://g4.globalreporting.org/Pages/default.aspx
4) https://www.globalreporting.org/standards/gri-standards-download-center/
Note to Deutsche Telekom: With each case study we send out an email to your listed address in request for a comment on this case study. If you have not received such an email please contact us.