The case for CSR/ Sustainability Reporting Done Responsibly


IDENTIFY - MEASURE - MANAGE - CHANGE

Insights on how you can protect the environment, maintain and increase the value of your company, through a structured process.

Insights on how you can protect the environment, maintain and increase the value of your company, through a structured process.

Home / case studies / Case study: How Deutsche Telekom ensures data privacy and security

Case study: How Deutsche Telekom ensures data privacy and security

As a leading global information and telecommunications technology company, present in over 50 countries worldwide and with 165 million mobile customers, 28,5 million fixed-network lines and 18,5 million broadband lines, ensuring data privacy and security is a top priority for Deutsche Telekom  Tweet This!, in striving to gain customers’ trust.

This case study is based on the 2015 Corporate Responsibility Report by Deutsche Telekom published on the Global Reporting Initiative Sustainability Disclosure Database that can be found at this link. Through all case studies we aim to demonstrate that CSR/ sustainability reporting done responsibly is achieved by identifying a company’s most important impacts on the environment and stakeholders and by measuring, managing and changing. 

Layout 1

Abstract

According to a survey conducted by TNS Emnid for Deutsche Telekom in February 2016, nearly half of the German population (48%) has fallen victim to Internet crime. Guaranteeing data privacy and security is, thus, highly important for Deutsche Telekom. In order to ensure data privacy and security Deutsche Telekom took action to:

  • publish an annual data privacy and Transparency Report
  • provide employees with data privacy training
  • annually audit data privacy standards
  • raise employee awareness about data privacy

What are the material issues the company has identified?

In its 2015 Corporate Responsibility Report Deutsche Telekom identified a range of material issues, such as ICT solutions for a low-carbon economy, service quality, ICT and child safety, cyber safety, talent acquisition, retention, development and staff reduction, climate change mitigation. Among these, ensuring data privacy and security stands out as a key material issue for Deutsche Telekom.

Stakeholder engagement in accordance with the GRI Standards

The Global Reporting Initiative (GRI) defines the Principle of Stakeholder Inclusiveness when identifying material issues (or a company’s most important impacts) as follows:

“The organization should identify its stakeholders, and explain how it has responded to their reasonable expectations.”

Stakeholders must be consulted in the process of identifying a company’s most important impacts and their reasonable expectations and interests must be taken into account. This is an important cornerstone for CSR / sustainability reporting done responsibly.

Key stakeholder groups Deutsche Telekom engages with:   

Stakeholder Group                Method of engagement
General public / all stakeholders ·         Annual CR report

·         Telekom.com/responsibility

·         We Care app magazine

Employees ·         engagement@telekom corporate citizenship program

·         Telekom Social Network

·         Internal events such as Guiding Principles Day

Customers ·         Free 24-hour service

·         Used cell-phone collection campaigns

·         Involvement in product development

Suppliers

 

·         Development programs for suppliers

·         CR Stakeholder Forum

Analysts and investors ·         SRI roadshows

·         Webinars

Non-governmental organizations (NGOs) ·         Collaborations

·         Stakeholder dialog

Politics ·         Political advocacy at EU, Germany-wide and state level

·         Memberships, e.g., in the ZIRP Rhineland-Palatinate initiative for the future (www.zirp.de)

Journalists ·         Workshops, e.g., with Deutsche Journalistenschule students
Compliance experts ·         Exchange and membership in international and national organizations
Corporate partners ·         Collaborations and partnerships for the development of sustainable solutions

How stakeholder engagement was made to identify material issues

To identify and prioritize material aspects Deutsche Telekom evaluated the results of an online stakeholder survey among 312 stakeholders (including customers, employees, analysts and investors, NGO representatives, suppliers and others).

What actions were taken by Deutsche Telekom to ensure data privacy and security?

In its 2015 Corporate Responsibility Report Deutsche Telekom reports that it took the following actions for ensuring data privacy and security:

  • Publishing an annual data privacy and Transparency Report
  • Deutsche Telekom was the first DAX-30 company to publish an annual data privacy report in 2008, regarding all relevant processes, and since 2011 has been also publishing an integrated data privacy and data security report. Additionally, since 2014 Deutsche Telekom has been publishing an annual Transparency Report, relating to the amount and types of information shared by the company with German and international security agencies.
  • Providing employees with data privacy training
  • Every two years Deutsche Telekom’s employees receive data privacy training, with specific trainings carried out in the company’s customer and human resources departments to minimize the risk of data abuse, which include online courses, presentations, and face-to-face courses on topics such as “Data privacy at call centers”.
  • Annually auditing data privacy standards
  • Deutsche Telekom carries out an annual data privacy audit, intended to measure and improve the company’s general data privacy standards. In 2015, 30 per cent of Deutsche Telekom’s employees were randomly chosen and interviewed online, with the data privacy audit accompanied by data privacy officers’ self-assessments at Deutsche Telekom’s national companies, relating to the implementation of the Binding Corporate Rules on Privacy.
  • Raising employee awareness about data privacy
  • Deutsche Telekom launched, in January 2015, an international campaign aimed at increasing employee awareness of data privacy’s importance. Approximately 150 employees participated in the “Don’t give the data slob a chance” ideas competition, addressing the issue of dealing with data privacy lightly in a number of ways, including cartoons and videos.

Which GRI indicators/Standards have been addressed?

The GRI indicator addressed in this case is: G4-PR8: Total number of substantiated complaints regarding breaches of customer privacy and losses of customer data and the updated GRI Standard is: Disclosure 418-1 Substantiated complaints concerning breaches of customer privacy and losses of customer data

 

References:

1) This case study is based on published information by Deutsche Telekom, located at the link below. For the sake of readability, we did not use brackets or ellipses. However, we made sure that the extra or missing words did not change the report’s meaning. If you would like to quote these written sources from the original, please revert to the original on the Global Reporting Initiative’s Sustainability Disclosure Database at the link:

http://database.globalreporting.org/

2) http://www.fbrh.co.uk/en/global-reporting-initiative-gri-g4-guidelines-download-page

3) https://g4.globalreporting.org/Pages/default.aspx

4) https://www.globalreporting.org/standards/gri-standards-download-center/

 

Note to Deutsche Telekom: With each case study we send out an email to your listed address in request for a comment on this case study. If you have not received such an email please contact us.

Trending News

X