In an open letter to the German government, more than 60 individuals, companies and associations from civil society and business are speaking out against the "Cybersecurity Strategy for Germany 2021". SerNet GmbH is among the first signatories and supports the action.
The signatories of the open letter "call on the federal government to postpone the adoption of the cybersecurity strategy to the next legislature or at least to cancel the expansion of powers for the security authorities without replacement. Crucial parts of the strategy have long been highly controversial within the German government and have received massive criticism from representatives of German industry, academia and civil society."
The Interior Ministry's nearly 130-page draft Cybersecurity Strategy 2021 was not submitted until June 9, just before the end of the current legislative period, and experts were invited to comment until June 16.
Criticized - in addition to the questionable timing a few months before the federal election - are the numerous proposed measures "that would push surveillance by German security authorities at the expense of IT security" and lock it in for many years to come, such as circumventing secure encryption. Also flagged are the required powers for active cyber defense, the planned expansion of the Central Office for Information Technology in the Security Sector (ZITiS) while at the same time lacking control and protection measures and without adequate expansion of parliamentary oversight.
The open letter states very clearly, "If the strategy is adopted in its current form, it would cement a cybersecurity policy for years to come for which there is insufficient support in business and society and whose measures have little prospect of improving IT and cybersecurity in Germany. The trench warfare over the direction of national cybersecurity policy would thus be perpetuated - to the detriment of security in Germany."
Among others, the Süddeutsche Zeitung ("Open letter against Seehofer's cybersecurity strategy") and Netzpolitik.org ("For a Real Cybersecurity Strategy Without New Surveillance Measures") already reported on the Open Letter.