If you want digital policy done right, propose it yourself

Fed up with the digital policies in Germany or the lack thereof in the past decades, EDRi member Chaos Computer Club e.V. (CCC) submitted their own proposal for a digital agenda of the new German government.

Digital policy has been severely neglected by past governments. This explains the extended list of topics being tackled in this proposal.

The main demands are:

• A federally funded, long-standing effort to eliminate digital illiteracy in schools, universities, government agencies and offices, among politicians and judges. Digital literacy can be conveyed and must regain its appeal.
• Gain actual IT sovereignty by building up competencies at the federal and state levels to be able to evaluate digital projects, accompany their development and ensure their subsequent operation, combined with mandatory consultation of these bodies even before projects are awarded.
• Funding for the continuous promotion of open-source software infrastructure (creation, audits and continuous maintenance) in order to create a secure, maintainable digital infrastructure that meets minimum requirements for software quality, IT security and energy-efficient programming and whose components are also suitable for widespread use in industry and administration.
• Establishment of an effective digital administration without buzzword projects in order to contain the bureaucratic burden on citizens and companies and also to relieve offices and authorities.
• Mandatory provision of results of public IT contracts and research, among other things through the principle of “public money, public code” in the sense of a fundamental public domain of the results of tax-funded research and projects.
• Abolition of the hacker paragraph and data retention, prohibition of the development or acquisition of offensive cyber tools by the state in favour of a commitment to a defensive cyber foreign policy.
• A clear commitment to cryptographic freedom: turning away from crypto-bans and the strategic weakening of cryptographic systems. This is not only necessary in terms of content, but also an urgently needed confidence-building measure to make the IT expertise that is abundantly available in Germany accessible to the state again.
• Introduction of costs by cause principle for IT security problems, the costs of which have so far been externalised by the manufacturers: Liability for uncorrected or accumulated IT security problems including an insurance obligation, mandatory specification of an expiry date and a minimum operating guarantee for all software components on the devices and any backends necessary for their function.
• A credible sustainability initiative, including the right to repair, freedom of terminal equipment, mitigation of the “Radio Equipment Directive” to enable the upcycling of radio equipment using open-source software, funding for basic research into open hardware with energy-efficient designs.
• The operation of highly automated systems whose autonomous decisions affect people’s fundamental rights must be investigated and approved by a data ethics commission. The harming or killing of humans by autonomous systems must be prohibited in all cases. In principle, there must be a right to decisions by humans.

The CCC hopes that the new government of Germany will become aware of its responsibility to quickly address the undesirable developments and neglect of the past years and take the path to a better future with a comprehensive programme for sustainable digitalisation that respects civil and human rights.

Image credit: Sigmund / Unsplash

(Contribution: EDRi member, Chaos Computer Club e.V. )