2023 Author: Eric Donovan | [email protected]. Last modified: 2023-11-27 05:39
There should have been around 200 cases of incorrectly sent applications. Dietmar Müller, spokesman for the Federal Data Protection Commissioner, is surprised in the Autogazette about the lack of SSL encryption when processing applications for an environmental bonus.
The Federal Office of Economics and Export Control (Bafa) wants to fix the breakdowns when applying for the scrapping bonus on Wednesday night. “The plan is to switch to encrypted technology this night. We'll see tomorrow whether that succeeds,”said Dietmar Müller, spokesman for the Federal Commissioner for Data Protection, the Autogazette.
Car dealer yes, internet cafe rather no
Müller found it “unusual” that so-called SSL encryption to secure the data was not installed from the start. According to information from the Autogazette, there were around 200 cases in which data was made visible to other people.
If the installation of the new technology does not succeed, Müller suggests as an interim solution "to return to the old procedure until the problem is under control." A transfer of data from internet cafes - as suggested by Bafa - considers Müller unsuitable. “Everywhere the use of internet cafes for the transfer of personal data is not recommended and it is brought up by Bafa. That is contradicting itself. So car dealer yes, internet cafe rather no."
No SSL encryption
Autogazette: It was not until March 20 that the Bundestag demanded more data protection security. Ten days later, the scrapping premium, which a federal authority is responsible for processing, can only be applied for via the Internet. Isn't that a contradiction in terms?
Dietmar Müller: No, definitely not. Here a new technology has been chosen to speed up the process in the interest of potential car buyers. The attempt seems to have failed at the moment because the technology does not play along. However, we are in contact with Bafa and the official data protection officer there to clarify the problems.
Autogazette:According to information from the Autogazette, there was also a data breach in 200 cases in which people received other people's applications and could read their data. How are you going to proceed?
Müller: You have to find out whether the problems are systemic and whether they were influenced by other things. We see critically that no SSL encryption has taken place. That's one thing that can be made up for quickly. At the moment I cannot judge why they failed to do that at the first moment. Bafa has meanwhile announced that it should be switched to encrypted technology this night. We'll see tomorrow whether that succeeds.
Autogazette: The fact that there was no SSL encryption from the start is already a scandal?
Müller: It's unusual.
Internet cafe not recommended
Autogazette: The procedure should be viewed critically, because not every driver automatically has Internet access.
Müller: A colleague from the Federal Office referred to the help of the car dealers, who mostly already have the customer data.
Autogazette: We already saw the result on Monday when the overcrowded car dealerships were shown on TV …
Müller: … there was a queue to get rid of the application. It was surprising to me that there is such a thing. I assumed that most of them had an Internet connection themselves.
Autogazette: Experts even suggested a visit to the internet cafe …
Müller: … I personally wouldn't recommend that. Everywhere the use of internet cafes for the transfer of personal data is not recommended and it is brought up by the Bafa. That is contradicting itself. So car dealers yes, internet café rather no.
Return to the old way of working
Autogazette: How high do you rate the risk of “black sheep” logging into the system and redirecting the bonuses posted online to their own accounts?
Müller: That is not just a data protection problem, but more of a financial policy problem, because fraud would have been met. Under data protection conditions, we have to see that only the person concerned receives the answers - and the right one that concerns him.
Autogazette: How should the scrapping premium be processed in the future?
Müller:We are in conversation with Bafa. Unfortunately, they are not quite there yet. Of course, in the interests of our customers, we do not want to delay the process. Unless remedial action can be taken immediately, an interim solution would be to revert to the old procedure until the problem is under control.
Autogazette: But then with SSL encryption.
Müller: It's part of it, but urgently. Data security must be guaranteed and the transmission paths must be designed to be secure. The delivery of incorrect personal applications must not happen. It has to stop immediately.
The interview with Dietmar Müller was conducted by Thomas Flehmer
During a mid-life facelift, the vehicle mostly receives optical retouching. Mazda has refined its small models technically and with one
The first generation of the Nissan Qashqai has more than exceeded the expectations of the Japanese. Now the second edition is supposed to be based on a Touareg tribe
With the Seat Exeo, the brand moves into another league. Customers are likely to be more inclined than averse to the old Audi base in the new look
The Lancia Y was manufactured until 2003. The small car from Italy only received mediocre awards from the ADAC
Little by little, Honda had published pictures of its new generation of the compact class Civic in the last few weeks. At the IAA was the veil