Data Control and Sovereignty

The European Log-in Standard: netID

Within the Group, United Internet uses a number of measures to ensure internet users retain data sovereignty, such as the netID log-in standard that provides them with greater control over their data and enhances user-friendliness. Users have to register for, and provide profile names and passwords to access, almost all internet offerings – from online shops through social media down to app stores. Trying to manage this flood of IDs and passwords is a major challenge for customers. Single sign-on services offer a solution that not only enables users to retain control over their data but is also more user-friendly: Users can register with a large number of online services using a single, secure combination of their user name or e-mail address and password. In March 2018, United Internet, the RTL Deutschland media group, and ProSiebenSat.1 founded the European netID Foundation (EnID) in order to provide a European alternative to US offerings in this area.

This independent foundation developed the netID open standard – a central log-in that is “made in Europe” and with which customers can currently log in to more than 120 partner offerings. The United Internet Group’s GMX and WEB.DE e-mail platforms are among the netID account providers. Users with existing GMX or WEB.DE accounts can use netID to log on to participating partner offerings by entering a combination of their e-mail-address and password. Equally, new users can set up a free netID account with a mix of their e-mail address and a password.

netID stores user consents in a stable, device-independent form, meaning that users are shown consent forms less frequently. Instead of third-party cookies, which are increasingly being blocked, netID uses a stable identifier to identify users that can be accessed by netID partners. This also makes netID interesting for marketers, since they can use netID to power data-driven business models in a way that is both future-proof and legally secure.

netID is subject to the strict European data privacy requirements set out in the GDPR. The foundation reviews all standards, partners, and account providers that are members of the initiative. It also sets high store by transparency and focuses on user data sovereignty. For example, users can independently consent to the use of their data, or revoke such consent, at any time using a “privacy center.” This improves data control in the internet.(1)

(1) The opinion published by the German Data Ethics Commission (DEK) in October 2019 also recommended promoting the use of standards – such as netID – to enable individuals to continuously track and manage the persons and entities to which data access has been granted and to which data has been transferred, so as to be able to assert their rights effectively.

GAIA-X – the European Cloud Project

  • NfS: Customer-related Matters/Data Control and Data Sovereignty
  • GRI 102-12

The idea behind GAIA-X is to build a data ecosystem using European security and data privacy standards that meets the highest digital sovereignty standards. IONOS has been involved in GAIA-X AISBL(1) right from the start, is a member of its Technical Committee, and is actively helping to shape this European initiative. The idea is for the numerous successful local clouds in Europe to cooperate and standardize their operations to create a common “hypercloud” that will allow both large enterprises and SMEs on the European and German markets to exchange and process data in a trusted, secure, and transparent manner. Customers can choose between multiple hosting providers and – thanks to the planned standards – can switch at any time.

(1) “Association internationale sans but lucrative,” a non-profit association under Belgian law.

IONOS is helping with the rapid construction of a European cloud by contributing its many years of experience in developing and operating cloud infrastructures to the GAIA-X project. Our employees are providing their knowledge in working groups on a number of issues, e.g., defining standards and the reference architecture, and establishing certifications. The objective is for GAIA-X to offer a European alternative to the large US and Asian cloud providers known as hyperscalers. Numerous European and German cloud providers, associations, and enterprises are also working on the project in addition to IONOS. In the summer of 2021, the then Federal Ministry for Economic Affairs and Energy held a sponsorship competition and initially selected 16 beacon projects to demonstrate the concrete uses of Gaia-X. IONOS is involved in six of these projects and is the consortium manager for the MARISPACE-X project, which is developing a maritime data space.

See Federal Ministry for Economic Affairs and Climate Protection.