Wer weiss was e mail verschlüsselung pflicht

In Germany, the obligation to encrypt emails is regulated by the Federal Data Protection Act (Bundesdatenschutzgesetz, BDSG) and the Telecommunications Act (Telekommunikationsgesetz, TKG). Here are some key points:

1. Confidentiality: According to § 9 BDSG, personal data must be kept confidential. This includes emails that contain personal data, such as names, addresses, or other sensitive information.
2. Encryption: To ensure confidentiality, emails containing personal data must be encrypted. This applies to both the transmission and storage of emails.
3. Scope: The obligation to encrypt emails applies to all organizations that process personal data, including companies, public authorities, and non-profit organizations.
4. Exceptions: There are some exceptions to the encryption obligation, such as:
   • Emails that are sent to individuals who have explicitly consented to the processing of their personal data.
   • Emails that contain only anonymous or pseudonymous data.
   • Emails that are sent for journalistic or artistic purposes.
5. Implementation: Organizations must implement appropriate technical and organizational measures to ensure the confidentiality, integrity, and availability of emails containing personal data. This includes encrypting emails using secure protocols, such as TLS (Transport Layer Security) or PGP (Pretty Good Privacy).
6. Monitoring: Organizations must monitor their email systems to detect and prevent unauthorized access to emails containing personal data.

In summary, in Germany, the obligation to encrypt emails is mandatory for organizations that process personal data, unless there are specific exceptions.