Deutschland 4.0? Germany’s Digital Strategy Over the Next Four Years

Digital and cyber policy issues played an important part in last year’s German election. Here’s what to expect over the next four years.

On Sunday, the members of Germany’s Social Democratic Party (SPD) voted in favor of the coalition agreement that will see Angela Merkel to remain Chancellor for the next four years. Although digital and cyber issues were recurring themes during the election, the agreement leaves many questions unaddressed. Nevertheless, here’s what we can expect from the new German government over the next four years with respect to broadband roll-out, Europe’s digital economy, and cybersecurity.

Building Broadband Infrastructure And Strengthening Education

The coalition sets a goal of bringing gigabit internet speeds to every part of the country by 2025, and wants to enshrine a right to “fast internet” in the constitution within the next four years. To bring fiber to “every region and every county,” the government will support the private sector’s roll out with up to €12 billion in subsidies it hopes to raise though an auction of 5G frequencies.

These goals are laudable, but similar promises in the past have failed to materialize. Four years ago, the same coalition promised speeds of fifty megabits per second by 2018 and failed miserably. Germany currently rankstwenty-eight out of thirty-three in the OECD’s ranking of members with fiber connections. In Japan and South Korea, nearly 80 percent of all network connections are fiber, whereas only 2.1 percent are in Germany—20 percent below the OECD average.

Linked to its broader infrastructure efforts, the federal government will give Germany’s states €3.5 billion to connect schools and universities to the internet under an initiative it is calling “Digitalpakt#D.” As part of its efforts to shape “digital work 4.0,” the coalition will launch a national strategy for continued training and attempt to remove barriers to remote work.

A European Digital Economy?

It is no secret that many German politicians are skeptical of U.S. tech platforms and social media companies. Against this backdrop, the coalition reconfirms its commitment to the network enforcement law to regulate hate speech online, and signals that the law will be “developed further” within the next four years.

Concerned about the growing market power of tech giants, the coalition will launch a “Competition Law 4.0” commission to examine how existing anti-trust regulation could be adapted to take new business models into account. In a similar vein, the government will support efforts to collect taxes from “internet companies,” a term that is not clearly defined. There is a similar lack of detail when it comes to the coalition’s plans of establishing “strong German and European actors in the platform economy.” There is a mention that this fostering these actors could come through subsidizing German start ups but no financials are provided.

The coalition further aims to take a closer look at algorithms and artificial intelligence (AI). A commission on data ethics will be tasked to provide recommendations on the use and regulation of such technologies. Germany will further develop a “Masterplan for AI” and establish a joint AI research center with France to compete with the United States, Canada, and China.


To address emerging cyber threats, the coalition seeks to strengthen Germany’s federal information security agency, the BSI. The BSI will be expected to improve its security advice and offerings to citizens, civil society and small- and medium-sized companies, adding to its current responsibility of advising government and industry. However, the BSI will remain subservient to the Ministry of Interior against the wishes of some in the SPD and German cybersecurity community. The ministry oversees the police and domestic intelligence agency who deploy the government’s lawful hacking tools, which both groups see as incompatible with the BSI’s defensive mandate.

The coalition agreement omits two cybersecurity issues that received a lot of attention in 2017. The first is the legal authority of German federal agencies to “hack back” against adversaries to infiltrate their systems and potentially shut down command and control infrastructures. The second is the creation of a vulnerabilities equities process (VEP) for government agencies that would establish a formalized process for handling vulnerabilities discovered by federal agencies and make it transparent to those outside government. Despite their absence in the agreement, both topics are likely to be revisited in the next four years, especially against the backdrop of the major compromise of German government networks.

Although silent on the VEP, the coalition will look into ways to hold vendors of IT products accountable when they do not report or patch vulnerabilities in time, and will seek to create clearer product liability rules.

Odds and ends

It is noteworthy that the international dimensions of cyberspace are not prominently featured, though it is perhaps unsurprising given the domestic focus of the agreement. There is no mention of the need to build norms and rules for state action in cyberspace. The agreement stresses the coalition’s support for U.S.-EU Privacy Shield to facilitate cross-border data flows for private actors, but is silent on the challenges law enforcement faces when accessing data for evidentiary purposes. There is not even the standard commitment to a “free, open internet” and multi-stakeholder governance processes.

Overall, negotiators of the coalition agreement seemed to want to convince a domestic audience that the internet is no longer Neuland—or new territory to quote Angela Merkel. They successfully proved they were aware of the challenges at hand, but adding “4.0” at the end of a tech-related issue or creating a commission does not make for a truly forward-looking agenda.


This post originally appeared on the Council on Foreign Relations’ Net Politics blog and was republished under a Creative Commons license.

The views expressed are those of the author(s) alone. They do not necessarily reflect the views of the American Institute for Contemporary German Studies.

Mirko Hohmann

Global Public Policy Institute 

Mirko Hohmann was an American-German Situation Room Fellow in March 2018.

Mr. Hohmann is a project manager at the Global Public Policy Institute (GPPi) in Berlin. His research interests lie at the intersection of technology and policymaking as well as global security. He leads GPPi's work on data and technology politics, including the Transatlantic Digital Debates program.

Before joining GPPi full-time as a research associate, Mr. Hohmann was an intern and later a research assistant at the institute. His work experience also includes internships with the German Bundestag and the Boston Consulting Group. Before taking up his studies, Mr. Hohmann worked with Vamos Juntos, an NGO in Bolivia, where he supported shoe shiners in their daily work on the streets of La Paz. He is a member of D64 - Center for Digital Progress, a non-profit think tank that aims to foster public debate on the societal and political impact of digitization. In the fall of 2016, he was an adjunct faculty member at the Hertie School of Governance in Berlin, where he taught on the role of non-Western powers in shaping global norms and institutions. His commentary has appeared in Foreign Affairs, Politico Europe, Der Tagesspiegel, Handelsblatt, Neue Zürcher Zeitung, and Lawfare, among others.

Mr. Hohmann holds a master's degree in public policy from the Hertie School of Governance and a bachelor's degree in international affairs from the University of St. Gallen, Switzerland. During his studies, he studied abroad at the University of Otago in Dunedin, New Zealand, as well as the Lyndon B. Johnson School of Public Affairs at the University of Texas at Austin in the United States. He has received scholarships and financial support from the Foundation of German Business (Stiftung der Deutschen Wirtschaft) and the Hertie School of Governance.