402. Regulation of the Federal Minister for transport, innovation and technology relating to data security (data security regulation TKG-DSVO)
At bottom of articles 94 (4) and 102 c of the Federal law, with which a telecommunications law enacted I will (Telecommunications Act 2003 TKG 2003), Federal Law Gazette No. 70/2003, last modified by Federal Law Gazette I no. 102/2011, is, in terms of §§ 1 to 4 and 8 to 25 in the agreement with the Federal Minister of the Interior and the Federal Minister of Justice, decreed:
Subject matter and scope
The detailed provisions 1 format, of the data fields, and the syntax of the CSV file to provide information about traffic data are § 1 (1) in this Regulation (article 99 par. 5 TKG 2003) and stock data (§ 102 b TKG2003), 2. data security and logging during the transmission of the information referred to in subpara 1 and 3 to the data security in the storage and access logging storage data taken.
(2) the scope of application of this regulation extends to the use of traffic data, location data, access data and master data, insofar as they are processed in connection with the afore-mentioned categories of data.
2. (1) traffic data, access data and location data and, as far as they are processed in connection with the previously mentioned data categories - master data called these "Operating data" 1, as far as provider for in § 99 paragraph 2 and 3 TKG 2003 collected purposes are necessary;
2. "Stock data", as far as this 2003 2003 purposes stock stored 102 b TKG the party solely on the basis of the obligation pursuant to section 102a TKG for in § (article 92 para. 3 Z 6 TKG 2003).
(2) in this regulation 1 refers to "Provider" operator of public communications services, 2. "inventory database" a database for storing data.
§ 3. The provisions of the 3rd section are not to apply in cases of article 98 1 TKG 2003, 2 danger in delay in the cases of § 99 para 5 Nos. 3 and 4 TKG 2003, 3. in the determination of the current location in accordance with §§ 134 ff of the code of criminal procedure 1975 (Ccrp), BGBl. No. 631, as amended by Federal Law Gazette I no. 67/2011, and 4 with accompanying call data in the context of surveillance of messages.
Data security scale
§ 4 (1) who has security measures in the use of data within the meaning of § 2 para 1 to comply with the requirements of § 95 TKG 2003.
(2) when use of retained data the specific provisions expressly regulated in the 2nd section of this Regulation apply to TKG in execution of article 102, paragraph 1 2003 para 1, for a higher safety standard.
Data security the provider within the plant
Appropriate technical and organisational measures to supply data security
5. (1) retained data must be stored by the provider in a way, that their logical distinction of operating data each time and each time you use is unique.
(2) a physically separate data storage operation and storage data is not necessary. The provider has appropriate technical and organisational measures to ensure that the inventory database in a way is designed, that access to retained data only in compliance with the specific safety regulations according to § 7 is possible.
(3) If no operational justification for storing as operational data, are to promptly delete this data from the operational databases and to convict in the inventory database. Should be stored in the inventory database previously is according to § 6 be, marking the concurrent operational storage shall at the same time or immediately after deletion from the operational databases to remove.
(4) the provider has traceable to document the method for the technical and organisational separation and this documentation in the event of an audit by the Privacy Commission pursuant to section 102 c par. 1 TKG 2003 upon request of the data protection Commission to make accessible.
(5) the provider has the memory duration of operating data, as well as any relevant internal guidelines for the case of a review by the Privacy Commission pursuant to section 102 c par. 1 TKG 2003 or at the request of the data protection Commission to biometrical.
Distinction between operating and storage data
6. (1) an order of the public prosecutor's Office in accordance with section 135 para 2a StPO information on retained data entitled to process operational data the provider in any case to fulfil its obligation of information and deliver.
(2) If a report contains data, the provider has to convey this fact as additional information.
(3) to simplify the operations with regard to information in accordance with § 99 paragraph 5 TKG 2003 or § 102 b TKG 2003 allowed the provider who then already save data mentioned in article 2, paragraph 1 in the inventory database, if this data at the same time as operating data are stored. In this case, it is important to make these data also in the operationally necessary data banks of the provider are available in the inventory database for each data category marked.
(4) contains an information stock data, which are stored in accordance with paragraph 3 at the same time as operating data, the provider has to convey this fact as additional information.
Tamper-proof logging and four-eyes-principle access to retained data
Section 7 (1) the provider has its technical and organisational level systems in such a way, that access to retained data only by specially empowered employees in accordance with the four eyes principle is possible. Any access to retained data must be authorized by two persons with a special authorization for this purpose. The authorization can be also promptly subsequently by the second person to access by the first person, if thereby the effective safeguarding of the four eyes principle is ensured.
(2) access to retained data or operating data in the case of an order of the public prosecutor's Office in accordance with section 135 para 2a StPO must be logged as the provider, that alteration and falsification of log data are protected and the integrity, the regularity, the protection against loss, compliance with the retention periods as well as documentation, traceability and auditability of the procedure are respected.
(3) the logging contains the reference to the public prosecutor or court order pursuant to the provisions of the StPO, the transmission of data underlying, 2. in the cases of § 99 5 announced the provider with information requests 1 Z 3 and 2003 the known 4 TKG the provider with information requests input file number of the safety authority, 3. the date of the request (delivery in the mailbox of the provider in the pass Office pursuant to § 17 para 1) As well as the date and the exact Time of the granted information (delivery of the response in the mailbox of the authority in the pass Office in accordance with article 17, para. 3), and to transmit this data from the pass site as additional information to the provider, 4. the number of transmitted data rates disaggregated according to the date of the communication process and the categories referred to in Article 102a para 2 to 4 TKG 2003 (classification of categories in accordance with the annex, section 1.1.2) , 5. the duration of storage of data from the date since forwarded the data as operating (§ 2 ABS. 1 Z 1) and retained data in accordance with article 2, paragraph 1 were stored as no. 2, at the time of the arrangement of the information (date of the public prosecutor arrangement pursuant to § 138 para 3 StPO or date of the request according to article 53 paragraph 3a and 3B of the Security Police Act - SPG, Federal Law Gazette No. 566/1991 as amended by Federal Law Gazette I no. 33/2011) , 6. the name and address of the participant concerned by the information on retained data, unless the provider has this data, 7 a unique identifier that allows an Association of persons, who have accessed in the company of the supplier to supply data and 8 in the case of information on retained data (§ 135 para 2a StPO) the underlying the arrangement underlying criminal offense, otherwise the note , that only operating data is used.
Data transmission security of mission-critical traffic and location data and inventory data for information purposes to law enforcement and security agencies
8. (1) the transmission of data via a central pass Office, which the Federal Ministry of transport, innovation and to establish technology at the Federal Computing Centre GmbH has.
(2) the technical specifications for the pass point has an encrypted transmission path provided (transport encryption).
(3) in addition, there is an encryption of the content of the request as well as the response from sender to recipient through asymmetric encryption methods to provide (content encryption). Asymmetric encryption algorithms can be implemented as a hybrid procedure.
(4) through the pass, the participants of the exchange of data on an advanced electronic signature are identified and authenticated.
Run site - basic structure
9. (1) the pass is an electronic mailbox system for the secure processing of requests and information within the meaning of § 94 4 TKG 2003. All participants are connected via an encrypted transmission channel on the run job.
(2) the continuous interchange is set up in a way that for Federal Data Center GmbH as a service provider of the lead spot in the sense of § 4 Z 5 of the data protection Act 2000 (DSG 2000), Federal Law Gazette I no. 165/1999 as amended by Federal Law Gazette I no. 133/2009, access to personal content requests to data information as well as impossible by the answers is.
(3) through the pass are both handled information on retained data as well information on operating data. Exceptions are permitted only to the extent that is standardized by section 3. Audit-proof statistically judging information collected via the pass.
(4) in the specification to the pass point must be provided, verify the integrity of the data and the identity of the sender by the receiver can (signature).
Establishment and operation of the pass Office - client and implementation
10. (1) the establishment and the operation of the pass Office and certificate management and data safety are the responsibility of the Federal Minister for transport, innovation and technology.
(2) the establishment, certificate management and the operation of the pass Office are made by the Federal Data Center GmbH. The Federal Data Center GmbH is functional service provider within the meaning of § 4 Z 5 DSG 2000 each for the contracting authority, for its application data flow instead be passed or adopted by the lead agency.
(3) the Federal Minister for transport, innovation and technology can serve to the auditing of the actual implementation of the technical specification by the Federal Data Center GmbH of a service provider.
Auditing the run job functions
§ 11. The Federal Minister for transport, innovation and technology ensures that 1 the actual implementation of the run place by the Federal Data Center GmbH compliant to the run position, 2. those services that are provided, by the lead agent for execution in the client software of to the respective user for a client administrator is verifiable (signature) and matches the interface definition to the run position, 3. a correct data transfer allows only an audited interface-compliant software of instantaneous point , 4th only authenticated users can store their public key in the run position clearly to their respective institution belonging and 5. subject to any change in the pass point of a re-audit for the purpose of ensuring the possibility of the authenticity of the software by the end user.
Functions of the run site at a glance
Section 12 (1) the pass Office provides TKG for the processing of information in the meaning of § 94 4 2003 electronic mailboxes that can be use by using a Web service or a Web application.
(2) all services for the handling of information requests on the legitimate authorities, as well as all according to section 102a TKG 2003 storage requiring providers is assigned to each a Subscriber ID and a corresponding mailbox by the lead agency. Each user only has access to the mailbox of the participant (service or provider) to which the user belongs to.
(3) the authentication of the user is done through the pass in accordance with the provisions of article 13.
(4) the encryption of the transmission path is through the pass using a suitable technology according to the State of the art to ensure.
(5) for the encryption of the requests and the information provided by the lead managed the public keys of all authorized services and all pursuant to section 102a TKG 2003 storage requiring providers. Only authenticated users can store the public key of your organization at the pass Office. Each user pick the public key of the recipient to encrypt the content at the pass Office before sending his message.
(6) all information cases are revision-safe to log in the run position. The extent of this logging is regulated in section 22.
Authentication - integration via the portal's laminated and unique ID.
Section 13 (1) awards the pass point to each request a single, clearly identifiable transaction number to check the authenticity of the request and to track of each request and their answer (unique ID). From the transaction number operator can be connected to the underlying concrete request of the authority as well as on the requested.
(2) the authentication of the user of the legitimate authorities is carried out through the respective master portal of user (Portal Federation).
(3) for the authentication of the user pages of the provider is in the specification to the run position a master portal to provide that the security class 3, version 2.1.0 of February 8, 2008, available at "http://reference.e-government.gv.at/uploads/media/SecClass_2-1-0_2007-12-14.pdf", the portal Federation Agreement, version 1.0 of 21 November 2002, available under "http://reference.e-government.gv.at/uploads/media/pvv1.0-21112002.pdf", is equivalent to.
Section 14 (1) the Federal Minister of the Interior and the Federal Minister of Justice announce a limited number of departments of Federal Data Center GmbH for the specification of the pass point are entitled as a participant in the lead spot for the handling of information requests.
(2) subsequent changes of departments announced under paragraph 1 are to announce by Federal Minister for Home Affairs and the Minister of Justice of the Federal Data Center GmbH for the instigation of corresponding changes in the run position.
(3) for the data protection Commission, the Federal Minister for Justice and the legal protection officer at the Federal Ministry of Justice and the Federal Minister of the Interior an access is in the specification to the run position each provided, which allows access to the log data in accordance with § 22 para 4 or to the statistics referred to in article 23, para. 3 depending on the particular task of these posts.
Access the provider
Section 15 (1) connection to the run position is mandatory for all providers that are required pursuant to section 102a par. 6 TKG 2003 to data retention. All subject to storage provider for first time setup of the root portal of the provider in accordance with § 13 para 3 is calculated by the Rundfunk und Telekom Regulierungs-GmbH, which is a list of all recognised providers of Federal Data Center GmbH for the import and release available.
(2) creates a new memory requiring provider or an existing falls away, the Rundfunk und Telekom Regulierungs-GmbH has known all of the necessary information about this provider of Federal Data Center GmbH for the release or to disable the connection to the run position to give.
Level of safety of the connection
Section 16 (1) has the connection of the authorities pass instead to comply with the requirements of the safety category 3 in the portal Federation Agreement.
(2) the connection of the provider at the pass point has the requirements of security level 3, version 1.3 of 24 July 2003, available under "http://www.digitales.oesterreich.gv.at/DocView.axd?CobId=21832" from the definition of the levels of security in communications citizen - authority in the field of E-Government to meet.
Mailboxes and delivery
Section 17 (1) an information request of an authorized user's authority across is delivered to the mailbox of the provider selected through the pass. The pass point allows you to select of multiple providers. The specification to the pass point has to provide for a system of notification about receipt of information sought in the mailbox of the provider. The collection of the information sought is performed manually by access on the mailbox of the provider after appropriate authentication of the user. A collection of the information sought by Web service can be provided in the specification to the run position.
(2) in the specification to the pass site, you must ensure that a response can be done already before submitting the request via continuous point. To do this, a unique ID is awarded automatically through the pass the provider.
(3) the response of information sought by the provider is by sending an encrypted CSV file according to the interface specification in the annex to this regulation. The run position automatically ensures that the reply to the correct mailbox is delivered to the requesting Department. In the cases of paragraph 2, the addressed services must be determined by individual selection via the pass however.
(4) the pass agency sent a notice of the filing of the response to the service after receipt of the reply in the mailbox of the requesting Department.
(5) the collection use of the information is performed manually through access to the mailbox of the services after appropriate authentication of the user. A collection of information via a Web service can be provided in the specification to the run position.
Encryption/signature of the response
Section 18 (1) the Federal Ministry for transport, innovation and technology, which technically performs this function via the pass is the trusted authority for the filing of certificates. Each participant, you can save its unique key in the run position only to his institution.
(2) the authenticity of the software of that is provided by the pass point to encrypt the client available, must be clearly verifiable for a client administrator. The encryption and signature page is done on the client, only the public key will be picked up at the pass Office.
(3) in the specification to the run position, a clear definition of the file name for the transmission of the response, as well as the signature to the encryption of files is to perform. It is an advanced electronic signature within the meaning of section 2 No. 3 of the signature Act, Federal Law Gazette I no. 190/1999 as amended by Federal Law Gazette I no. 75/2010, be provided.
(4) if the response consists of multiple CSV files, it is optionally possible to combine all files into a query to a full version. The full version can optionally be compressed. The compressed or uncompressed full version is to encrypt individual files but not for delivery.
Section 19 (1) through the pass is for each query to select whether it is an information request according to § 53 para 3a SPG, according to § 53 para 3 b SPG, according to § 76a StPO, pursuant to article 135, paragraph 2 StPO or according to § 135 para 2a StPO or section 21 is a master data information. In the run, a field for the entry of an arrangement underlying the offence for logging in accordance with § 7 paragraph 3 is to provide Z 8. An any input mask on authority page can be designed freely in accordance with the interface specification in the system.
(2) this applies by analogy to an any input mask to Provider page. In particular, no obligation for automated filling of the CSV file.
§ 20. The pass point has to support the transmission of additional information. Additional information can be entered if necessary via a Web interface to the appropriate query. This additional information might describe reasons for an empty message. Whether and to what extent a Web interface on the pass pages will be made available, is to regulate in the specification to the run position. In any case, that the pass has no access to personal content of information requires.
Optional master data information via the pass
§ Can opt each 21 provider and access legitimate authority in agreement, to complete master data information via the pass. The technical details of such information are to regulate the specific fiction to the run position.
Logging of the pass Office
§ 22 (1) contains the logging of the pass point no personal data. The unique ID of each inquiry establishes the connection between every request and their answer person unrelated.
(2) for the submission of the response to an information request, the provider has to submit the log information pursuant to § 7 para 3 Z 5 and 8 for the purposes referred to in paragraph 4 to the run position.
(3) the Protocol data are sent unencrypted in a log file via the secure transport connection to the run position. The format of the file and the file name are set in the specification to the run position.
(4) the Protocol data are accessible only for the defined protocol data receiver and be archived within the pass Office in a separate database. For the data protection Commission and the legal protection officer at the Federal Ministry of Justice and the Federal Minister of the Interior special permissions to access the log data must be provided in the specification to the run position.
Statistics from log data
23. (1) the statistics for the fulfilment of the obligation under article 10 of Directive 2006/24/EC on the retention of data generated or processed in the provision of publicly available electronic communications services or public communications networks and amending Directive 20023/58/EC, OJ No. L 105 of April 13, 2006, S 54, should automatically be prepared in the run position. The exact definition of the statistics to be created is to perform in the specification to the run position.
(2) for the compilation of statistics, the protocol information pursuant to § 7 para 3 Z 3 to 5 and Z 8 are required. Nos. 5 and 8 has to submit the provider with which information is sought on the run job answering the information pursuant to § 7 para 3.
(3) 102 c para 4 get TKG 2003 of the Federal Ministry of Justice, the privacy Council, and the Commission for data protection pursuant to § access to the statistics of the run site. In addition, an electronic access for legal protection officers at the Federal Ministry of Justice and the Federal Minister of the Interior must be provided in the specification to the run position.
Cost assumption of instantaneous point
§ 24. The investment costs for the continuous authority are investment costs in accordance with article 94, paragraph 1 TKG 2003.
Definition syntax and semantics of the CSV file for information
Interface definition EP020
§ 25. The interface definition stems from the plant.