De-Mail is a German E-Government communications service that makes it possible to exchange legal electronic documents between citizens, agencies, and businesses over the Internet. The project called Bürgerportal is realized by the German government in cooperation with private business partners in an effort to reduce communication costs of administration and companies.
The project was announced in 2008 and has been accepted by Bundestag and Bundesrat in early 2011. The De-Mail law (which serves as the legal basis for the service) went into effect on May 2, 2011.
With the introduction of De-Mail the German legislation implements the EU Directive on services in the internal market which demands that authorities accept legally binding electronic communications by the end of 2009.
The government specifies legal and technical requirements for the services, but does not provide the services. The services are provided by private companies which are allowed to provide De-Mail services after an official certification process.
Besides email communication, other services are specified that support the communication process.
De-Mail is the email communication service which also specifies several options commonly known from postal mail, such as registered mail, personal delivery (delivery only to the recipient, not to any representatives), delivery and pick-up notifications.
De-Mail accounts can be registered by individuals and companies and require identification of the applicant. Email addresses for individuals have the form <Firstname>.<Lastname>@<De-Mail-Provider>.de-mail.de (but can also be registered for pseudonyms if marked as such); companies can also register subdomains in the form of <Domain-Name>.de-mail.de.
De-Ident allows users to request signed proof of identity from their provider (based on the identification during the account sign-up process) which can then be forwarded via De-Mail to e.g. online shops to provide proof of identity, age, etc.
De-Safe provides users with encrypted online storage for documents. Usage of this service does, however, not fulfill the legal storage and archiving requirements for documents.
Usage should be voluntary all users, and should only be an additional option to postal mail.
Several aspects of the law have sparked criticism of the system.
Communication between De-Mail and regular email addresses is not possible. The same applies to clients using the electronic court and administration mail (Elektronisches Gerichts- und Verwaltungspostfach) which already provides legal electronic communication between courts and other participating governmental organizations.
End-to-end encryption can be offered by the providers but is not mandatory. This would make it possible for providers to read emails before transmission and can constitute a possible point of attack. However, users can still apply encryption before sending De-Mail messages.
The data provided during the identication process for the account creation is centrally stored and available to the authorities. The De-Mail law even specifies naming the account owner to private individuals.
Official notifications are delivered once they are available in the recipient's mailbox. This is contrary to the postal mail, where a letter is only seen as legally delivered after it has been accepted by the recipient.
The following companies are currently accredited as De-Mail providers
Deutsche Telekom AG
Mentana-Claimsoft
T-Systems
United Internet AG (brands GMX, 1&1, Web.de)
In the process of accreditation are:
Deutsche Post
