It’s incredibly exciting to see BWI, the IT services provider of the German Armed Forces, launching an official beta version of BundesMessenger, a secure messenger for Germany’s public administration (öffentliche Verwaltung ÖV) including federal, state and local authorities.
BundesMessenger is a modified version of Element which we’re working with BWI to develop and maintain. Available for desktop, web, iOS and Android, BundesMessenger is the front-end app for a modern and secure collaboration platform built specifically for the needs of the ÖV. It meets the German Administration Cloud Strategy (DVS) designed to strengthen the digital sovereignty of Germany’s public administration, ensuring communication data is owned and controlled by individual public offices (rather than entrusting a proprietary vendor).
The launch of BundesMessenger in a beta version is a significant step in seeing Germany’s public sector adopt a communication standard that ensures independence, interoperability and data sovereignty.
Decentralised and open source
BundesMessenger is open source, as is Matrix - the underlying communication protocol on which it is built. Matrix is a decentralised open standard for real time communication; so it can easily support large-scale federation across Germany’s public administration while supporting full sovereignty of the application and the data.
Federation means that every part of government can securely and instantly communicate with each other. Each participating organisation can self-host its own Matrix-based server (such as Element Enterprise), preserving its own data sovereignty whilst simultaneously being able to join the Matrix-based federation. Each organisation is also free to use any Matrix-based client, such as the newly launched BundesMessenger or one of many others.
As Matrix is decentralised, network administrators can create federations that are also incredibly robust and resilient ensuring continuous uptime. If an individual organisation’s server fails, the rest of the network remains operational thanks to the self-healing nature of decentralisation.
Matrix is the secure real time alternative to SMTP
If that sounds a little complicated, there’s a simple comparison to email. Think of BundesMessenger as an email client much like Mozilla’s Thunderbird, ProtonMail, Outlook, Gmail or Apple Mail. In this comparison, Matrix is the equivalent to SMTP; the standard that all the email clients use. That is why, regardless of which email client you use, you can email anyone - because SMTP is the common layer in between.
Real time collaboration systems such as Microsoft Teams, Slack, Mattermost, Wire, Threema, WhatsApp and Signal are currently all closed proprietary systems - meaning they are walled gardens whereby all parties have to use the same vendor. That’s impractical, creates vendor lock-in and stifles innovation. There’s simply no way that a government entity using, say, Microsoft Teams would be able to have secure real time communication with another government entity using, for example, Slack, Mattermost or Wire.
Hosting BundesMessenger
In keeping with the nature of a decentralised network, the federal messenger will not be operated by the BWI. Each authority will be able to set up and maintain its own infrastructure; in other words, to set up and run its own Matrix server.
BWI will offer a simplified cloud deployment to make it easy for authorities that want a simple server to get started. For organisations that want to self-host their server, BWI is also making Kubernetes-based DVS-approved reference implementations for the application server.
Element Enterprise is an alternative option for organisations that want a fully packaged self-hosted solution for on-premise or private cloud deployments. It includes an installer, server-side admin and auditing, and support for a range of options including Single Sign On and air-gapped networks. It is also extremely scalable for large installations and comes with vendor support. In addition, Element offers software-based secure border gateways and hardware-based cross-domain solutions to help securely manage federation and high-side/low-side environments.
Interoperability is vital for secure government communication
Matrix-based interoperability is particularly useful when you think of inter-governmental communications; say at an EU or NATO level. In France, for example, the civil service uses a Matrix-based collaboration platform called Tchap. It means civil servants using Tchap in France could in future easily federate with those using BundesMessenger in Germany’s public administration. Both sides remain in their respective country-specific apps, and yet still benefit from the end-to-end encryption, data sovereignty and interoperability provided by Matrix.
Interoperability is just as important within a government too and, again, Germany is a shining example. In 2018 BWI launched BwMessenger - a Matrix-based app designed for the specific needs of Bundeswehr; Germany’s Armed Forces.
Germany’s healthcare system is also adopting Matrix through its TI-Messenger initiative. Matrix was chosen as a result of its independence-preserving interoperability and end-to-end encryption to protect personal health care information.
Matrix-based clients for the healthcare space will include authentication mechanisms with electronic health professional cards (eHBAs), electronic institution cards (SMC-B) and a central FHIR directory. And of course the whole system will be accredited by BSI (Federal Office for Information Security) and BfDI (Federal Commissioner for Data Protection and Freedom of Information).
The result is that Germany’s healthcare ecosystem of more than 150,000 organisations will have a common real time communication system to match its specific needs, in just the same way that the Bundeswehr has its made-to-measure BwMessenger and the ÖV has BundesMessenger for its requirements. Yet, with all of these being Matrix-based, Germany’s healthcare organisations could easily federate with organisations in Germany’s public administration and armed forces.
Likewise, through the Police2020 initiative, Germany’s police forces could also develop a specific Matrix-based app for its unique requirements; and again still federate with other organisations who are also Matrix-based.
Protecting future progress
Germany’s public sector is in the process of establishing a nationwide real time communications infrastructure that
- provides digital sovereignty for each participating organisation
- enables easy connectivity between each organisation
- operates across a robust and resilient decentralised communications network
- is protected by end-to-end encryption
- leaves organisations free to use a variety of clients/apps
- is based on open source, ensuring a fair and competitive ecosystem
- and ensures Big Tech can’t exploit personal data
The result will be a secure - yet open - highly resilient communications infrastructure. It will give the entire German public sector, and every entity within it, independent ownership and control over its communications and data. With that comes faster, new ways of working to enable joined-up government.
