* Deutsche Tel wants to keep German web traffic in country
* Nascent project faces technical, legal hurdles -experts
* Will not work for common websites like Google, Facebook
* NSA spying allegations on agenda at EU summit
* Germany says has evidence Merkel's mobile was monitored
By Leila Abboud and Peter Maushagen
PARIS/FRANKFURT, Oct 25 (Reuters) - As a diplomatic rowrages between the United States and Europe over spyingaccusations, state-backed Deutsche Telekom wantsGerman communications companies to cooperate to shield localinternet traffic from foreign intelligence services.
Yet the nascent effort, which took on new urgency afterGermany said on Wednesday that it had evidence that ChancellorAngela Merkel's mobile phone had been monitored, faces an uphillbattle if it is to be more than a marketing gimmick.
It would not work when Germans surf on websites hosted onservers abroad, such as social network Facebook or searchengine Google, according to interviews with six telecomand internet experts. Deutsche Telekom could also have troublegetting rival broadband groups on board because they are wary ofsharing network information.
More fundamentally, the initiative runs counter to how theInternet works today - global traffic is passed from network tonetwork under free or paid-for agreements with no thought fornational borders.
If more countries wall themselves off, it could lead to atroubling "Balkanisation" of the Internet, crippling theopenness and efficiency that have made the web a source ofeconomic growth, said Dan Kaminsky, a U.S. security researcher.
Controls over internet traffic are more commonly seen incountries such as China and Iran where governments seek to limitthe content their people can access by erecting firewalls andblocking Facebook and Twitter.
"It is internationally without precedent that the internettraffic of a developed country bypasses the servers of anothercountry," said Torsten Gerpott, a professor of business andtelecoms at the University of Duisburg-Essen.
"The push of Deutsche Telekom is laudable, but it's also apublic relations move."
Deutsche Telekom, which is 32 percent owned by thegovernment, has received backing for its project from thetelecoms regulator for potentially giving customers moreoptions.
In August, the company also launched a service dubbed"E-mail made in Germany" that encrypts email and sends trafficexclusively through its domestic servers.
BUGGING
Government snooping is a sensitive subject in Germany, whichhas among the strictest privacy laws in the world, since itdredges up memories of eavesdropping by the Stasi secret policein the former East Germany, where Merkel grew up.
The issue dominated discussions at a European summit onThursday, prompting Merkel to demand that the U.S. strike a"no-spying" agreement with Berlin and Paris by the end of theyear.
As the row festers, telecom and Internet experts said therhetoric exceeded the practical changes that could be expectedfrom Deutsche Telekom's project. More than 90 percent ofGermany's internet traffic already stays within its borders,said Klaus Landefeld, a board member of the non-profitorganisation that runs the DE-CIX Internet exchange point inFrankfurt.
Others pointed out that Deutsche Telekom's preference forbeing paid by other Internet networks for carrying traffic tothe end user, instead of "peering" agreements at no cost,clashed with the goal to keep traffic within Germany. It can becheaper or free for German traffic to go through London orAmsterdam, where it can be intercepted by foreign spies.
Thomas Kremer, the executive in charge of data privacy andlegal affairs for the German operator, said the group needed tosign connection agreements with three additional operators tomake a national routing possible. "If this were not the case,one could think of a legislative solution," he said.
"As long as sender and receiver are in the Schengen area orin Germany, traffic should no longer be routed through othercountries," Kremer said, referring to the 26-countrypassport-free zone in Europe.
A spokesman for Telefonica Germany said it was inearly discussions on national routing with other groups. Aspokesman for Vodafone said it was "evaluating if andhow" to implement the Deutsche Telekom proposal.
Although Deutsche Telekom is positioning itself as a safecustodian of user data, its track record on privacy is mixed. Ina 2008 affair dubbed Telekomgate, Klaus Trzeschan, a securitymanager at the group, was jailed for three and a half years forhis role in monitoring phone calls of the firm's own managementand supervisory board members, as well as business reporters.
A spokesman for Deutsche Telekom said the affair was thereason why the group worked "so hard" on privacy and securityissues in recent years. "We are now the leading company of ourindustry when it comes to customers' trust," he said.
DATA CENTRES
While the routers and switches that direct traffic can beprogrammed so data travel certain routes, the most popularonline services are not built to respect borders.
Web companies often rely on a few large data centres topower their entire operation, and they don't choose locationsbased on the location of their customers but on factors such asthe availability of cheap power, cool climates, and high-speedbroadband networks.
For example, if a Munich resident uses Facebook to chat witha friend sitting 500 kilometres (310 miles) away in Berlin, thetraffic would go through one of the company's three massive datacentres 8,000 km away in Oregon or North Carolina, or one nearthe Arctic Circle in the Swedish town of Luleå. European users'profiles are not necessarily stored in the Swedish centre;instead the website's different functions such as games,messaging, and wall posts are distributed among the data centresto improve efficiency.
Similarly, emails sent by Google's Gmail between two Germanresidents would probably be routed through one of the company'sthree data centres in Finland, Belgium and Ireland.
The only way to change this would be for Germany to requirelocal hosting of websites, a drastic move according to expertsthat has not yet been pushed by German leaders. Deutsche Telekomdeclined to say whether it would lobby for such an approach.
Brazil's President Dilma Rousseff, angered by reports thatthe U.S. spied on her and other Brazilians, is pushinglegislation that would force Google, Facebook and other internetcompanies to store locally gathered or user-generated datainside the country.
One solution would be for European leaders to beef up a newdata-privacy law, which has been in the works for almost twoyears. A greatly toughened version of the law was backed by theEuropean Parliament on Monday, but it still requires agreementby members states.
France and Germany may succeed in getting member states topush ahead on talks to complete the new data rules by 2015.
Deutsche Telekom's Kremer said the new law could help: "Ofcourse customers need to be able to use any web services theylike, anywhere in the world. But we need to make this safer."