Government spooks in at least six countries around the world have forced local Vodafone businesses to allow direct access to their networks to enable real-time monitoring of calls, the telco giant has revealed.
Vodafone – which has around 400 million customers across the globe, although not in the US – made the surprising revelation in a lengthy “Disclosure Report” on Friday 6th June.
It said most countries require some kind of legal filing before the content of calls can be monitored, however this was not the case in six unnamed countries.
“In a small number of countries, the law dictates that specific agencies and authorities must have direct access to an operator’s network, bypassing any form of operational control over lawful interception on the part of the operator,” the report explained. “In those countries, Vodafone will not receive any form of demand for lawful interception access as the relevant agencies and authorities already have permanent access to customer communications via their own direct link.”
In addition to being unable to name the six countries in question for legal reasons, Vodafone said it was forbidden from releasing any information on comms interception from a further eight: Albania, Egypt, Hungary, India, Malta, Qatar, Romania, South Africa and Turkey.
The report also links to data already in the public domain showing the UK made over 500,000 requests for metadata and 2,760 for call content.
Interestingly, Germany, whose media and politicians expressed outrage when details emerged that chancellor Angela Merkel’s phone had been tapped by the NSA, made far more requests for call content (23,687). That data, however, was collected in 2012.
Italy was the worst offender in the list, with 140,577 requests for real-time monitoring of calls.
The mobile operator appears to have taken the decision to disclose these details to bring greater transparency to an industry already rocked by whistleblower Edward Snowden’s revelations of widespread NSA and GCHQ spying activities.
As such, it recommended that governments “should balance national security and law enforcement objectives against the state’s obligation to protect the human rights of all individuals”.
Vodafone added that they should also “require all relevant agencies and authorities to submit to regular scrutiny by an independent authority empowered to make public – and remedy – any concerns identified”.
Unsurprisingly, privacy groups were appalled.
Gus Hosein, executive director of Privacy International, wrote in a blog post that transparency reports are only useful if governments abide by the rule of law.
“We now know that these reports only provide a limited picture of what is going on. It is ridiculous that a year after the first Snowden leaks, governments continue to impoverish our much-needed democratic debate,” he added.
“It is also incredible that governments think that they may craft laws to provide for mass surveillance. And it is insulting that not a single law has changed after a year-long global debate about surveillance.”
Mike Janke, CEO of private comms firm Silent Circle, applauded Vodafone for its stance.
“People's privacy is being eroded and it's not right,” he added in a statement. “There are risks of mobile technology, and the practice of universal eavesdropping – not just from government but also others with the technical know-how. Why should we put up with the violation?”