Governments around the world can snoop into callers' private conversations and even determine the users' locations using secret cables that give them direct access to communications networks, says Vodafone.
This isn't the first time companies have decided to become more transparent about government surveillance activities, but the lengthy transparency report released by Vodafone Friday provides the most details to date about how governments are using wiretapping equipment to gather data in its effort to capture criminals and ensure national security.
Vodafone, the world's second largest mobile carrier, has released its report on the 29 countries in Europe, Asia and Africa which it currently operates in and is now calling for a more open debate about the issue of government surveillance, an issue which most governments have actively shunned since former National Security Agency Edward Snowden squealed about widespread surveillance in the U.S in 2013.
According to the report, six countries have direct access to Vodafone's network, giving governments unlimited access to any information they wish to obtain without the need to acquire a warrant or case-by-case authorization, including the content of calls and text messages and metadata about these communications, such as the location of the users and the number of minutes of the call. Vodafone did not specify these six countries, citing employee protection.
This type of direct access to communications network is considered illegal in the U.K., but government bodies, including the Charity Commission, Welsh Ambulance Services NHS Trust and local councils, can seek various warrants to be granted access in the interests of "economic well-being," as afforded them by the Regulation of Investigatory Powers Act, also commonly known as the Snoopers' Charter.
"Refusal to comply with a country's laws is not an option," the report says. "If we do not comply with a lawful demand for assistance, governments can remove our license to operate, preventing us from providing services to our customers."
The report also mentions that Vodafone has received thousands of requests to intercept communications data and obtain communications metadata from governments, but did not provide a breakdown of the number of requests made in most countries, which is unlawful in some cases and logistically challenging in others. At least nine countries, including Albania, Egypt, Hungary, India, Malta, Qatar, Romania, South Africa and Turkey, prohibits companies to disclose specific surveillance activities by their governments.
However, Vodafone posted information published by governments about the number of requests made to obtain communications data and metadata by each country. Italy reported the highest number of eavesdropping requests with 600,000 warrants to intercept metadata. Hungary released 75,000 warrants while Portugal made 28,000 requests to acquire data. The U.K. prohibits the disclosure of any lawful warranted data interceptions, says the report.
This comes hot on the heels of transparency reports released by other technology companies including Google, Facebook and AT&T, but Vodafone is the first company to attempt to explain the legal implications of releasing such a report and call for the restriction of direct access by governments.
"We are making a call to end direct access as a means of government agencies obtaining people's communications data," says Stephen Deadman, privacy officer at Vodafone. "Without an official warrant, there is no external visibility. If we receive a demand we can push back against the agency. The fact that a government has to issue a piece of paper is an important restraint on how powers are used."
