Government intelligence agencies have direct access to telecommunication companies’ infrastructure which allows them to spy and record phone calls leaving no paper trail, the UK’s largest mobile phone company Vodafone has revealed.
The British operator said wires have been attached to its phone networks in some of the 29 countries in which it operates in Europe, as well as around the world, the Guardian reported. Governments similarly connect to other telecom groups, reportedly allowing them to listen to or record live conversations. In some cases, the surveillance agencies can also track the whereabouts of a customer.
“For governments to access phone calls at the flick of a switch is unprecedented and terrifying,” Liberty director Shami Chakrabarti told the Guardian. “Snowden revealed the internet was already treated as fair game. Bluster that all is well is wearing pretty thin – our analogue laws need a digital overhaul.”
But now Vodafone is pushing back against government surveillance through direct access to the pipes. On Friday, it will publish its first Law Enforcement Disclosure Report about how governments spy on people through the company’s infrastructure.
“These pipes exist, the direct access model exists,” the telecom giant’s group privacy officer, Stephen Deadman told the Guardian. “We are making a call to end direct access as a means of government agencies obtaining people's communication data. Without an official warrant, there is no external visibility. If we receive a demand we can push back against the agency. The fact that a government has to issue a piece of paper is an important constraint on how powers are used.”
“We need to debate how we are balancing the needs of law enforcement with the fundamental rights and freedoms of the citizens,” Deadman said.
The problem with many of the laws on the books that governments use to receive the warrants is “most of the legislation on privacy and surveillance predates the internet and needs to be updated,” the Guardian wrote, citing the report’s introduction.
Agencies do not have to identify the targeted customers to the telecom companies in any way, and the direct-access systems do not require warrants.
“These are the nightmare scenarios that we were imagining,” Gus Hosein, executive director of Privacy International, which has brought legal action against the British government over mass surveillance, told the Guardian.
“I never thought the telcos [telecommunications companies] would be so complicit,” he said. “It's a brave step by Vodafone and hopefully the other telcos will become more brave with disclosure, but what we need is for them to be braver about fighting back against the illegal requests and the laws themselves.”
In its report, the company asks for the direct-access pipes to be disconnected, for countries to outlaw the practice and for governments to “discourage agencies and authorities from seeking direct access to an operator's communications infrastructure without a lawful mandate.”
Vodafone began working on the report last autumn, in the wake of the first Snowden leaks about government spying. It insists that its comprehensive survey of government warrant applications is not because of consumer backlash, the Guardian reported, though analysts contend that losing customers’ trust could cost the company tens of millions of pounds.
But Vodafone isn’t opening up about everything. One of the first of the Snowden revelations last June was about Project Tempora, which allows the Government Communications Headquarters (GCHQ) spy agency to intercept and store for 30 days huge volumes of data, like emails, social network posts, phone calls and much more, culled from international fiber-optic cables. On the one-year anniversary of the first Snowden leak the location of secret GCHQ bases in Oman tapping into underwater cables was revealed. The Vodafone report makes no mention of revelations about its participation in secret GCHQ operations.