Vodafone: Here's how (and where) governments are spying on your calls

Vodafone: Here's how (and where) governments are spying on your calls

Summary: Mobile operator reveals scale of government surveillance, and says that speaking out is "not without risk"


International mobile phone network operator Vodafone has revealed the scale of government surveillance of its customers across the world.

The company has published a report covering the 29 countries where it does business, detailing the requests made by various governments for access to data about customer communications.

That law enforcement and intelligence agencies request this data is hardly new. But Vodafone said the evolution of communications technology — and the desire of governments to tap into it — has created a tension between citizens' right to privacy and the state's need to ensure safety and security. Concerns about widespread surveillance and habitual data harvesting by intelligence agencies have triggered a debate about the scale and legitimacy of such monitoring.

While in most places Vodafone retains control over the systems used for lawful interception of communications, it revealed that in a small number of countries where it operates (which it did not name), the authorities have direct access to an operator's network, bypassing the telco completely.

As a result, in those countries, government authorities have complete and permanent access to all customer communications via their own direct link — without needing a warrant for the interception.

The report focuses on the two categories of law enforcement demands that account for the overwhelming majority of all such activity: lawful interception and access to communications data.

The company said that it does refuse to comply with demands that are fall into the other category of demands: the unlawful ones. It said the majority of rejections it issues tend to be for defects in the legal process or documentation, or in response to demands issued under inappropriate legal powers.

Special Feature

IT Security in the Snowden Era

IT Security in the Snowden Era

The Edward Snowden revelations have rocked governments, global businesses, and the technology world. When we look back a decade from now, we expect this to be the biggest story of 2013. Here is our perspective on the still-unfolding implications along with IT security and risk management best practices.

But is also noted handling such demands can be difficult for the operator: "the powers in question are often used in the context of highly sensitive and contentious developments — for example, during major civil unrest or an election period — which means that Vodafone colleagues dealing with the authorities in the country in question can be put at risk for rejecting a demand on the basis that it is not fully compliant with the law."

The company said that while it wanted to publish the data for all of the countries on a coherent basis, "after months of detailed analysis, it has become clear that there is, in fact, very little coherence and consistency in law and agency and authority practice, even between neighbouring EU member states". Governments should do a better job of disclosing their surveillance activities themselves, it added.

The company said in the case of at least 10 of the 29 countries covered, it was the first time that this kind of information has been placed into the public domain by a mobile operator.

In its country-by-country list it details the number of warrants issued to its local businesses as the most reliable measure of activity currently available. But the company warned it is hard to reach conclusions about the levels of survelliance from those figures, as each warrant can target any number of different subscribers, different communications services, and devices.

The also company pointed out that there trying to shine a light on the murky area of government surveillance can have consequences. "Our decision to make the disclosures set out in this report is therefore not without risk. In some countries, providing what to many observers would seem to be relatively anodyne information about the legal powers and processes used by agencies and authorities could lead to criminal sanctions against Vodafone employees."

The full list of countries and details of intercept requests can be found in Vodafone's Law Enforcement Disclosure Report.

Further reading

Topics: Mobility, Networking, Privacy, Security, Telcos, EU, United Kingdom

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.


Log in or register to join the discussion
  • So the NSA was neither new...or original.

    Consider this..

    The first time Adam and Eve talked, the snake was listening nearby.

    The first time cave walls were painted, someone told the neighbors what is showed.

    The first time stone tablets were carved, the text was repeated to someone that should not have known.

    And so on and so forth.

    Why in the **ll did we think just because we had computers and cell phones it would be any different now. Yes, Snowden in the end will probably be more of an idiot than either a traitor or a hero (yes, Eddie, let's see what happens after you are of no further use). But he is reminding everyone that the only true privacy you have is in a cave with a rock over the door and NOTHING plugged in, sitting by yourself, with your mouth shut. And that has always been that way.

    It's the PERCEPTION that "hey, they can see what I am doing" that is the thing here. Now, if you are doing crap you should not be doing, it doesn't matter if you are talking on a cell phone, typing it in here, or flaunting it with your curtains open. That is stupid. That's also why REAL spies and such do not use the public networks to do their thing. They knew this all along. That is their job. For the rest of us, I would strongly suspect that most of us live lives that would hardly interest our relatives, much less the anyone else. (And that may be the thing that hurts the most - a lot of people think they are much more important than they really are).

    The real issue here, and the inadvertent damage done, is that now even the amateurs and the on-the-fly terrorists now know all this too. Like the important ones didn't. So now the Al-Queida wannabes and the nutcases know how to hide their intentions better. That's a loss for us all. And it will lead to a lot of measures, all in the name of "national security" that are really to boost local interests at the expense of others. Take the "European Internet" and the Chinese, please.

    My childhood was spent in a very small town back in the days when landline phones were "party lines". Remember those? For those who don't, it was the era of dial telephones and once a connection was made, the caller was one of many on the line at the same time. So "dialing" simply told whoever was on the other end to pick up and join the fun. Everyone could hear everyone else. And considering gossip and small towns fit like hands in gloves, the fun this caused was amazing. Sure beat tattling over the back fence.

    People forget those things in this age. Yes, we expect some basic privacy so no more neighbors hearing us on the phone at the same time. But it is still a public network. It is not and cannot be 100% private without extraordinary measures. If it is required these should be employed. But for the rest, it is probably not worth it. If I am discussing trade secrets, doing dope deals, or sending porn, maybe. But if Snowden's friends want to hear my pizza order or find out I bought the Led Zep remasters, well they got more time on their hands than I do.

    Basically, we need to settle down. The truth hurts. Whoever said the idyllic idea of privacy was dead was right. But it never existed anyway. We have more pressing matters, like or current penchant for revisionist history and "political correctness" than this.

    And consider this, many of these countries with more draconian surveillance of their communications networks suffered through (or are suffering through) uprisings spread by, wait for it, these SAME networks. Guess the spies were asleep at the switch. Or mining even a small country's communications data is harder that Eddie makes it sound.
  • Info

    Full disclosure. Just finished reading the report, who dose what and where.
    The law's and demands, very interesting. Try and get this info from any other carrier.
    Why no USA?, maybe threatened with treason if they told?.

    Will Telstra or Optus tell us their list?
  • Despite all of this companies disagreements with inherent policies...

    It continued to provide service to it's users, with no warnings or alerts to the likelihood of government interception or surveillance? It seems like a case of shutting the barn doors after all the horses have escaped. Chalk this up to another company suspiciously becoming 'aware' after their income checks have cleared. Money talks, policy is again an afterthought.