Governments in these countries have direct cables or interception systems connected to the networks of Vodafone and other telecoms, which allow them to silently intercept and record all communications that pass over the networks. This happens at the flick of a switch and without the countries obtaining court permission or notifying the telecoms that they are accessing the data, according to Vodafone.
Vodafone did not identify which countries had direct access, saying only that in “a small number of countries the law dictates that specific agencies and authorities must have direct access to an operator’s network, bypassing any form of operational control over lawful interception on the part of the operator.”
This startling acknowledgement comes in the global company’s first Law Enforcement Disclosure Report, which was released on Friday. The lengthy report covers the period April 1, 2013 to March 31, 2014, and reveals that the company–which operates in Europe, the Middle East, Africa and parts of Asia Pacific–has received thousands of requests from 29 countries to intercept communications or to obtain data about communications or customer accounts.
Vodafone did not provide a breakdown of requests by country, it says, because in some cases producing uniform data across countries proved to be too difficult and in others legal restrictions prevented them from publishing information.
Vodafone notes, for example, that in at least nine countries–Albania, Egypt, Hungary, India, Malta, Qatar, Romania, South Africa, and Turkey–it is illegal for the company to disclose any information about government wiretapping activities or capabilities.
So instead of providing statistics about the requests that it received from governments, Vodafone provided a menu of information published by the countries in which it operates, where the countries disclosed the number of data requests they made for the time period.
Of these, Italy tops the list as the country submitting the most requests for data. Authorities there submitted more than 600,000 requests for metadata to carriers. The Czech Republic submitted about 7,600 requests for lawful intercepts while Tanzania submitted 99,000 requests for communications data.
Vodafone declined to identify which countries have direct access, citing concerns about employee safety.But the most alarming admission relates to the direct access that some countries have to Vodafone networks, something that has long been suspected. Vodafone declined to identify which countries have such access, citing concerns about employee safety. Governments in these countries could retaliate by imprisoning Vodafone employees or otherwise harming them.
The release of the transparency report follows in the wake of reports released by other companies, such as Google, Facebook, Verizon, and AT&T. But Vodafone’s report is remarkable for its length and the pains it takes to explain the varying legal landscape in the countries in which it operates and the problems this creates for publishing a fully transparent report.
The company did not include information in its report about requests from governments to block or restrict access to content or services for customers–for example, in countries like Iran where the government may attempt to censor information.
It also noted that “it is not possible to draw any meaningful conclusions from a comparison of one country’s statistical information with that disclosed for another” since each country, and agencies within countries, aggregates and discloses information in different ways and forms. An undisclosed number of countries have direct backdoor access to the communications passing through the network of telecommunications giant Vodafone, without needing to obtain a warrant, according to a new transparency report released by the company. In these countries, the company noted, Vodafone “will not receive any form of demand for lawful interception access as the relevant agencies and authorities already have permanent access to customer communications via their own direct link.”