Vodafone report sparks interception law concerns

The notion that states across Europe and beyond are quietly tapping into millions of emails and phone calls across multiple platforms obviously causes significant disquiet and helps reinforce the notion that Big Brother is listening to – if not actually watching – us all.

Last year, Edward Snowden lifted the lid on the expansive internet data monitoring system put in place by America's National Security Agency (NSA) and gave lie to the notion that anything people say and do online is done in total privacy.

Further proof that the privacy people once took for granted is a myth emerged yesterday morning when Vodafone, one of the world's largest mobile phone groups, revealed the existence of secret wires which allow government agencies in at least 29 countries, including the Republic, access to conversations on its networks.

This direct access to its network – and those of other telecoms companies who have yet to identify themselves – does not require a warrant and none of the companies involved has any solid information about the nature of the access or the number of customers targeted. This means that mass surveillance can happen on any network without any real oversight or knowledge outside of the apparatus of the state.

Untrammelled access

Vodafone’s Law Enforcement Disclosure Report runs to 40,000 words and confims that wires giving almost untrammelled access to its networks were sanctioned by dozens of government agencies which continue to have the ability to listen to or record live conversations and track the whereabouts of customers.

"These pipes exist, the direct access model exists. We are making a call to end direct access as a means of government agencies obtaining people's communication data. Without an official warrant, there is no external visibility," said Vodafone's group privacy officer, Stephen Deadman.

“If we receive a demand we can push back against the agency. The fact that a government has to issue a piece of paper is an important constraint on how powers are used.”

Vodafone believes governments should “discourage agencies and authorities from seeking direct access to an operator’s communications infrastructure without a lawful mandate”.

The mandate in the Republic stems from the Postal and Telecommunications Services Act 1983, which established a regime for the interception of telecommunications messages. “Although ‘telecommunications message’ is not defined for these purposes, it includes emails and text messages as well as phone calls,” Vodafone said in its report.

Under the Act, the Minister for Communications, Energy and Natural Resources has the authority to issue directions in writing to any operator requiring them to do anything which he may specify as necessary in the national interest. Vodafone said these powers were “sufficiently broad” to require it to assist in implementing interception capabilities on its networks.

Serious crime

The Interception of Postal Packets and Telecommunications Messages (Regulation) Act 1993 also provides for the interception of postal packets and telecommunications messages.

Under the Act authorisation for an interception can be granted by the Minister for Justice to the Garda for the investigation of serious crime and to both the Garda and Defence Forces in the interests of State security.

The Act obliges the Minister to keep secret the fact they have granted an order and so the State does not release any figures relating to how many times orders are granted annually.

The Criminal Justice Surveillance Act 2009 does not relate to intercepting phone calls, but rather planting bugging devices and covert cameras during the investigation of crime.

Mr Justice Kevin Feeney – who monitors the Garda’s, Revenue’s and Defence Forces’ use of the provision – described as “a small double figure number” the number of times permissions were granted in the 12 months to July 2012.

Requests

Vodafone said the Irish Government had refused it permission to publish information on any requests made but added that the data supplied could be sought for a number of reasons, including helping to find missing people.

The Irish Council for Civil Liberties said the disclosures highlighted the need for a “comprehensive overhaul of Ireland’s outdated interception laws”.