Vodafone has disclosed that government agencies in a small number of countries in which it operates have direct access to its network, enabling them to listen in to calls.
The world's second-biggest mobile phone company today published a "Disclosure Report" which said that, while in many of the 29 countries in which it operates government agencies need legal notices to tap into customers' communications, there are some countries where this is not the case.
Security agencies across the world, and in particular in the USA States and Britain, have faced greater scrutiny since Edward Snowden, a former contractor with the US National Security Agency (NSA), disclosed the extent of their surveillance to newspapers, which saw monitoring programmes hovering up ordinary people's telephone and electronic communications.
Vodafone said it could not give a full picture of all the requests it gets, because it is unlawful in several countries to disclose this information, but it did reveal that authorities in some countries do not even need to make requests.
"In a small number of countries the law dictates that specific agencies and authorities must have direct access to an operator's network, bypassing any form of operational control over lawful interception on the part of the operator," Vodafone said in the report.
“In those countries, Vodafone will not receive any form of demand for lawful interception access as the relevant agencies and authorities already have permanent access to customer communications via their own direct link.
The report reveals that these direct links also give agencies in these countries access to communications ‘metadata’, small packets of data related to a device’s activities that are logged on the systems of the operator responsible for the network.
Vodafone has not named the countries where this can happen, but in the document it calls on governments to amend legislation so eavesdropping can only take place on legal grounds.
“We also believe that governments should…amend legislation which enables agencies and authorities to access an operator’s communications infrastructure without the knowledge and direct control of the operator, and take steps to discourage agencies and authorities from seeking direct access to an operator’s communications infrastructure without a lawful mandate,” the report states.