VODAFONE HAS REVEALED on Friday that the government is able to listen to phone conversations using secret cables connected directly to network equipment.
The operator has said that these secret wires have infiltrated its network, and those of its competitors, allowing the government to listen to phone calls as they happen, and to even track the location of citizens without a warrant.
Vodafone isn't happy about this. Stephen Deadman, the company's privacy officer said to The Guardian, "These pipes exist, the direct access model exists. We are making a call to end direct access as a means of government agencies obtaining people's communication data. Without an official warrant, there is no external visibility.
"If we receive a demand we can push back against the agency. The fact that a government has to issue a piece of paper is an important constraint on how powers are used."
The Pirate Party isn't very happy about this either, with its leader Loz Kaye saying, "The extent of this direct surveillance is truly chilling. Once again we can see how courts and democracy are being sidelined.
"In particular, the UK is shown to be a big player in turning its citizens into suspects. What is clear now is that any promises from this coalition government that our civil liberties would be protected were as empty as so many of their other pledges."
Vodafone's revelation was hidden in a transparency report that reveals the vast scale of surveillance demands it receives from international law enforcement and intelligence agencies.
Vodafone operates in 27 countries. A year after Edward Snowden's first snooping revelations it has reported that agencies in 29 countries knock on its doors and demand information about its 434 million mobile customers and nine million fixed broadband customers.
The report is lengthy, and Vodafone promises to update it regularly (PDF). It breaks demands down by country and requests, where sharing that information is permissible. Essentially, said the firm, it usually provides most information when and where it is asked, often because it is forced to comply.
"In every country in which we operate, we have to abide by the laws of those countries which require us to disclose information about our customers to law enforcement agencies or other government authorities, or to block or restrict access to certain services," it said.
"Refusal to comply with a country's laws is not an option. If we do not comply with a lawful demand for assistance, governments can remove our licence to operate, preventing us from providing services to our customers. Our employees who live and work in the country concerned may also be at risk of criminal sanctions, including imprisonment."
It added that it must strike a balance between legal obligations and its customers' rights to privacy, and revealed the limits on what information it can and cannot supply. For example, it said, some countries could come down very hard on employees if their demands are not met.
The country by country statistics are revealing and show that some countries - Romania, South Africa and Turkey, for example - do not allow for disclosures of any kind.
The UK is more open, and figures relating to the UK market show that it has received around half a million metadata requests on these shores. Officially the government has made 2,760 warrant requests.
The report is a massive 147 pages, because there is a lot of data to review, and Vodafone includes a number of requests for governments to change, and pushbacks against the overreaching arms and eyes of surveillance.
In its report, Vodafone said that governments should:
"Amend legislation which enables agencies and authorities to access an operator's communications infrastructure without the knowledge and direct control of the operator, and take steps to discourage agencies and authorities from seeking direct access to an operator's communications infrastructure without a lawful mandate;"
"Publish regular updates of the aggregate number of law enforcement demands issued each year - or at the least allow operators to publish this information without risk of sanction and [...] on the basis of an agreed cross-industry methodology."
The report comes around a year after Edward Snowden first revealed the scale of surveillance and a day after the Reset the Net campaign ramped up a growing international anti-surveillance backlash. µ
Plus the cost of ambition as moonshots eat into the coffers
Spoiler alert: it's probably VeriSign
Did we say cuts off? We meant traps them inside their own home