news Telstra signed a secret agreement a decade ago with US Government agencies such as the FBI and the Department of Justice that provided American law enforcement and national security organisations with an extremely broad level of access to all of the telco’s telecommunications passing in and out of the US, it was revealed late last week.
On Friday independent media outlet Crikey published what what appeared to be the text of the agreement. It notes that it was signed in November 2001 between Telstra and its Hong Kong partner telco PCCW, and the US Federal Bureau of Investigation and the Department of Justice.
The document cites principles such as the US Government’s need to preserve the “national security” of the US and to ensure that US communications were “secure in order to protect the privacy of US persons”. It notes that the stimulus for the agreement to be signed was the application of Telstra/PCCW submarine cable joint venture Reach — which operates major underwater fibre links between a number of Asian countries, as well as Australia and the US — to provide telecommunications services from the US back in 2001, shortly after it was formed by Telstra and PCCW.
The agreement states that all telcos operating in the US must maintain facilities that were compliant with US law enforcement regulations in that country, such as the ability to hand over details, including calling data but not the content of communications, of all communications received or which originated in the US.
Data to be stored by Reach for two years included identifying information relating to telephone calls, such as telephone numbers, Internet addressed used, the time, date, size and duration of a communication, any information relating specifically to the identity and physical address of those communicating, and a host of other information, especially billing records, which typically show details of all telephone calls made by telephone service subscribers.
The agreement stipulated that Reach must ensure that the data it was maintaining for the US Government and providing access to, must not be stored in a manner which could be subject to mandatory destruction under the laws of foreign countries such as Australia; meaning that even though Telstra was majority owned by the Australian Government at the time of signing the agreement, it would be required to avoid deleting the stored data, even if required to do so under Australian law.
In addition, the agreement contains provisions designed to block details being released under Freedom of Information laws, as well as provisions designed to make the US Government aware if any foreign governments or corporations sought access to data held by Reach. The document is signed by Douglas Gration, then company secretary at Telstra.
The agreement is particularly concerning for Australians, given the volume of Internet traffic and routed telephone calls which pass through Reach’s infrastructure to the US, where much of the world’s largest Internet backbones and data sources are located. It is likely that Reach’s data retention facilities in the US have stored hundreds of millions to billions of records about Australian telecommunications and Internet access over the past 12 years; all of which would have been made available to US Government agencies.
Asked about the issue on Friday, a Telstra spokesperson attempted to downplay the situation.
“This Agreement, at that time 12 years ago, reflected Reach’s operating obligations in the US that require carriers to comply with US domestic law,” they said. “It relates to a Telstra joint venture company’s operating obligations in the United States under their domestic law. We understand similar agreements would be in place for all network infrastructure in the US. When operating in any jurisdiction, here or overseas, carriers are legally required to provide various forms of assistance to Government agencies.”
The company declined to make an executive available to take comments on the issue, despite the graveness of the issue and the massive nature of the data retention records its Reach joint venture would have stored with respect to Australians’ communications passing through the US.
Crikey’s revelation of the agreement has sparked instant outrage amongst civil liberties and political groups, which have labelled Telstra’s decade-old deal — likely still operational — as yet another example of secret collusion between major technology companies and the US Government with the intention of invading the privacy of ordinary citizens not guilty of committing any crime. Such issues have been recently raised due to the revelation of the US Government’s PRISM program, which has reportedly seen the National Security Agency gain direct access to the systems of major cloud computing players such as Google, Microsoft, Apple and so on.
The Greens called on Telstra to immediately disclose details of the deal with the US Government. “Telstra, at the time majority owned and controlled by the Howard Government, struck a deal to allow 24/7 surveillance of calls going in and out of the United States, including calls made by Australians. The cables in question are operated by Telstra subsidiary Reach, which controls more than 40 major telecommunications cables in the region, including cables in and out of China and Australia,” said Greens communications spokesperson, Senator Scott Ludlam.
“While the current Australian Government recently pushed then abandoned a two-year mandatory data retention scheme, for more than a decade this secret deal with the United States compelled Telstra, Reach and PCCW to store all customer billing data for two years. The deal also compelled Telstra, Reach and PCWW to provide any stored communications and comply with preservation requests; to provide any stored meta-data, billing data or subscriber information about US customers; to ignore any foreign privacy laws that might lead to mandatory destruction of stored data; and to refuse information requests from other countries without permission from the United States.
“This secret deal also allowed FBI and US Department of Justice officials to conduct inspection visits of Telstra and Reach offices and infrastructure. “This is an extraordinary breach of trust, invasion of privacy, and erosion of Australia’s sovereignty,” said Ludlam.
Julian Assange’s WikiLeaks Party issued a similar statement condemning Telstra’s deal with the US Government. WikiLeaks Party spokesperson, Omar Todd said: “Whilst these agreements appear to be entered into in the immediate aftermath of 9/11 Australians are entitled to ask the current board of Telstra whether or not it has entered into any further agreements with US security or intelligence agencies since that time.”
“Furthermore Telstra should come clean on the extent to which its customers’ privacy has been compromised by the 2001 agreement with the FBI and the US Department of Justice. The shareholders of Telstra in particular should be told by the company whether or not it is participating in the United States global intelligence gathering networks” Todd added.
The WikiLeaks statement said Crikey’s revelations also raised the question of whether or not
other information or Internet service providers were also participants in sharing data with the United States.
“In light of recent revelations by former NSA analyst Edward Snowden that Australia has been participating in the United States PRISM program as part of the ‘five eyes’ intelligence-sharing network, customers of telecommunications companies and ISPs should be asking if their privacy
has been compromised,” The WikiLeaks Party said.
“The WikiLeaks Party believes that all Australian telecommunications companies and ISP’s should be compelled by law to disclose to the Australian Parliament any arrangements or agreements that they have entered into with any foreign power to hand over or store metadata or other forms of private information about their customers.”
The Pirate Party Australia described the situation as “entirely unacceptable,” with the party’s lead candidate for the Senate in NSW, Brendan Molloy stating in a media release that Telstra’s action “must stop immediately”.
“If what the media is saying is true, why is an Australian company colluding with the United States Government to spy on Internet traffic of Australians citizens?” asked Molloy. “The Government must answer why it has been complicit in the spying on of Australian citizens, as this began when Telstra was still partially Government owned.”
I have several things to say about this situation.
Firstly, did we really expect anything different? We’ve seen recently with the NSA PRISM situation that the US Government’s law enforcement agencies have direct hooks into the country’s major technology players. Did anyone really believe that one of the most surveillance-happy countries in the world would have ignored old-style telephone calls and bulk Internet data by international telco giants hooking into its US cables? Of course this was going on. Even the scale of Telstra’s participation in this arrangement could be expected and predicted.
It is hardly news that the US Government — or, really, any government, including all of Australia’s Federal, State and even some local governments — have long had access to telecommunications data from major telcos. I mean, this deal with Telstra is over a decade old. This kind of thing has been going on for a long time and is more or less standard practice in the telecommunications sector, as any industry expert will tell you. The only reason it’s even coming up now is that more people are becoming more aware of how their privacy is being systematically violated through the telecommunications services they’re paying for — and are becoming more outraged about it.
The second thing I would say is that we shouldn’t expect this situation to change soon. Rightly or wrongly, law enforcement officials the world over have become reliant on access to this kind of data to do their job. As we’ve seen with the ‘shelving’ of the Attorney-General’s Department’s data retention proposals in Australia, the current fight which global residents have on their hands is more or less to stop further encroachment of Internet and telco surveillance, not to wind back agreements such as this one with Telstra which have been in place for more than a decade now. Just holding the current ground is more than fight enough for this movement, globally.
If you do want to stop governments spying on your data, I would suggest that you take technical measures to address the situation, rather than fruitlessly trying to address it through legislative change to block deals like this with Telstra. Encrypt your data, use secure instant messaging services instead of SMS, block all tracking mechanisms on your PC, use a VPN to anonymise your web traffic and so on. None of this will completely stop law enforcement authorities from accessing their data if they really want to. But these kinds of measures will stop telcos like Telstra from frivolously storing all of your communications as a routine manner. And perhaps that’s half the battle.