Handling government demands

In many countries, it is a condition of an operator’s licence that they put in place technical and operational measures to enable lawful interception.

We follow the European Telecommunications Standards Institute (ETSI) lawful interception technical standards unless we’re required to do something different by the local authorities. The ETSI standards include a formal handover interface to ensure that agencies and authorities do not have direct or uncontrolled access to the operators’ networks as a whole.

In some countries, operators are required by law to retain some communications data for a specific period of time solely to fulfil the lawful demands of agencies and authorities who require access to this data for investigation purposes.

Lawful demands for access to communications data can take many forms. For example, police investigating a murder could require the disclosure of all subscriber details for mobile phone numbers logged as having connected to a particular mobile network cell site over a particular time period, or an intelligence agency could demand details of all users visiting a particular website. Similarly, police dealing with a life-at-risk scenario, such as rescue missions or attempts to prevent suicide, require the ability to demand access to real-time location information.

When an operator is instructed to shut down communications in a specific region or across its entire national network, the priority is to ensure that the shutdown is carefully controlled to enable the network to be restore the network as quickly and reliably as possible once the government order is lifted.

Telecommunications operators have technical options available, when we have to block access to specific online content, all of which are based on checking a customer’s request to access a specific IP address or URL against a list of banned domains or URLs. 

Governments generally stipulate the minimum technical specifications of how the restrictions must be applied to the network, content or services in order for operators to fulfil demands received from agencies and authorities. Some technical options are more robust than others—web-proxy content filters are one option. They’re hosted within an operator’s network and are the most expensive but also the most effective approach. In the majority of cases, most web traffic passes through an operator’s proxy servers. When a customer requests content, it will usually be delivered to them straight away. If the content the customer wishes to access is not on the block list, the content sought will be retrieved and served back to the customer. If it is on the block list, best practice is to ensure the customer is made aware of this by means of a warning ‘splash page’ while preventing the specific content from being accessed; a point we address. We talk about this more in our Freedom of Expression Principles. 

We typically get these blocked lists from a database that is updated regularly. Domain/URL block lists are typically supplied to operators as a regularly updated dynamic database that is downloaded from an external source. We then upload it on the proxy servers within the operator’s network. List entries. The list might refer to a single IP address, or they may refer to an entire website domain or sub-domain. If there’s a court order requiring a block, then this would usually be done manually.