In June 2013, Edward Snowden changed the way many people viewed the Internet, online privacy and even their government. His revelations went beyond the direct surveillance the NSA held. They also raised questions about how metadata is stored and used without consent for security and marketing purposes.
Metadata by definition is a set of data that provides information about other data. For instance, a file’s size and type is metadata that make it easier to find the file without needing to know its name. There are three types of metadata: descriptive, structural and administrative (1). Descriptive metadata is used for discovery and identification; structural metadata describes how the data is linked together; administrative metadata describes managing a resource. In the case of telecoms, having the phone number of the caller, number called and call duration can be classified as descriptive metadata of the call.
At TeliaSonera International Carrier (TSIC), we relay more than one million voice minutes around the globe every hour. This results in large quantities of stored data, required to investigate any faults later. This means we have a huge responsibility to protect this data from being abused, misused, or falling in the wrong hands.
Quoting US President Barak Obama in June 2013 following Snowden’s leaks, “You have my telephone number connecting with your telephone number, there are no names, there’s no content in that database.” (2) Or how the chairwoman of the Senate Select Committee on Intelligence, Dianne Feinstein said “As you know, this is just metadata, there is no content involved there”(3). Unfortunately, collecting metadata doesn’t end at keeping records of phone numbers of who is calling, called or call durations. From this data, which may seem irrelevant to the user, other data may be revealed that may result in a violation of the user’s privacy.
In November 2013, a study at Stanford University by Jonathan Mayer and Patrick Mutchler showed how metadata of calls may reveal sensitive information such as health conditions, religious beliefs or even owning a gun (4). Another study found that using only what a given user ‘likes’ on Facebook, one can determine the user’s race, IQ, sexual orientation, personality and political views with a high degree of accuracy (5).
When we receive a governmental request for data, our first action is to ensure it complies with agreed standards and is coming from the appropriate source. If it doesn’t, we can challenge or reject the request. We publish transparency reports showing statistics of police and other authorities’ requests from a growing number of countries (6). This report also includes a list of national legislation that provides governments direct access to networks and communications without having to send requests to the operators.
Internally, we take a lot of security measures to make sure the data we access is secure. This starts with training about customer privacy and awareness – knowing when to reject an information request (even to our managers) and how to report serious concerns. Access to network monitoring tools used to troubleshoot voice-related faults is protected by secure log in with time-based tokens as well as other layers of security.
The servers where the information is stored are located in-house and the information collected is not stored longer than it is needed. This is why we always ask our customers to provide fresh traces for faults. And finally, everything we do is logged to make sure that we only check what we need to check and nothing more.
Undoubtedly the demands and challenges of data privacy will continue to change as our industry changes. We are committed to changing with it and achieving the right balance for all involved.