In a new report, titled It's enough for people to feel it exists: Civil society, secrecy and surveillance in Belarus, Amnesty point the finger squarely at telecommunications companies which hand over customer data to an oppressive state.
The report brings together nearly a year of research and testimony from activists, journalists, opposition politicians, lawyers and others within Belarus.
“Companies that operate in Belarus have to let authorities have the data they want, when they want it”, said Joshua Franco, technology and human rights researcher at Amnesty in a statement. So, “if the KGB (Belarus secret police), for example, wants to spy on them, they don't need to show a warrant, they don't need to ask the company to give them access”.
According to the report, state agencies in Belarus have, “free, non-stop, remote access to both real-time communication and stored data in phone and internet networks.”
Under Belarusian law, companies have to make their networks compatible with a SORM system which allows authorities to watch communications without the knowledge of those communicating. There are few oversights or public records of this activity and no approval is required from a judge. Furthermore, companies have to hold on to the communications data of their citizens for as long as ten years, for the benefit of the Belarusian government.
Because they don't know when they are being watched, people assume they are always being watched. In one piece of testimony a journalist told Amnesty that most people will not speak openly on the phone: “You assume from the beginning that you live in fear, that everything is bad, that you cannot control or influence it. In principle if I am talking indoors, or on the phone, or writing emails, I assume it all gets to the KGB.”
Somehow, the KGB always seems to know of their activities despite the best efforts of dissidents says Amnesty.
To be sure, many countries in Europe have surveillance laws, and telecoms companies operating there do not find themselves accused of aiding tyrants. There are, however, several peculiarities to Belarus that make this case quite different.
Belarus is run by Alexander Lukashenko, a holdover from the days of Soviet rule and self-described authoritarian.
The country has an abysmal record on human rights. In the 2014 Press Freedom Index, the country ranked 157th out of 180 countries. It's a country that still holds political prisoners and a few years ago, did something that looked very much like the reintroduction of serfdom. In fact, that's exactly what Lukashenko called it.
Of course, requiring companies to hand over customer data is still widely seen as objectionable, even in liberal countries, for fear that it might be abused. In Belarus, many would say that abuse is written into law.
The law states that data can be grabbed from telecoms companies for the protection of ‘national security'. Here, a slightly more elastic definition is used. One that includes everything from “decline in well-being and quality of life” to “attempts to destroy national spiritual and moral traditions and biased revisions of history.” All in all, ‘national security' has about 30 different definitions attached to it.
Franco added in his statement, “Intrusive surveillance is not a new phenomenon in Belarus, but what has changed is that technology is taking it to a whole new level. The authorities now have a vast surveillance apparatus at their disposal that allows unrestrained access to private life.”
The companies named in the report include Turkcell, MTS and Telekom Austria , three large telecommunications companies operating in Europe.
Amnesty makes it clear in the report that “the companies are violating well-established standards on business and human rights. Under the UN's Guiding Principles for Responsible Business, national laws where a company operates cannot be used to justify human rights abuses.”
SCMagazineUK.com contacted some of the companies implicated in the report, although some did not respond Velkom, a subsidiary of Telekom Austria and, by its own admission, the largest western investor in Belarus gave its side of the story.
The company says it is merely following the law. It's obliged to supply the government with interfaces for ‘lawful interception' and Velkom complies “exclusively to the extent that is defined by law, and only after careful consideration of the legal framework. The framework for the surveillance is always transparent and complied with in detail. After establishing these interfaces authority access happens without assistance and without the knowledge of the operator.”
Velkom stated that though the company is aware of the “political environment and human rights issues”, it sees a benefit in opening the Belarusian economy to western investors.
Velkom added that it has been active in helping relations between the EU and Belarus, which have been historically frosty. It concluded, “we would like to state that all activities of Velcom are within national and international legal frameworks.”
Privacy International research officer Edin Omanovic told SC, “It is simply not enough for them to point to the law as justification for this. As a hugely profitable industry they have a responsibility to actively challenge the use of such a surveillance model in a much more coordinated and substantial way.”
Omanovic added that such complicity should not go unnoticed or unchallenged: “It is extremely disturbing that telecoms operators are providing state authorities direct, unfettered access to their customers' data.”