Freedom of expression

Telecommunications enable access to information and the exchange of ideas in a way that supports openness and transparency. It is our duty to respect our customers' and users' freedom of expression and privacy.

Strategic objective

2018 goals

2016 progress

  • Enable, respect and support freedom of expression and privacy.
  • Telia Company is trusted as an ICT industry leader in human rights.
  • All markets covered in law enforcement disclosure reports with regard to number of conventional requests and information on local legislation.
  • All closed unconventional requests challenged.
  • Contribute actively to the work of the Telecommunications Industry Dialogue (ID) and its collaboration with the Global Network Initiative (GNI).
  • Eight countries covered in law enforcement disclosure reports with regard to number of conventional requests.
  • Five countries covered with regard to information on local legislation.
  • Almost half of closed unconventional requests challenged in some way, often by transparency.
  • Contributed to the ID and GNI joining forces.

Issues related to freedom of expression and privacy pose a high risk to users of telecom services globally. Such risks include mass surveillance (e.g. direct access), network and services shutdowns, localization of mobile devices and blocking or restriction of certain content. Through legislation and decisions from authorities, states define the scope of surveillance of communications and limitations to the free flow of information. We see growing debate as legislators seek additional surveillance measures to fight crime and terrorism.

The right to customer privacy is widely understood as an essential requirement for the right to freedom of expression. This is why we have direct commitments both as to surveillance privacy (when authorities require access to user data) and customer privacy (processing customer data for our own needs). Read more about our customer privacy work in “Customer privacy.”

The societal value of upholding freedom of expression

Recent assessments estimate that network shutdowns cost countries billions of dollars in GDP loss globally on an annual basis. As stated by the GNI, “the economic and human rights harms of network shutdowns reinforce each other.” By pushing back on network shutdowns and blocking of sites, we seek to also reduce societal costs while maintaining our core business.

Governance

Frameworks guide our work

We aim to fulfill our responsibility and commitment to respect freedom of expression and privacy as laid out in the UN Guiding Principles for Business and Human Rights. Our objective is to limit potential harm to individuals by seeking active measures to support the rights of individuals where we believe that these are at risk. Our work is also guided by the Telecommunications Industry Dialogue Principles on Freedom of Expression and Privacy.

The group policy on freedom of expression in telecommunications addresses our commitments in relation to unconventional requests or demands that could potentially have serious impacts on freedom of expression in telecommunications ("major events"), such as:

  • Mass surveillance where authorities demand direct access
  • Shutdown of all or parts of a network
  • Blocking or restricting access to specific content
  • Blocking or restricting access to services or network
  • Obligations to transmit mandatory communications
  • Potentially overbroad proposals for new laws or significant operational changes in the area of surveillance

The revised policy, which was approved in September 2015, has been formally adopted and implemented in all subsidiaries except Ucell in Uzbekistan where formal adoption is planned for the first half of 2017.

Assessment and escalation

A group instruction sets out practical steps regarding assessments and escalation that are to be carried out whenever a local company receives a request or demand that may have potentially serious impacts on the freedom of expression of individuals. Guidance is provided in a form for assessments and escalation, a tool that we have shared publicly and that is included in the GSMA’s Policy Handbook.

Unconventional government requests are to be assessed by the local company and escalated within Telia Company for informed decision-making, including considerations from outside of the often complex and stressed specific local context, on if and how to perform a “point of challenge". This means adherling to local legislation while at the same time seeking to carry out measures to respect and support the rights of our users. Most often, what we can do is seek to share as much information as possible about the request publicly. While the process is intended to identify and mitigate potential violations to individuals’ freedom of expression and privacy, the actual outcome heavily depends on local laws, the safety and the capabilities of local employees.

Work during the year

Industry Dialogue and Global Network Initiative

The Industry Dialogue (ID), which in December 2016 included eight international telecom companies, adds leverage to advocacy promoting freedom of expression and privacy in the telecommunications industry. A description of the ID’s activities in which we actively contributed to shared learning during the year is available at www.telecomindustrydialogue.org. More information on how we implement the ID principles is available in a separate document.

The ID has a formal collaboration with the multi-stakeholder Global Network Initiative (GNI). By working together, the two initiatives provide a common platform for shared learning and leverage to advance freedom of expression and privacy rights in the ICT sector more effectively. In February, the ID and GNI agreed to merge and Telia Company entered with observer status within the GNI. We have continually been active in promoting the collaboration, which is intended to take full effect in March 2017.

Stakeholder engagement

We have promoted the ID principles at Turkcell, informing them of our work and inviting them to ID meetings and external events on freedom of expression and privacy. This dialog will continue in 2017.

During the divestment process of Tcell in Tajikistan, we met with Akfed, the buyer, to inform it of our work and share our experiences. Tcell’s escalations of major events continued after signing the divestment agreement.

Law enforcement disclosure reporting

We believe that the transparency of surveillance activities contributes to a world where freedom of expression and privacy is more strongly enforced. This is why we publish law enforcement disclosure reports (LEDR) twice a year. These reports can be found at www.teliacompany.com/en/sustainability/reporting/law-enforcement-disclosure-report.

The most recent report, which was released with this Annual and Sustainability Report, includes statistics covering conventional (day-to-day) requests from the police and other authorities in eight countries. The statistics, presented in the table below, show the number of authority requests in each country based on a court order or other legal demand by the police or other authority. These statistics are subject to limited assurance by Deloitte.

Authority requests* 2016

Country

Lawful 
interception

Historical data

Subscription
data

Challenged
/rejected 
requests

Denmark

5,940

2,089

9,649

3

Estonia

3,4031

1,870

275,4312

1,5833

Finland

3,513

2,070

7,301

19

Georgia

No statistics available

558

276

403

Moldova

No statistics available

10,296

5,462

179

Norway

2,273

6,382

9,781

129

Spain4

9,464

12,825

17,265

312

Sweden

3,425

2,425

1,885

165

* As explained below, direct access is not included in the statistics.
1) In Estonia, a direct access system is used. Telia in Estonia has full visibility into the number of requests.
2) This figure includes all requests for Subscription data. For other countries the corresponding figure only covers requests that are handled by authorized personnel, and automated requests that refer to a criminal case.
3) This figure includes all requests to which we were not able to answer, most often because the requested information was about a customer not of our operations but of another operator.
4) Figures cover the first and second quarter.

Telia Company and Telia in Lithuania have not been granted permission to publish statistics regarding how many requests we have received in Lithuania. For further information, see the full Law Enforcement Disclosure Report.

Differences in market share as well as the working methods of both authorities and within Telia Company make it difficult to compare statistics between countries. For definitions of the categories, please see the LEDR.

It is important to note that the figures show the number of requests from authorities, not the number of individuals that have been targeted. Pertaining to requests for cell tower dumps (i.e. requests that oblige the local operator to disclose data about the identity, activity and location of any device that connects to targeted cell towers over a set span of time), however, the number of affected individuals will naturally become larger than the number of requests.

Depending on the scope of the request, Telia Company is required to hand out varying amounts of customer data. This depends on the timeframe of the request as well as where the cells within the scope of the request are situated. In urban areas, the amount of disclosed data is naturally higher.

Our reporting on country local laws on freedom of expression and privacy in telecommunications is performed through contributions to the ID database on country legal frameworks. The database is available at www.telecomindustrydialogue.org/resources/country-legal-frameworks/. Additionally, the LEDR includes links to national laws that provide governments with direct access to information about our customers and their communication without having to request information from Telia Company.

Regarding governments’ direct access, i.e. signals intelligence (intelligence gathering through analysis and processing of communication signals) and real-time access without requests (technical systems for more extensive monitoring of telecommunications), Telia Company has no insight into the extent of such surveillance (when, who and what) and cannot provide any statistics beyond those provided within this report.

Unconventional requests

In addition to reporting statistics on conventional requests, we seek to publish information on unconventional requests or demands from governments (“major events”). During 2016, we closed some 40 such unconventional requests or demands from governments across our operations. To ensure consistency, group level experts facilitated local assessments and escalations. Points of challenge, where possible to establish and most often by being transparent, were defined jointly by local, regional and group management.

There are challenges when seeking to be transparent. Local laws that sometimes lack full clarity determine what can be published. There may be confidentiality provisions and/or constraints based on our duty to protect the safety of our employees. Issues regarding direct access are closely related to national security and are therefore complex and challenging to communicate. Counting the number of unconventional requests is difficult and subjective as they range from a demand to block one or several websites or shutting down a network locally to requests regarding direct access.

Planned work in 2017

In 2017, our work includes to:

  • Continue contributing to shared learning and standardization of reporting within the ID and GNI.
  • Improve governance and training to make internal process of assessments and escalations swifter, especially regarding requests and demands for direct access.
  • Implement human rights remedy and grievance mechanisms.
  • Develop a human rights policy to put freedom of expression and privacy into a clearer context of human rights commitments.
  • Review and implement the recommendations from BSR's Human Rights Impact Assessments. See case.

Case

Understanding and embedding freedom
of expression

Freedom of expression and privacy issues are often complex, not the least in the local context. Starting in October 2015, the independent non-profit organization BSR conducted human rights impact assessments of our respective operations in Eurasia, Lithuania and Sweden. BSR’s general recommendations1 how to continue embedding freedom of expression in our operations during 2017 and onwards are:

  • Consider the possibility of the ID/GNI to convene in a Eurasian country.
  • Continue transparent reporting on unconventional requests (“major events”).
  • Whenever possible, participate in policy legislative and regulatory consultation processes on telecoms and related laws.
  • Consider training of decision-makers in ICT and how freedom of expression and privacy can be supported or harmed.
  • Continue to actively contribute to drafting and using the ID and GNI position papers.
  • Continue collecting and reporting statistics on the number of conventional requests.
  • Collect and update information on laws on direct access.
  • Investigate new human rights risks that may arise in the TV and entertainment sector that may not be foreseen by the existing freedom of expression policy.

Read more about the HRIAs and the findings in “Human rights impact assessments”.

1) Specific local recommendations have been omitted here.

 

freedom_of_expression.png