Europe's news in English

COPY LINK

PRIVACY

Telia leaks customers’ private phone logs

Swedish telecom firm Telia has come under fire after the company published customers' private information, leaked their bills online, and revealed lists of SMS and phone call recipients.

Published: 13 August 2013 11:57 CEST

Telia leaks customers' private phone logs

Several customers of Telia, the Swedish subsidiary of Swedish-Finnish telecom company TeliaSonera, learned this week that their information had been leaked for several months and was still available on Google cached documents. One of those affected was 28-year-old Madelene Dalebrand Wachler from Hudiksvall in eastern Sweden.

“[Swedish tabloid] Aftonbladet rang me and explained that my billing statements were viewable online… you could come in directly and see it all – all the calls I’d made and all the people to whom I had sent an SMS,” she told The Local.

The information came with names, addresses, telephone numbers and even lengths of the phone calls.

“It’s terrible. Some of the people I had contacted had private and unpublished numbers, and all of this has been leaked by Telia,” she added.

Wachler has since contacted authorities at Sweden’s Data Inspectorate (Datainspektionen) who have promised to launch an investigation into the matter.

“I’m also looking into getting compensation from Telia. Information shouldn’t be available like this, it’s horrible and it’s quite scary actually. And it makes it harder to trust all these big companies,” she said.

Telia spokesman Hans G. Larsson was shocked to learn of the leaks, confirming that only a few people were affected.

“This in unacceptable, of course, and it’s something we will be looking into. We do offer our customers confidentiality and this involves the data protection act,” he told Aftonbladet.

He explained that the system had been shuttered later on Monday night, which meant no customers were able to see their own statements online at the time.

“If you need to pay a bill over the coming days, you can log into My Pages [Mina sidor] on Telia to see the statements,” Larsson told the TT news agency.

“Thank goodness, this seems to have been very limited. Nothing points to it being a large group of customers being affected, but it’s bad enough already,” Larsson told the TT news agency.

Oliver Gee

Follow Oliver on Twitter here

Member comments

Log in here to leave a comment.

Become a Member to leave a comment.

How Austrian privacy activists are taking on tech giant Google

Google headquarters in the rain. Photo: TOLGA AKMEN / AFP

The action against Google is the latest in what Schrems, 33, describes as “David versus Goliath” struggles against the internet’s giants.

Leading a team of seasoned lawyers at his privacy campaign group NOYB (None Of Your Business), the relaxed and affable Schrems tells AFP he is motivated simply by the fact that companies that dominate the internet “make profits from violating the laws”.

READ MORE: Eight weird and wonderful Austrian place names

NOYB was set up in 2018, at the same time as the European Union implemented its landmark General Data Protection Regulation (GDPR), legislation aimed at making it simpler for people to control how companies use their personal information.

The handful of employees at NOYB are currently pursuing no fewer than 150 complaints in various jurisdictions.

“Ideally we should not exist,” says Schrems, pointing to publicly funded watchdogs that ought to be keeping companies in line.

“The problem is that in many member states that is not properly done,” he adds. He cites the example of Ireland, where numerous multinationals have their European headquarters.

That means around 4,000 complaints are filed with the Irish authorities every year but according to Schrems “this year they plan to have six to seven decisions.”

That means that “99.9 percent of the cases… are simply taken and thrown in the trash can”.

“That is a fundamental problem we have in Europe, we are very good at passing laws and praising ourselves about… how great we are at human rights, but we are actually not very good at enforcing it,” he says.

‘Wilful’ rule-breaking

The latest complaint against Google has been filed with the CNIL, France’s data protection authority.

At the same time, NOYB has an active complaint against Apple over a similar tracking code issue, despite Apple’s stated intention to update its operating system later this year to force app developers to ask users’ permission before tracking their activities across other companies’ apps and websites.

A decade after Schrems tackled his first cases, his outrage at the opaque workings of internet giants has not dimmed, in particular at what he terms “wilful” rule-breaking.

“If no one follows the rule and gets away with it, then why even bother having a democratic process in the first place?” he asks.

He laments the tendency for groups such as the internet’s “Big Four” — Google, Facebook, Amazon and Apple — to engage in “responsibility shifting” to users by introducing new and often bewildering layers of privacy settings.

For example, “Facebook regularly puts out a hundred more buttons with options and then they present it as more privacy for the user, whereas in reality no one in the world is going to click on these buttons,” he says.

‘Anti-Zuckerberg’?

In the context of a debate that has sprung up in relation to coronavirus contact tracing apps, Schrems said he was surprised at the widespread concern over the apps’ privacy implications — despite many of them being well designed in this respect.

“It is a bit strange to think that people trust Google with all their data, but they wouldn’t trust their health ministry,” he says.

Alongside his current legal battles, Schrems is also keeping an eye on talks between the EU and the United States on the thorny matter of data transfers.

He has won two of his most famous legal victories in relation to that issue: in 2020 one of his complaints led the EU’s top court to strike down an online data arrangement known as “Privacy Shield” between Europe and the US.

In 2015, another case brought by Schrems scuppered a previous EU-US deal on which tech giants depended to do business.

What are the chances of a replacement deal that won’t meet a similar fate?

Schrems expects “a half-half solution” that will lead to “Schrems 3,4,5” being thrashed out in the courts, adding: “It’s kind of weird to have your name on a case.”

He strikes a modest tone when reflecting on the way he has become something of a poster boy for online privacy, the “anti-Zuckerberg”.

“You need a David versus Goliath and so on, so I accepted to be that David for the sake of having stories on it,” he says.

In the same way that “you need a Greta Thunberg to have a face on climate change because it’s a very abstract debate… I may sometimes be the face of that privacy debate,” he says.

Url copied to clipboard!