1. Comment
March 30, 2022

Nokia Russian integration work highlights surveillance challenge

A March report in the New York Times – based in part on documents first examined by TechCrunch in 2019 – implies that Nokia played a special role in constructing Russia’s communications surveillance infrastructure. In fact, judging from the available facts, Nokia played no role in constructing that infrastructure. Moreover, the smaller role that Nokia did play in enabling Russian electronic surveillance is matched by all its network infrastructure competitors across the world.

Most countries impose a series of requirements on network operators related to criminal and national security investigations. Known as lawful intercept requirements, they allow law enforcement to identify communicating parties, the context of the communication, and often the content of that communication.

As a supplier to Russian telco MTS, Nokia was required to integrate its equipment with SORM (the ‘System for Operative Investigative Activities’ technical specification governing lawful interception of telecommunications and telephone communications in Russia), just as any other network infrastructure provider would have to do for its Russian customers. For example, network diagrams appearing in the Times article also show Cisco equipment. Since most countries have some form of lawful intercept regulations, this kind of work is part of most such relationships.

Limits on fundamental freedoms

Why make an issue of the Russian case now? Russia’s invasion of Ukraine has turned the spotlight on its increasingly strict limits on fundamental freedoms, including the freedom of speech. In a series of laws and decisions from 1995 to 2016, Russia made all its electronic communications available to a wide variety of state security agencies, with no requirement for warrants or other judicial review.

Implicit in the Times article is an assumption that network equipment providers should refuse to sell their solutions in countries that infringe on their citizens’ rights to privacy and speech. But drawing this line can be difficult. To take the example of the United States: public protections for speech and privacy are strong, but in 2013, Edward Snowden revealed a variety of much more sweeping secret government interception programs including PRISM and STORMBREW. While the restrictions embedded in SORM have always been public, other countries do not publicize the full extent of their surveillance.

Was it right to target Nokia?

Multinational communications infrastructure companies are poorly equipped to root out the full scope of a country’s surveillance infrastructure. They would also find it difficult to remove their products if surveillance became more severe after the products were installed. Without an industrywide consensus, another vendor would likely pick up the business that the first vendor had abandoned.

This is why the Times article’s focus on Nokia is so selective as to be unfair. As the company noted in its response to the Times article, it is trying to incorporate human rights factors into its bid process via the Global Network Initiative. This initiative is a good start, but a binding global solution to the problem may require regulation from the European Union and other jurisdictions with both a strong telecoms market and robust protections for the freedoms of speech and privacy.

Related Report