Defence minister Janko Veber landed in a massive pool of boiling water. Last week the parliamentary intelligence oversight committee made a surprise inspection of the OVS, the military intelligence service. The inspection uncovered that the OVS, acting on Veber’s orders, was making inquires about the sale of Telekom Slovenije, the state-owned telco which is in the final stages of privatisation of its large part. Since Veber, a senior official of the coalition SocDems has a bit of a history of loudness regarding the sale (before being appointed minister he decried the intended sale as high treason) and since the SD as such is less than lukewarm on privatisation of the company, all hell broke loose. The SDS and the NSi, the latter in the form of its young-and-stellar MP Matej Tonin were quick to claim Veber was abusing office and using the intelligence service to derail the already protracted sale. And to be honest, Veber didn’t do a particularly good job at proving them wrong.
Defence minister Janko Veber is in the spotlight these past couple of days (source)
The whole thing has a couple of dimensions. First, there’s the fact that Veber did a shitty job at explaining himself. He first claimed to have been within his rights and indeed duties and that he only asked the OVS to check the effects of selling Telekom on critical military, intelligence and first-response systems under the assumption that threat prevention would be harder if Telekom was foreign-owned. Which of course begs the question just how easy is Telekom making it for intelligence services to wire-tap, collect and retain data while it is state-owned. To put in other words: could be be that in a post-Snowden world a privatised Telekom Slovenia would actually be good thing from the standpoint of an average Slovenian‘s privacy?
Because based on a report initially released by the ministry of defence after the story broke, the analysis showed that most of Slovenian first responders, civil defence and natural disaster management services use Telekom infrastructure and commercial services and that quality of those would diminish if the company would become foreign, possibly German-owned. However, the report has a couple of problems. It’s not really an analysis but rather an amalgam of second-hand reports, mostly from Croatia, where Deutche Telekom snapped up their state-owned telco and statements that existing quality of service needs to be maintained even after the sale is completed. While legitimate concerns, these aren’t exactly rocket science and you don’t really need military intelligence service to come up with a two-page report.
And secondly, the report pre-dates Veber’s order to OVS upon which the parliamentary committee “stumbled”. At that point calls for Veber’s resignation were mounting and despite his initial defiance he soon realised that his was a precarious position as PM Cerar did not exactly run to support him. As a result and at insistence of the NSi the defence minister admitted to existence of a second, more detailed report which he even declassified although it is still a working paper, not a final document. This report shows various sections of the OVS have a different take on the effects of the sale. The predominant view seems to be that the ownership of the company does not matter and that there are no reports on potentially harmful effects of the sale, but the OVS did not yet make a final conclusion.
This report has a problem, too. And that is that Veber, although he claims all along that he was only acting in the interests of national security, declassified a working paper which pointed out a division within the OVS and did so without batting an eyelid the moment his political survival was at stake. This, of course, gives some credence to claims by Tonin that Veber was following a political rather than a national-security agenda when he issued the order.
But then again, the parliamentary intelligence committee, too, didn’t just stumble upon the relevant documents. The inspection party, which besides Tonin included MPs Branko Grims of the SDS and Matjaž Nemec of the SD, knew exactly what it was looking for. At the very least, Tonin and Grims did. Tonin later claimed they were pointed in that direction by an OVS whistleblower. But for a person to become a whistleblower, he or she must go public with the information if not reveal his/her identity. What Grims and Tonin came up with was an inside leak by an informant within the secret service. Which smacks of precisely the same abuse of intelligence service they are accusing Veber of.
So what we are looking at, in fact, is amateur night of attempts to make political gains over sale of Telekom, market value of the company be damned. The MPs obviously knew what they were after, which makes this a political raid rather than a proper parliamentary inspection. And yet, at the same time Veber is stumbling over his own legs trying to come up with some sort of plausible explanation for his misconduct. Because misconduct this was.
The last, and most worrying dimension of the whole issue is the fact that Veber ordered military intelligence to poke around a civilian issue. This country was built on re-establishing civilian control over the military and anything that smacks of things being the other way around. OVS is not the only government service to use Telekom infrastructure. It is also not the only one to wire-tap its cables. In fact, SOVA and possibly the CrimPolice are the only government inteligence agencies that can legally and legitimately make inquires into deals about Telekom. Even more, they can do so in behalf of the OVS as well, leaving the military spy-service well out of it.
This appears to have dawned on the SD as well. Namely, earlier today Siol.net (ironically, a news portal in part owned by Telekom) reported that the freshly minted party gen-sec Dejan Levanič threatened the party will quit the coalition should PM Cerar demand Veber’s resignation. But Levanič later claimed he was misunderstood while party boss Dejan Židan said Veber’s dismissal was only a hypothetical posibility and reiterated Veber was victim of a smear campaign.
Perhaps. But the fact remains that he asked a part of the military to busy itself with a civilian matter. And he is doing a very poor job of explaining himself. If this drags on much longer, the OVS report might become less of a problem than a defence minister who is turning into damaged goods.
Foreign nationals owning crucial Slovenian infrastructure is only good for an average Slovene’s privacy if you think that privacy is only worth preserving against Slovenes. How stupid do you have to be to assume that while we are listening in with total ease, no other nation in the world would do the same?
All of this is presupposing that opportunistic sampling is not already taking place, which is a tall order.
D
Yes and no. The thing is that Slovenian intelligence services can easily circumvent existing legal hurdles by either listening to international communications and if “by chance” a Slovenian national happens to be a part of such communication (i.e. part of a phone call from Croatia to Austria), well, tough luck.
Alternatively, a Slovenian intelligence service can ask a friendly organisation in, say, Austria, to do the dirty work for them.
But on the other hand, one can imagine that a spy service can access cables and data of a state-owned telco much easier than that of a private-owned one. Because in addition to legal ways to do so there are also political ways since senior positions in state-owned firms, in Slovenia at least, are always subject to political hore-trading, where favours are called in with much more ease.
So in this respect, one could make the argument that private (not necesary foreign) ownership does make at least a little bit of a difference.
I see your point.
I was not clear enough before, mostly because reasons*. But here it goes:
What we know: We know for an absolute fact that there are ways to listen in and decrypt mobile phone conversations in nearly real-time. And for the attack I have in mind time is of no consequence, anyway (I am not a conspiracy theorist. Aljaz, feel free to check where I work – my employer is contained in my email address – and draw your own conclusions). We postulate a very high probability of this in fact already being done by state actors (I do not know about Slovenia, although it is feasible). It does not take much and it is technically fairly easy for a foreign embassy, that is for example close to the houses of the parliament or the foreign ministry to collect and listen in on all the mobile traffic going on nearby. So this is what I meant by saying that opportunistic sampling is already going on, probably. Why shouldn’t it? Think of an edge you would have in trade agreement negotiations, or corporate takeovers if you knew in advance exactly what is the lowest your opponent is prepared to go and exactly how desperate they are. Think of all these aides who get instructions from their bosses, all the lobbyists who call their employers after a meeting with a politician to tell them how it went, etc.
So then our brilliant plan is to give full access to all the cell towers to a foreign nation. They would be completely insane if they did not intercept and sift through all communications they could get their hands on. And sell the bits they don’t need to the highest bidder. They are there to protect their country’s interests, not ours. Oh, but they would not do that, right? Because we are friends, right?
We know that in some European countries all copper based communications are intercepted, transcribed (if needed), sorted, archived, or discarded if they are of no interest. Giving a foreign nation access to your copper is a sure fire way to make all communication collections by them a whole lot easier. I know how I would do it, it is not even that hard or expensive. So, the difference between now and a future where say Germany owns our copper is that now our intelligence agencies can eavesdrop with ease and in the future foreign agencies could, cutting out our agencies. I am not saying that our agencies are doing it now. I don’t know, nor care. But we would surely make it a lot harder for us and a lot easier for others if we sold off our infrastructure. So that is what I meant by saying that it is good for privacy only if you define it in the context of our intelligence agencies not knowing much about you.
The distinction between private and state-owned telco largely depends on who owns the infrastructure. Private telco that uses state owned interconnects does not need to be consulted at all, the interested actor can simply listen somewhere down the line when the communication goes over the state owned copper. Private telco that owns the infrastructure too (a) needs to connect to the world in places. This is where one can listen in, or (b) is willingly or unwillingly cooperating with intelligence agencies already or (c) has been thoroughly compromised by intelligence agencies knowingly or unkonwingly (google “the equation group” or the “NSA ANT catalog”).
D.
*Aljaz, it turns out that there are several conditions that need to be fulfilled in order to be put on an NSA watch list and your communications screened (see for example: https://www.schneier.com/blog/archives/2014/07/nsa_targets_pri.html). Because of what I do and researchers I associate with, there is very little doubt that I am on those lists several times over. Publishing this comment is a very good way for you to get on those lists too. Just saying. It’s up to you. You may be on them already. Feel free to delete this last part in case you want to.