Telecoms giants BT and Vodafone have insisted they do not reveal customers' data unless required by law, in the wake of reports that they handed over information to eavesdropping agency GCHQ. Documents said to have been leaked by whistleblower Edward Snowden apparently show that a number of telecoms companies allowed GCHQ access to undersea cables which carry their phone and internet traffic, allowing them to see details of customers' phone calls and email conversations.
Names of the firms, also said to include US-based Verizon, were revealed by Germany's Suddeutsche newspaper which claimed to have details of a spy programme, codenamed Tempora, which allows GCHQ to tap into fibreoptic cables and store data. Suddeutsche reported that internal papers from GCHQ from 2009 showed the companies - some of which were given codenames - including Verizon Business (known as Dacron), BT (Remedy), and Vodafone Cable (Gerontic), as well as Global Crossing, Level 3, Viatel, and Interoute.
The reports are the latest in a series of claims prompting public concern over "snooping" by intelligence agencies in both the US and UK. Other documents released by Mr Snowden revealed that the US National Security Agency (NSA) paid £100 million to GCHQ over the last three years to access and influence British intelligence-gathering, The Guardian reported earlier this week.
Although an inquiry by the Intelligence and Security Committee has found GCHQ did not use the US internet monitoring programme to circumvent UK laws, its chair, Sir Malcolm Rifkind, said it would mount a wider investigation into the legislative framework governing the intercept of communications.
In the wake of the claims concerning telecoms companies, both BT and Vodafone said today that questions relating to national security were for governments, not telecommunications providers, and that they did disclose any customer data unless required to by law.
A spokesman for BT said: "Questions relating to national security are for governments, not telecommunications providers. Having said that, we can reassure customers that we comply with the law wherever we operate and do not disclose customer data in any jurisdiction unless legally required to do so."
A Vodafone spokesman said: "Media reports on these matters have demonstrated a misunderstanding of the basic facts of European, German and UK legislation and of the legal obligations set out within every telecommunications operator's licence, in Germany and beyond. Cables carrying international communications traffic pass through multiple jurisdictions. Within the European Union, the legal protections and obligations with regards to those communications are defined under relevant EU legislation (as well as the European Convention on Human Rights) which is in force across EU member states, including Germany and the UK.
"Vodafone complies with the law in all of our countries of operation, including - in the case of our European businesses - the EU Privacy Directive and EU Data Retention Directive. Our business in Germany complies with German law, including Article 10 of the German Constitution, the German Telecommunications Law and the Federal Data Protection Law.
"Our business in the UK complies with UK legislation which is derived from the same EU Directives, above, that are incorporated into German legislation, and which incorporates the European Convention on Human Rights. In all countries - including Germany - all operators must comply with the legal obligations that are specified in their licence conditions by national governments.
"Whilst Vodafone must comply with those obligations (as must all operators), Vodafone does not disclose any customer data in any jurisdiction unless legally required to do so. Questions related to national security are a matter for governments not telecommunications operators."
Earlier this week, Foreign Secretary William Hague praised the work and "integrity" of GCHQ on a visit to its headquarters, highlighting the vital nature of its work and stressing that its staff acted "in full accordance with our laws and values". Snowden has been granted asylum in Russia for one year after spending weeks holed up in a Moscow airport in the wake of being revealed as the man behind a series of leaks about the activities of US intelligence agencies.
The former National Security Agency systems analyst had been at Moscow's Sheremetyevo airport since his arrival from Hong Kong on June 23. The latest documents released by Mr Snowden revealed that the US National Security Agency (NSA) paid £100 million to GCHQ over the last three years to access and influence British intelligence gathering, The Guardian reported.
The newspaper said the payments were set out in documents which made clear that the Americans expected a return on the investment. Sir Malcolm said the committee had already looked into the area when original allegations about Tempora came into the public domain.
"These allegations are not new about Tempora but they certainly allege more detail than was previously being reported in the newspapers," he said, adding that, under the Telecommunications Act, if warrants were issued then companies, like anybody else, would have to comply with them. "If a warrant has been issued in any way they have to meet their legal obligations," he said.
But he said that, even if agencies could access material, they could not actually look at any content, such as emails or telephone calls, without the correct legal authorisation, usually from the Secretary of State.