While mobile operators use the network monitoring system to keep up the quality of service and follow up on users’ requests and service quality, how do security agencies use this system? Who is managing this system?
The Lebanese security agencies depend on a monitoring tool called Astellia, which mobile operators use to run their network performance tool. This fact was uncovered after the Minister of Telecom asked to buy/upgrade the license with a friendly agreement and without going through Public Procurement procedure.
The two mobile operators in Lebanon, Alfa and Touch, who are state-owned and managed by the Ministry of Telecom, want to upgrade their Astellia system anyway. Yet, the security agencies refrained from going to the Procuring Entity as stated in the Public Procurement Law for “security reasons,” as disclosed in the media.
Mobile operators usually use Astellia as a real-time monitoring and troubleshooting solution that covers 2G, 3G, and 4G from radio access to the core network. Astellia is also a provider of network and subscriber intelligence, enabling mobile operators to drive business performance.
The network performance and Quality of Service monitoring solutions are highly beneficial for mobile operators seeking to maintain high-quality services, improve operational efficiency, and stay competitive in the telecommunications market.
The network performance monitoring systems help operators with network optimization and make targeted improvements to enhance the overall quality of service for their customers by identifying areas of congestion, weak signal coverage, or other issues. They also allow them to run troubleshooting when network problems occur to help minimize downtime and reduce the impact on customers’ connectivity.
The operators also use the monitoring system for quality of service assurance, where these solutions help operators measure key performance indicators (KPIs) and ensure that their networks meet or exceed these standards—the monitoring systems also assist operators with subscriber experience management and capacity planning.
The Lebanese government is now discussing with Astellia’s mother company EXFO, a Canadian company that “develops test, monitoring and analytics solutions for the global communications industry, with over 35 years of experience.”
Meanwhile, privacy and security concerns arise for many reasons, especially since this proves that the Lebanese authorities grant security agencies and armed forces complete access to all telecommunication data and provide them real-time access to the telecom monitoring tool.
Privacy and security concerns
The top 4 security agencies work in parallel and sometimes compete on wiretapping, while the Lebanese ministries have been accused of committing routine breaches of or neglecting personal data protection.
The telecom network monitoring system allows the operators to collect identifiable information and personal data to maintain the quality of service.
Thus, it is very concerning if a third party accessed this system without authorization or privacy protection. In the case of Lebanon, the security agencies’ access to the Astellia system and tagging a user’s number for instance could lead to privacy violations, surveillance and tracking, targeted harassment, and security risks, especially if not executed according to the law and the related judiciary rules and authorization.
However, we have yet to have a law dedicated to privacy in Lebanon; instead, we have a general law for e-transactions and personal data (81/2018) and another old law on wiretapping (140/1999). In addition, a source who preferred to keep his identity undisclosed told SMEX that the Lebanese security agencies already have a wiretapping system that they can use. “The top 4 security agencies haven’t agreed on who will manage the system, so they took the easier path by going directly to the telecom operators, which raises many questions here,” he added. “Is this access authorized by judicial decision?.”
This kind of access of a civic tool or misuse of telecom or location data by security agencies would undermine trust in government institutions and pose significant risks to privacy and freedom of expression. In addition, the use of civic tools by security agencies will disturb the telecom work; this is not healthy,” the source affirmed.
Giving access to security agencies shifts the direction and benefits of the system to security matters, which leads to overwhelming the monitoring system with more than four security agencies in addition to the operators.
Security agencies’ access to the civic network monitoring tool may also affect the whole telecom sector and discourage investments. Who is willing to buy or manage this sector while employees focus on security matters or security agency representatives are accessing the system?
In addition, the access given to security agencies could end with privacy and human rights violations, presumption of innocence, freedom of expression concerns, and repression.
Therefore, increased transparency is imperative to justify maintaining the telecom service, general security, and the fundamental right to privacy.
