[liberationtech] Azerbaijan wants to register mobile phones

Pavol Luptak wilder at trip.sk
Mon Jan 9 15:47:35 PST 2012 

Hi!

On Mon, Jan 09, 2012 at 12:00:30PM -0500, Katrin Verclas wrote:
> 
> Are there any emergency or national security laws that allow the government to gain control of mobile network (e.g. suspend network, conduct interception, etc)?

Data retention law (at least in the EU):
https://en.wikipedia.org/wiki/Telecommunications_data_retention

> Article 16 entitles the government during times of martial law and state of emergency "to preference in use of necessary telecommunication nets, units and means and can stop, limit their use or apply special rules for use of communication."  New rules require all operational mobile devices (cell phones) in the territory of Azerbaijan to be registered at Mobile Devices Registration System (MDRS). MDRS is not ready yet and is to be set up by the Ministry of Communication and IT. All cell phone carriers will have to connect their networks to MDRS. Information required for the system will include cell phone's IMEI code, a number associated with that phone and serial number of the SIM card. A cell phone will work only with a number associated with it and registered at MDRS. Otherwise, cell phone operators will have to block it.In practice, it means the government will be able to switch off every phone in the country.

This is also possible in Slovakia/EU if there is a "suspicion" (which can be
quite unclear what is the "suspicion") and consequently obtain court order...
	
> Are there any restrictions on encryption, including on VoIP? Is encryption allowed or forbidden? 

I think it is illegal in the EU to provide _publicly_ end-to-end calls
encryption (without possibility of interception for legal/secret agencies).
At least in Slovakia, if you decide to find out "ultra secure mobile operator"
and provide end-to-end encrypted calls without possibility to intercept these
calls by legal authorities, you will not receive an official license for this
business. What practically means that this kind of business is illegal.

Of course you ca provide end-to-end encrypted calls for private companies,
organizations, etc., you can sell crypto phones and all other crypto devices,
but you cannot offer completely public end-to-end call encryption services
for all people...

I guess the situation is similar even in the US - I don't know if it is legal
to provide encrypted voice calls services _publicly_ (for all people) 
without possibility of interception of legal/secret agencies.

> The telecom law does not specify any restrictions on encryption.  VoIP service is considered a form of communication and requires a license (source: http://news.day.az/hitech/69561.html).

That's also true in the EU. If you are VoIP service provider, you also need
to follow the data retention law... 

I believe the situation in Azerbaijan is really bad, but probably not so worse
than in the other developed countries :-(

Pavol
-- 
_______________________________________________________________
[wilder at trip.sk] [http://trip.sk/wilder/] [talker: ttt.sk 5678]
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 230 bytes
Desc: Digital signature
URL: <http://mailman.stanford.edu/pipermail/liberationtech/attachments/20120110/909978a5/attachment.asc>

More information about the liberationtech mailing list