The Ministry of the Interior’s allegations about information security risk are baseless

The statements presented in public by representatives of the Ministry of the Interior on Tuesday, February 14, 2006 have understandably caused extensive anxiety among TeliaSonera Finland Oyj’s (TSF) customers and in the whole industry. TeliaSonera Finland therefore wishes to state the following, correcting erroneous information presented in public.

In the first half of 2005, the Ministry of the Interior announced a public tender for the provision of telecommunications services for its administrative branch. On October 31, 2005 the Ministry announced that an operator other than TeliaSonera Finland had been selected to provide the voice services.

On account of the above, the Ministry of the Interior requested in a meeting of the co-operation group of the Ministry and TSF in January 2006 that TSF should submit the customer details concerning the mobile phones of the Ministry of the Interior’s administrative branch to the members of the said co-operation group. The co-operation group has a few members from the Ministry of the Interior’s administrative branch and from TSF. There are no outsiders in the group.

TeliaSonera Finland submitted the requested information by e-mail. This procedure is also used between TSF and the Ministry in conveying confidential information. The e-mail message in question was carried all the way in a closed network managed by TeliaSonera and delivered directly to the e-mailboxes of the co-operation group members on the Ministry of the Interior’s server.

The e-mail in question did not contain call identification data or any other data falling within the scope of confidential communications.
The Ministry of the Interior had not and has not security-classified the customer information in question in any way, nor did the Ministry give TSF any other special instructions as regards the handling of the information in question.

In the meeting of February 10, 2006, the representatives of the Ministry of the Interior all of a sudden told TSF’s representatives that they were anxious whether it might be possible to tap the subscriptions of the Ministry’s administrative branch based on the information submitted to the Ministry. According to TeliaSonera Finland’s view expressed in the meeting in question, this is not possible. The subscription details cannot have fallen in the hands of any outsiders based on TeliaSonera’s actions. The equipment used in the e-mail process is TeliaSonera’s equipment with the exception of the authorities’ own equipment, and only TSF’s own security-classified administrators have access to it. Based on the information delivered, tapping or other kind of violation of communications confidentiality is not possible.

The Ministry later expressed its anxiety about the fact that the e-mailboxes of the TSF employees representing TSF in the co-operation group in question are on a server that is located in Sweden.

TeliaSonera uses an e-mail service that is common to the whole Group. The service is provided in co-operation between the production teams of TeliaSonera Finland Oyj and TeliaSonera Sweden Ab. E-mail messages are therefore conveyed from TeliaSonera Finland through TeliaSonera Sweden’s production facilities. All communications traffic is conveyed over protected networks, and no outsiders have access to the messages transmitted in TeliaSonera Finland’s network.

All TeliaSonera Finland’s 2.5 million mobile subscriptions are completely safe to use. The issue here is not a problem in TeliaSonera’s networks or services.

Further, in a news item of the Finnish News Agency STT published yesterday, Rauni Hagman, the Director-General of the Finnish Communications Regulatory Authority, also stated that the matter is not such that it would require FICORA to take any special action. TeliaSonera Finland considers that it has not violated the terms of the agreement between the parties in any way, nor violated the law concerning the safekeeping of information, maintenance of database or disclosure of information.

Further information: Esa Korvenmaa, COO
TeliaSonera Finland Oyj
Tel. +358 2040 21000
E-mail: firstname.lastname@teliasonera.com