Vodafone employees accessed journalist Natalie O’Brien’s call and text records in 2011, after she wrote reports about problems with the company’s Siebel security system. According to a leaked email, Vodafone managers asked employees to use “any means available” to uncover the source of O’Brien’s information. Vodafone commissioned an investigation by a top accounting firm, the results of which it refuses to release, while denying any “improper behavior.” However, after public pressure intensified this week, Vodafone reversed course and has asked federal police to investigate. We call on Vodafone to cooperate fully with investigators, release the independent report it commissioned, publicly explain what actions the company took after it became aware of the breach, and promise non-repetition. The company should strive to implement encryption, including end-to-end encryption, which would prevent employees from being able to access user data like this in the future.
…16 September 2015