Thursday

22nd Oct 2020

EU companies banned from selling spyware to repressive regimes

  • The European Parliament wants to clamp down on exports of surveillance technology (Photo: Helena Spongenberg)

European companies selling online surveillance technology have come under increasing criticism from NGOs and the European Parliament after it emerged their products had helped regimes in Iran, Egypt and Libya to clamp down on protesters.

"We need to ask for more transparency from companies before they actually sell these technologies. It's not about sanctions and trade restrictions, it's about making sure the new technologies are not systematically used to repress citizens," Dutch Liberal MEP Marietje Schaake told this website after the European Parliament last month approved banning spyware exports to repressive regimes.

Read and decide

Join EUobserver today

Become an expert on Europe

Get instant access to all articles — and 20 years of archives. 14-day free trial.

... or subscribe as a group

Following the democratic uprisings in the Arab world, several European companies found themselves under fire from NGOs and the media for being careless about where their technology ends up. French and US technology, for example, had been used extensively by Libya's dictator Moammar Gaddafi for spying on the online activities of opposition activists.

An investigation by the Wall Street Journal into the deserted compound of Gaddafi's secret police in Tripoli found a monitoring centre "lined with posters and English-language training manuals stamped with the name Amesys, a unit of French technology firm Bull SA."

Amesys admits it equipped the monitoring centre in 2008, but insists that it did nothing illegal and points to the rapprochement between Western powers and the Libyan dictator at the time.

"The contract was related to the making available of analysis hardware concerning a small fraction of the Internet lines installed at that time (a few thousand). This did not include either Internet communications via satellite (as used in Internet cafes), encrypted data such as Skype-type communications, or filtering of Web sites. In addition, the hardware used did not allow for the monitoring of either fixed or mobile telephone lines," a statement from the French company reads.

But according to the Wall Street Journal, Amesys "equipped the centre with 'deep packet inspection' technology, one of the most intrusive techniques for snooping on people's online activities." One file seen by the US paper, dating back to February, the early stage of the anti-Gaddafi protests, includes a 16-minute Yahoo chat between a man and a woman, in which he worries that he has become a target as "the Gaddafi forces are writing lists of names." He tells her he will go into hiding and phone her from a new number.

Amesys was also singled out in a recent report by Freedom House, an international NGO promoting freedom on the internet. Italian and British firms are also accused of having sold online spying software to Middle Eastern and North African countries.

"Britain’s Gamma International provided its product FinSpy to Egypt’s security service, which used the product to monitor dissidents’ online activities.  This spyware infects the computers of dissidents and allows the security service to capture key strokes and intercept audio streams, even when the dissidents are using encrypted email or voice communications such as Skype. The Italian company HackingTeam has sold software to security agencies in the Middle East and North Africa that bypasses Skype’s encryption and captures audio streams from a computer’s memory," the paper reads.

HackingTeam's only product is the Remote Control System, which according to its brochure "bypasses protection systems such as antivirus, antispyware and personal firewalls" and tracks emails, SMS-es, online activity and can even record skype calls or regular cellphone calls. The software is designed for police and intelligence services engaged in "digital investigations."

"We only sell RCS to 'authorized' countries, that is, we take into full account international recommendations about embargoes, civil liberties violations, treaties," David Vincenzetti from HackingTeam told this website. He refused to name the countries HackingTeam is selling its product to, citing "confidentiality". Vincenzetti said that they have some 30 customers in 20 countries "without any geographical concentration."

But this kind of response is exactly what MEPs are trying to avoid in the future.

"They always say it's confidential and act under the radar, so we can't share information about the situation on the ground. Currently reporting on dual use technology - which can be used both for tracking down wrong-doers and to repress citizens - is done after the export has taken place. And it depends on member states or companies to report if something went wrong," Schaake notes.

Instead, the European Parliament wants a more "pro-active system" so that when private companies are pressed to reveal private data or if their programmes are misused for surveillance and censorship of citizens, the EU could provide "political support", Schaake says.

"We have to increase the level of knowledge among politicians. There are standard lists of military technology banned for export during an embargo on a country. But this is not updated to include online weapons," she added.

EU commission defends telecoms surveillance law

A controversial EU data retention law is 'necessary' and will not be scrapped, the responsible commissioner said Monday. EU citizens have gained nothing from it, but lost their privacy, NGOs claimed while a group of member states are now facing multi-million euro fines for not implementing the rules.

Europol wants to host EU cyber crime centre

The EU's joint policy body, Europol, is angling to host a new European cyber crime centre, with the European Commission due next year to decide where to put its new defence against online threats.

EU struggling to fight cyber crime

Faced with increasing cyber attacks, the EU is looking at a new law criminalising the use of 'zombie' computers and is setting up a 'cyber crime' agency and special teams of IT firefighters. But specialists and data privacy defenders remain unconvinced.

The EU and cyber security

Cloud computing, smartphones, viruses attacking nuclear plants. In the October Focus, the EUobserver turns its attention to cyber security and EU's attempts to set up rules for safer navigation on the internet.

'There's a computer worm in your nuclear centrifuge'

With the discovery of Stuxnet, a computer worm believed to have been developed by the US government to shut down a nuclear plant in Iran, European companies like Siemens are coming under increased pressure to secure software operating 'critical infrastructure' such as power plants or water treatment facilities.

News in Brief

  1. Commission to press Croatia on migrant 'abuse' at border
  2. Belarus opposition awarded 2020 Sakharov Prize
  3. Belgium's foreign minister in intensive care for Covid-19
  4. MEPs restrict CAP funding for bullfighting
  5. Coronavirus: Liège is 'the Lombardy of the second wave'
  6. UK to keep out EU nationals with criminal past
  7. Report: EU to restrict travel from Canada, Tunisia, Georgia
  8. Pope Francis supports same-sex civil unions

Opinion

All eyes on EU court for decision on religious slaughter

The European Court of Justice is currently facing a major question: can religious freedom coexist with animal welfare? The decision of whether religious slaughter can continue is expected in a matter of weeks.

Investigation

EU money used by neo-Nazi to promote Holocaust denial

A prominent Holocaust-denier has made the cover of an EU-funded newsletter, which was published by an avowed German neo-Nazi with a lengthy criminal record. The lack of clear labelling of the MEP behind it violates European Parliament rules.

Stakeholders' Highlights

  1. UNESDAMaking healthier diets the easy choice
  2. Nordic Council of MinistersUN Secretary General to meet with Nordic Council on COVID-19
  3. UNESDAWell-designed Deposit Return Schemes can help reach Single-Use Plastics Directive targets
  4. Nordic Council of MinistersNordic Council meets Belarusian opposition leader Svetlana Tichanovskaja
  5. Nordic Council of MinistersNordic Region to invest DKK 250 million in green digitalised business sector
  6. UNESDAReducing packaging waste – a huge opportunity for circularity

Latest News

  1. Nato and EU silent on Turkey, despite Armenia's appeal
  2. EU tells UK to decide on Brexit as deal 'within reach'
  3. EU farming deal attacked by Green groups
  4. France vows tough retaliation for teacher's murder
  5. All eyes on EU court for decision on religious slaughter
  6. 'Big majority' of citizens want EU funds linked to rule of law
  7. EU declares war on Malta and Cyprus passport sales
  8. EU Commission's Libya stance undercut by internal report

Join EUobserver

Support quality EU news

Join us