Paris-based Reporters Without Borders names five companies as “digital mercenaries” that have decided to sell their surveillance technology to authoritarian regimes.
National governments are increasingly purchasing surveillance devices manufactured by a small number of corporate suppliers and using them to control dissidents, spy on journalists, and violate human rights, the advocacy group Reporters Without Borders warns in a new report released this afternoon.
The group’s 2013 report for the first time names five private-sector companies “Corporate Enemies of the Internet” for their choice to become “digital mercenaries” and sell surveillance and censorship technology to authoritarian regimes.
“If these companies decided to sell to authoritarian regimes, they must have known that their products could be used to spy on journalists, dissidents, and netizens,” Reporters Without Borders says. The companies: the U.K.’s Gamma Group, Germany’s Trovicor, Italy’s HackingTeam, France’s Amesys, and Blue Coat Systems, based in Sunnyvale, Calif.
The focus on surveillance technology is a shift from the Paris-based advocacy group’s list of the nations that are the most repressive in terms of Internet censorship. This year’s list of the worst governments lists Syria, China, Iran, Bahrain, and Vietnam as the five nations that engage in the most extensive surveillance of their citizens.
Not on the list this year: Burma, Cuba, North Korea, and Uzbekistan, which made an appearance in 2012.
Reporters Without Borders’ list of the worst corporate offenders comes after years of media reports and disclosures, including a December 2011 release by WikiLeaks, about the growth of the international surveillance-industrial complex.
It’s become big business for the companies that show up at restricted-access conferences to try to sell new spy technologies. The most popular conference of the sort, with 1,300 attendees in 2011, is in the Middle East, where nearby governments are “the most avid buyers of surveillance software and equipment,” according to The Washington Post.
Amesys, a unit of French technology firm Bull SA, has boasted that it can aid governments in moving from eavesdropping on one person to “full country traffic monitoring,” including automatic translation and mapping of real-world social networks based on who’s talking to who.
Amesys’ presentation offers a one-stop shop for nationwide monitoring, including GSM cell phone communications, satellite signals, Internet communications, and phone calls. The company touts its “huge range of sensors and analyzing probes” and — in an echo of what the former East German secret police attempted decades earlier — a “centralized intelligence system gathering all information.” Moammar Gadhafi’s secret police used Amesys technology to monitor Internet traffic in Libya, The Wall Street Journal reported.
Reporters Without Borders says the companies sell hardware and software that can be used for both targeted and wholesale surveillance. Here’s a list of the group’s complaints about each of them:
• HackingTeam: “Hacking Team’s ‘DaVinci’ Remote Control System is able, the company says, to break encryption and allow law enforcement agencies to monitor encrypted files and emails (even ones encrypted with PGP), Skype, and other voice over IP or chat communication. It allows identification of the target’s location and relationships. It can also remotely activate microphones and cameras on a computer and works worldwide. Hacking Team claims that its software is able to monitor hundreds of thousands of computers at once, all over the country.”• Gamma: “Gamma International sells interception equipment to government and law enforcement agencies exclusively. Its FinFisher Suite (which includes Trojans to infect PCs, mobile phones, other consumer electronics and servers, as well as technical consulting) is regarded as one of the most advanced in today’s market…During a search of an Egyptian intelligence agency office in 2011, human rights activists found a contract proposal with an offering from Gamma International to sell FinFisher to Egypt. The company said that no deal has been made.”
• Trovicor: “Trovicor monitoring centers are capable of intercepting all ETSI-standard communications. That means phone calls, text messages, voice over IP calls (like Skype) and Internet traffic…Media reports as well as research by human rights groups around the world suggests that monitoring centers have been delivered to Bahrain and led to imprisonment and torture of activists and journalists.”
• Amesys: “The system consists of a network probe, storage systems, and monitoring centers for the purpose of analysis. The software allows for the creation of files on individual users, examples of which were found when anti-Gaddafi rebels raided the offices of Libya’s secret police. EAGLE is based on Deep Packet Inspection technology and can analyze all kinds of Web-related activities. The Amesys documentation lists the various kinds of online activity that can be inspected, including email (SMTP, POP, IMAP as well as Web mail), voice over IP, different chat protocols as well as http-Web traffic and search engine queries.”
• Blue Coat: “Blue Coat offers Deep Packet Inspection technology, which can be used to survey and censor the Internet… The presence of 13 Blue Coat devices in Burma was confirmed in 2011…In 2012, the Telecomix-Collective, a well-established hacker group that helped maintain connections to Egypt and other countries when governments tried to shut down access during the Arab Spring, released 54GB of logfiles which they say establish the presence of 15 Blue Coat proxy servers (Blue Coat Proxy SG9000) in Syria.”