From protests precipitated by Facebook posts to internet censoring by authoritarian regimes technology has played a prominent role in the world’s recent moments of social unrest. We all know that the governments of Iran and Egypt and Libya eavesdrop when their citizens talk, but to listen in on Yahoo chat or Skype they needed help. Where that help came from might surprise you. Companies in the UK, Germany, France, the US and other countries in the West have sold software to regimes that enable them to spy on their citizens – ironically the same regimes those countries are now trying to topple.
Reporters from the Wall Street Journal recently discovered a technological spy headquarters in Tripoli. They found stacks of paper documenting thousands of conversations between Libyan citizens that had been intercepted by Moammar Gadhafi’s agents. They also saw a sign on the wall that read, “Help keep our classified business secret. Don’t discuss classified information out of the HQ.” The logo on the sign belonged to Amesys, a subsidiary of the French company Bull SA, that develops equipment to monitor communications over the Internet. According to the Wall Street Journal, in 2009 Amesys provided Tripoli with their Eagle system. A kind of “deep packet inspection” technology, the Eagle is a powerful monitoring tool that can eavesdrop on emails, chats, and other online communications. A poster in the room instructed Eagle users: “Whereas many Internet interception systems carry out basic filtering on IP address and extract only those communications from the global flow (Lawful Interception), EAGLE Interception system analyses and stores all the communications from the monitored link (Massive Interception).”
Since the story broke, Amesys responded with a press release to address the “great deal of erroneous and false information” that has appeared in recent media. They confirm that they signed a contract with Libyan authorities in 2007, but only to monitor “a small fraction of the Internet lines...(a few thousand). This did not include either Internet communications via satellite (as used in Internet cafes), encrypted data such as Skype-type communications, or filtering of Web sites.”
Maybe Gadhafi’s cronies simply liked the French company’s logo.
Whatever their involvement, Amesys is hardly alone in their dealings with Gadhafi. The Chinese telecom company ZTE Corporation sold Libya technology that was used in their monitoring operations. The WSJ offered no more details but mentioned that a ZTE spokeswoman declined to comment.
To tap international phone calls Libya acquired technology from VASTech SA Pty Ltd, a South African firm. In a separate building that housed the country’s international phone switch a room occupied by Gadhafi’s security agents was outfitted with VASTech devices. A person there familiar with the operation said the agents recorded between 30 and 40 million minutes per month from both landline and mobile phone conversations. The recordings were then stored for years. When WSJ tried to contact the company “VASTech declined to discuss its business in Libya due to confidentiality agreements.”
Narus, a part of US-based Boeing, makes sophisticated Internet-monitoring products. Narus reps met earlier this year with Libyan officials “as they looked to add sophisticated Internet-filtering capabilities to Libya’s existing monitoring operation.” When queried by WSJ, a Narus spokeswoman said, “Narus does not comment on potential business ventures.” But added, “There have been no sales or deployments of Narus technology in Libya.”
Notice a pattern?
Perhaps if those pesky WSJ reporters hadn’t stuck their noses in Libya’s spy headquarters there wouldn’t be all this buzz and company spokeswomen wouldn’t be losing sleep at night. But the fact is, getting help from the West to spy or censor is nothing new for Middle Eastern and North African rulers.
Skype, the online video and voice software, is a favorite among would-be revolutionaries because its powerful encryption technology makes it difficult to tap. But leave it to Western entrepreneurs to find a way in. FinSpy is a “spyware” that can listen in on computer audio streams and therefore get around Skype’s fortress of encryption. It’s produced by Britain’s Gamma International UK Ltd. A “Top Secret” memo from Egypt’s Interior Ministry was discovered earlier this year. Dated Jan. 1, 2011, the memo described a trial that took place between August and December of last year in which Egypt gave Gamma’s hacking technology a test run. The memo reported the trial’s “success in hacking personal accounts on Skype” and “recording voice and video conversations over the Internet.” Gamma reps were showcasing their technology to governments at a trade show in Dubai this past February. The titles of their presentations were “Monitoring Encrypited Data on Computers and Mobile Phones” and “Applied Hacking Techniques used by Government Agencies.” Once again, WSJ reports that “Gamma officials there declined to be interviewed.”
Other Western companies develop software that allows networks to block Skype use altogether. Two companies based in California, Boeing’s Narus Inc. and Bitek International Inc., and Germany’s Ipoque GmbH sell such products to overseas buyers. Who? We don’t know, as “the companies all declined to discuss their foreign customers” when asked by the WSJ.
McAfee Inc., now part of Intel, sold Internet-filtering software to Bahrain, Kuwait, and Saudi Arabia. The Canadian company Netsweeper has sold similar software to the United Arab Emirates, Yemen and Qatar. Despite a company policy that it "does not sell to governments or Internet Service Providers that are engaged in government-imposed censorship," San Diego-based Websence Inc. has sold Internet-filtering technology in Yemen. Thanks to the technology Yemen's government is able to block online tools used to disguise people's identities from government probes. Websence released a statement in 2009 about how their technology was used in Yemen: "On rare occasions things can slip through the cracks."
In China, prying government officials wouldn’t stand for a device that would allow their people to talk about anything they damn well please. When the Luxembourg-based company brought Skype to China in 2004 they had to create a special version of the software with filters that block text chats containing politically sensitive words.
Of course, China would lose the respect of other intrusive regimes if they merely filtered out naughty words. A report released in 2008 by the University of Toronto’s Citizen Lab, which researches how digital media impacts human rights, showed that China goes far beyond simple filtering. Messages containing sensitive keywords, such as “Taiwan independence” and the dissident group name “Falun Gong,” are uploaded and stored on servers in China. The report also adds that “many of the captured messages contain words that are too common for extensive logging, suggesting that there may be criteria, such as specific usernames, that determine whether messages are captured by the system.”
Skype’s not the only company tailoring their technology to be more intrusion-friendly for Chinese officials. Last May the Human Rights Law Foundation sued networking equipment manufacturer Cisco Systems for helping China to build a firewall that specifically tracks members of Falun Gong.
There seems to be a disconnect between the US government and US companies dealing their censorship-enabling technologies. Secretary of State Hillary Clinton had this to say last year, “Censorship should not be in any way accepted by any company from anywhere. And in America, American companies need to take a principle stand.” So what’s a government to do when its profit-minded, non-idealistic companies don’t listen? Fight technology with technology. The State Department has recently put $20 million towards funding software and technologies to help people in the Middle East get around Internet censorship.
A censorship that is enabled largely by US technology in the first place? Just making sure I got this straight.
A senior State Department official told the WSJ that the policy is in place to combat “a problem caused by governments abusing US products.” They really should put a paragraph on the box saying “This technology is not intended to be used to spy on, censor or otherwise oppress your people. Please store in a cool, dry location.”
The Western technology that decorates the Tripoli Internet monitoring center was made possible when Libya’s sanctions were lifted in 2004. Overnight, the country went from villainous to lucrative. I wonder if these companies have technology to track how many people are caught by governments using their devices. How many are jailed. How many are tortured. How many are murdered.
I’d ask them, but then, they’d probably decline to comment.
[image credits: Wall Street Journal]
images: Tripoli Internet Monitoring Center