Spyware Firms In Breach Of Export Sanctions
Spy equipment producers are breaking laws and circumventing international sanctions by agreeing to sell stock to countries known for human rights abuses, and to clients who do not declare the end user.
This means surveillance tools could easily fall into the hands of armed groups, corporations, governments cracking down on dissent, or opposition leaders, an exclusive investigation by Al Jazeera reveals.
During Spy Merchants, a four-month undercover operation, Al Jazeera secretly filmed representatives of two Italian companies and one Chinese business agreeing to sell spyware that is capable of tracking millions of people online and able to intercept phone calls and text messages without anyone finding out.
The vendors boasted of being able to side-step the law by using sister and shell companies and explained how to possibly circumvent export regulations by lying about the details of shipments and using third countries exempted from certain rules as stopping places.
Posing undercover as a middle man buying equipment for the South Sudanese and Iranian governments, our reporter James (not his real name) was able to negotiate deals to acquire surveillance tools that Iran is prohibited from buying and that would cause serious human rights concerns in South Sudan.
The two Italian companies, IPS and AREA, indicated that they were open to the possibility of violating European laws to sell equipment that would end up in the hands of Iranian and South Sudanese clients, where they could potentially be used to spy on citizens.
China-based business Semptian, meanwhile, was ready to sell spying gear worth nearly $3 million without knowing who the recipient would be.
When our reporter asked Semptian cofounder Frank Feng if previous buyers had used shell companies, Feng responded: "We have done it. We don't know who is the private company and who is the end user. And we don't care about it. This way is good, because we have done it before."
Nuclear weapons of 21st century
Former British intelligence officer Julian Richards described powerful surveillance tools as "the nuclear weapons of the 21st century".
"These are the things that states that want to get ahead in, in their security capabilities. These are the things they'll pay big money for," he told Al Jazeera.
The equipment these surveillance companies make is used to monitor phone and internet traffic on a large scale.
The so-called IMSI catchers and IP Intercept systems are respectively used to listen in on phone calls and text messages, and can be used to spy on the internet usage of millions of people.
"When these technologies end up in the wrong hands. They end up with agencies which have a very proven and bloody history of repression and human rights abuse," Claire Lauterbach, a researcher at Privacy International, told Al Jazeera.
"It's truly remarkable, when you consider what the implications of this might be."
The surveillance systems do have legitimate uses for intelligence and law enforcement agencies, but they are often used by repressive governments to track political dissidents.
"I found that activists, students, journalists, opposition figures in North Africa and the Middle East would be [targeted] and sometimes be imprisoned as a result of these systems coming from Europe," said Marietje Schaake, a member of the European parliament focused on foreign affairs trade and technology.
After viewing Al Jazeera's investigation, she said: "I found that unacceptable then, and I find it unacceptable today."
The companies our undercover reporter approached seemingly had no problem in forging documents to make sure the deal would go ahead.
"First, we are ok with Iran. Of course, it's subject to export restriction. But this is something that we can manage," said IPS sales manager Ugo Santillo.
By using a sister company and describing the hardware sold by IPS as a "traffic management system", IPS said it could sell IP intercept systems to Iran.
In response to these allegations, IPS told Al Jazeera that they operate with full respect of the regulations.
They added: "We had no intention of completing this or any deal with the individual our staff met with. Any deal that we may have discussed with him would have to be dependent on obtaining the full legal authorisation from the authorities."
Freedom of speech curtailed
AREA, meanwhile, was prepared to discuss selling IMSI catchers, tools that can spy on mobile phones without users' knowledge, to South Sudan, despite serious human rights concerns and EU sanctions.
In South Sudan, according to Human Rights Watch , government forces and opposition fighters "committed serious abuses against civilians" in the civil war, and authorities there "harass, intimidate, and arbitrarily arrest and detain journalists".
Pagan Amum, a South Sudanese politician, was forced to flee the country in 2013 when the war began after becoming the target of government surveillance. He was arrested and accused of plotting a coup.
"The government with that surveillance has reduced the political space for our citizens to speak, the right of freedom of speech has been curtailed, even to speak in private," he told Al Jazeera.
"To conduct this surveillance, in violation of the law, this is absolutely very dangerous, it becomes actually, just like weapons of mass destruction," he said.
AREA explained what it described as a typical industry tactic: theoretically one could sell surveillance equipment by getting a licence to export to Tanzania , it said, from where the IMSI catcher would be "donated" as a "gift" to South Sudan.
Ultimately, AREA did nothing more than set up a meeting with a Turkish partner, BTT.
To obtain this export license the Turkish partner, offered to lie by stating that the hardware is telecom equipment and not used to spy on people.
"I say this is dual use telecom equipment, okay," BTT's Alper Tosun told our reporter. "And most of the time, it is telecom testing equipment. This is the main purpose that I am declaring."
Absolutely unacceptable
In the past, AREA has been caught selling spy equipment to a country with a history of abusing its citizens.
In 2011, the company made a deal with the Syrian government worth almost $14 million.
Although AREA claimed it had a valid export license to supply Syria, company executives were recently accused of falsifying export documents relating to the 2011 deal.
"I find it absolutely unacceptable that there are people willing to sell to places where human rights violations are obvious," said MEP Schaake.
In the case of South Sudan, she said, the country "is on the brink of massive violence. I do believe that every individual, no matter who their employer is, should really look at themselves in the mirror and wonder, 'What am I doing?'"
BTT did not respond when asked for comment about these allegations.
AREA said it "works with the relevant governments to ensure the proper export and legal use of our equipment."
The company declined further comment until seeing the evidence.
Huge effects for democracy
Semptian, the Chinese company, was also ready to sell IMSI catchers.
At one point, impatient company cofounder Feng encouraged our reporter to buy sooner rather than later because he had to reach a sales "performance" target.
Using a shell company, Semptian was ready to sell our reporter 10 IMSI catchers without knowing who would end up using the spying tools.
To remain anonymous, Feng told our undercover reporter that the company would remove all logos and branding from the surveillance equipment.
Semptian did not respond to a request for comment for this programme.
"Anyone with enough money is able to buy these highly sophisticated systems which could proliferate all over the world. I would like to see more accountability and transparency in this very, very dark and dangerous market," said MEP Schaake.
For Privacy International's Lauterbach, continued illegal trading of surveillance could threaten the foundations of many societies.
"If we can't find a way to bring surveillance and the practice of surveillance within the rule of law, it's going to have huge effects for democracy," she said.
After Spy Merchants was completed, Al Jazeera received a letter from lawyers acting for IPS denying all wrongdoing. They specifically denied that Chief Executive Officer Fabio Romani or any other person in a position of authority at IPS ever attempted to sell its products and services in Iran.
You Might Also Read:
We Are In A New Era Of Espionage:
The Future of Government Surveillance - Looks Like This:
Phineas Fisher Fingered: Hacking the Turkish Government:
African States Quick To Adopt Network Surveillance:
