UK firm’s spyware used to snoop on Bahraini activists, police told
An investigation by the human rights group Bahrain Watch claimed that three pro-democracy Bahraini activists who were granted asylum in the UK, Moosa Abd-Ali Ali, Jaafar al-Hasabi and Saeed al-Shehabi, were spied upon using a software program called FinFisher.
“To find out that I was not even safe in the UK made me very upset,” said al-Hasabi. “It is wrong for the Bahrain government to be able to hack into my computer from overseas. And I think it is wrong for a British company to help them to do that.”
The complaint has been filed on Monday to the National Cyber Crime Unit of the National Crime Agency (NCA) – the UK’s equivalent of the FBI – for “unlawful interception of communications” under the UK’s Regulation of Investigative Powers Act 2000 (RIPA). The rights group also claims that Gamma is liable as an accessory for assisting Bahraini authorities.
Bahrain Watch showed that while Moosa, Jaafar and Saeed were residing in the UK, Bahraini authorities targeted the activists and had their computers infected with the surveillance trojan FinFisher.
FinFisher used to be produced by the UK-based firm Gamma International, but is now run by a firm in Germany. At the time the Bahraini activists’ computers were infected, Gamma was the producer of FinFisher.
“While it’s long been known that Gamma has provided surveillance capabilities to Bahrain, amongst other countries, the extent of Gamma’s complicity in Bahrain’s unlawful surveillance of individuals located abroad has only recently been confirmed,” Privacy International said.
FinFisher is able to copy and transmit documents, remotely turn on cameras and microphones, as well as send emails from other people’s accounts, Privacy International explained. It is considered to be one of the most sophisticated programs of its kind in the world.
Last year, Gamma International made Reporters Without Borders ‘Corporate Enemies of the Internet’ list for 2013, which singled out five “digital mercenaries” who sell their surveillance technology to authoritarian regimes.
Reports from the Citizen Lab suggest 35 countries, including Ethiopia, Turkmenistan, Bahrain and Malaysia, have used FinFisher to monitor dissidents, journalists and human rights activists.
Bill Marczak, a computer science doctoral candidate at the University of California, helped investigate the use of FinFisher spyware against activists and journalists in Bahrain in 2012, as well as in other states.
“We saw it being targeted against Bahraini journalists and activists last year. We’ve also found servers for the spyware in a number of other countries, such as Turkmenistan, Qatar, Ethiopia,” Marczak told RT last year, when the broadcaster participated in a WikiLeaks project to cast a light on the industry.
“Many surveillance companies open up offices in other countries, and create opaque corporate structures,” said Mike Rispoli, a spokesman for Privacy International.
“We hope that, during the course of its investigation, the police help us bring more transparency to what Gamma is selling now, Gamma’s relationship with Bahrain, and whether the company still holds relationships with the governments who previously bought FinFisher.”
Adriana Edmeades, legal officer for Privacy International, said companies like Gamma have been enabling the “unlawful conduct” of repressive states, while suggesting that they bear no responsibility for the products that they supply.
“We think it’s time that companies like Gamma, which earn blood money from providing pernicious technologies to states which are known to torture and repress, are made to face the consequences of their doing so,” Edmeades said.