In the past few weeks, we have witnessed another wave of government surveillance revelations. From the NSA’s spying on official and commercial targets in Brazil to the UK’s Government Communications Headquarters unlawfully eavesdropping on Amnesty International, many are questioning whether any target is still off-limits.
And now, we’ve seen evidence that Italy-based private contractor Hacking Team has sold its spyware to governments known for repression and human rights abuses, including the likes of Bahrain, Azerbaijan, Ethiopia and Sudan. It’s easy to imagine how this software, capable of breaking into citizens’ mobiles or computers and billed as a way to enhance policing and security efforts, could be misused to monitor, intimidate, and silence political opponents and regime critics.
We already know that similar surveillance technologies have been used to violate the rights of key members of our society, from human rights organisations to global leaders. While the revelations may come from different parts of the world, they are symptoms of the same phenomenon: increasingly powerful and unaccountable intelligence and law enforcement agencies, assisted by even less transparent private companies.
These events raise important questions about what measures governments need to adopt to ensure that surveillance efforts for law enforcement or national security are subject to strict and transparent oversight.
The NSA snooping on European officials, targeted surveillance against Amnesty International in the UK, and the deployment of hacking tools in several jurisdictions by companies like Hacking Team have nothing to do with security or law enforcement. These are all clear examples of illegal and illegitimate use of the power of technology to repress, control, or gain unethical advantage over opponents.
Bulk surveillance, conducted in secret, is never acceptable. We call on governments to undertake a full review of how surveillance powers are governed and used, and suspend such programmes immediately in cases where abuses of power are found. Furthermore, we call on governments to adopt clear and consistent regulations for companies that produce and export surveillance technology. For their part, surveillance tech companies should voluntarily disclose their client lists.
In the case of Hacking Team, we urge the Italian and EU authorities to call for an immediate and full investigation of the company’s activities. Furthermore, all national governments named as customers of Hacking Team must stop use of the software immediately, pending national investigations to determine how the technology has been used, and must provide sanction and redress where rights have been violated.