Italy cancels surveillance export to Egypt but new undercover documentary shows surveillance industry brazenly continues to export to repressive regimes
Subsequent to our letter of January 2017 to the Italian export authorities expressing our belief that the export of an internet network surveillance system to Egypt poses a clear risk to human rights, the Ministry of Economic Development has confirmed in a press release that the authorisation has been revoked.
While the decision is to be welcomed, a feature documentary broadcast yesterday on Al-Jazeera shows the severity of the surveillance industry’s threat to privacy and other human rights and the urgent need for its exposure. The documentary, relying on undercover footage, shows a number of Italian and international surveillance company representatives willing to export surveillance equipment with little regard to human rights.
PI, CILD, and Hermes have as a result written again to the Ministry. We have welcomed the Ministry’s decision regarding Egypt, and the agency’s transparency on the issue, as well as other positive steps the Ministry has taken regarding the export of surveillance technology.
Given the risk that the export of surveillance technology around the world poses however, we have also urgently requested that the Ministry releases detailed information about historical exports of surveillance technology, and that it clarifies what licenses have been approved and denied.
Transparency on export licensing is of fundamental importance to holding the surveillance industry and government decisions around it to account. Without knowing what licenses have been approved or denied, it is impossible for the public and Italian parliament to scrutinise government decision making. It is therefore imperative that MISE makes this data publicly available.
Italy’s obligation to provide such safeguards over the industry were recently confirmed by UN Human Rights Committee, independent UN experts responsible for monitoring states’ obligations under the International Covenant on Civil and Political Rights. During the review of Italy last month, the Committee expressed its concerns “about allegations that companies based in the State party have been providing on-line surveillance equipment to foreign governments with a record of serious human rights violations” and recommended that the Italian authorities “take measures to ensure that all corporations under its jurisdiction, in particular technology corporations, respect human rights standards when engaging in operations abroad.”
Providing transparency over those corporations’ exports will be a good place to start. We will keep this page updated with any developments.
English letter here
Italian letter here
Italian Authorities Urged to Act Following Reports of Internet Surveillance System Being Exported to Egypt [23/01/17]
Privacy International (PI), the Italian Coalition for Civil Rights and Freedoms (CILD), and the Hermes Center for Transparency and Digital Human Rights have today written to Italian regulatory authorities seeking urgent assurances and action after reports that a surveillance company has been allowed to export an internet surveillance system to a shadowy government agency in Egypt.
The letter is being sent after PI last month published a report describing evidence of the Syrian government’s ambitious surveillance projects aimed at monitoring the national communications infrastructure with the aid of various European companies, including Italy-based surveillance company Area SpA.
Area sells a range of surveillance equipment used to monitor telecommunications and internet traffic, and was last month reportedly raided by Italian law enforcement in connection to their business in Syria.
A June 2016 report published in La Stampa stated that Area SpA had been granted an export license by the Italian export control authorities to export internet surveillance equipment to the Technical Research Department (TRD) in Egypt.
The surveillance system reportedly being exported can collect, store, and analyse information about large numbers of people, often without any regard to whether they are legally suspected of wrongdoing. In countries with weak rule of law and under the control of an authoritarian government, these systems are wielded to violate the right to privacy, and pose a serious threat to privacy and other human rights.
The reported importer of the surveillance system, the TRD, is a little known and shadowy branch of the Egyptian intelligence apparatus. Last year, PI published a report on the agency, drawing a link between the purchase of surveillance technologies by the agency and a pattern of political repression and curtailment of press freedoms.
In our letter, which is being sent to the Ministero dello Sviluppo Economico (MISE) as well as key committees and parliamentarians, we argue that that the export of an IP network communications surveillance system to the TRD poses a clear risk to human rights.
Recent months have seen an increased clampdown on legitimate dissent, freedom of expression and overall the capacity of human rights defenders to operate in Egypt. Various UN human rights independent expert bodies, including the UN Special Rapporteurs on freedom of expression, freedom of peaceful assembly and association, and human rights defenders and the UN High Commissioner for Human Rights have expressed serious concern regarding the deterioration of human rights in the country.
The EU Parliament passed a resolution on 10 March 2016 calling for “the suspension of any form of security cooperation with Egyptian authorities” considering the recent backdrop of human rights violations, including torture, deaths in custody and enforced disappearances across the country, while the Council of the EU in 2013 stated that “Member States also agreed to suspend export licenses to Egypt of any equipment which might be used for internal repression” .
Reports that Italy has allowed the export to go ahead also comes as the investigation into the torture and murder of Italian student Giulio Regeni is still under way In Egypt, where police recently admitted to spying on Regeni prior to his murder.
Given the information available on the use of IP network communications surveillance systems for human rights abuses and the deteriorating human rights protection in Egypt, we are asking that the authority urgently provides several assurances, including on the accuracy of the reports, whether they accept the accuracy of reports detailing the human rights situation in Egypt, and whether they carried out sufficient human rights due diligence prior to granting the license. We are asking whether the authorities will now revoke the license given the human rights concerns.
PI, CILD, and the Italian chapter of Transparency International previously wrote to MISE in July 2015 after another Italian surveillance company, Hacking Team, were themselves hacked and found to have been exporting hacking software around the world, including to numerous authoritarian countries with records of severe human rights abuses. In the letter, we urged clarification as to how the agency was regulating the export of Hacking Team’s systems, and whether they were paying sufficient attention to human rights considerations and obligations. Since international regulations agreed at the Wassenaar Arrangement came into effect in Italy in January 2015, MISE was required to regulate Hacking Team’s software, but had granted the company a more permissive general export license allowing it to export around the world with only periodic reporting and oversight requirements.
MISE never responded, but in April 2016 reportedly cancelled Hacking Team’s global license, requiring the company to apply for a separate license every time they wanted to export to an individual country outside of the EU. The decision came after the abduction of murder of Italian student Regeni in Egypt, though there is no indication that the events are related. Since then, MISE has reportedly frozen Hacking Team’s authorisations and 18 separate individual requests to export its product abroad, which the company’s head has said has cost the company hundreds of thousands of euros and lost them dozens of clients. Hacking Team is currently challenging the decision in Italian courts.
PI also wrote to MISE and Italian representatives in 2014 to ask that they subject the export of Hacking Team’s surveillance system to a unilateral “catch-all” authorisation, requiring the company to apply to the government before exporting abroad. In that case, MISE initiated the regulation, but subsequently granted the company the general license due to intensive lobbying by the company’s CEO among influential contacts in the Italian government and security apparatus.
The Italian government had used a similar unilateral provision in September 2012 in relation to the Syrian Telecommunications Establishment in order to apply restrictions on Area’s surveillance operations in Syria.