Q&A: Coalition Against Unlawful Surveillance Exports (CAUSE)

News
April 3, 2014

Q&A: Coalition Against Unlawful Surveillance Exports (CAUSE)

 

What is the CAUSE? 

 

The Coalition Against Unlawful Surveillance Exports (CAUSE) brings together leading global and national human rights and other NGOs, who are all calling for governments to take action on the international trade in communication surveillance technologies. These technologies consist of specially designed software, equipment and expertise to enable the interception of digital and other communications. The Coalition’s aim is to ensure that governments establish strict trade controls to stop the proliferation of such technologies and their use to violate the right to privacy and other human rights. 

 

 

Who is in the CAUSE? 

 

Founding members on the Steering Committee of the coalition include Amnesty International, Digitale Gesellschaft, FIDH, Human Rights Watch, the New America Foundation’s Open Technology Institute, Privacy International, and Reporters Without Borders. 

 

 

What is the problem?

 

Private companies across the world are developing, selling and exporting surveillance systems that are then used to violate human rights and facilitate internal repression, all with little accountability.

 

These technologies are made and sold by private companies based in industrialized countries to state law enforcement and intelligence agencies in countries across the world. The customized and ‘ready to buy’ systems have been discovered in countries that persistently commit serious human rights violations. Governments can use the technologies to target activists, human rights defenders, journalists, demonstrators, NGOs, political opponents, religious or ethnic minorities and to conduct countrywide surveillance. 

 

The use of intrusive surveillance has a dramatic impact on the right to privacy and other human rights like freedom of association and freedom of expression. The latest technologies enable governments to track, monitor and spy on people’s activities like never before. This activity has been linked to the commission of other violations, including arbitrary arrest, intimidation, beatings, torture, and extrajudicial killings, where individuals or groups are identified or targeted following surveillance by state authorities. 

 

The arbitrary interception of communications and remote copying of digital files without permission is a blatant violation of the right to privacy. Article 12 of the Universal Declaration of Human Rights and Article 17 of the International Covenant on Civil and Political Rights safeguard against “arbitrary interference” with the right to privacy.

 

 

How extensive is the trade in communication surveillance technologies?

 

CAUSE members have estimated the annual global trade in communication surveillance technologies to be worth between US$3 billion and US$5 billion, and it is growing by 20 per cent every year. The main producers of such technologies are companies and security agencies in the European Union, the USA, Russia, China, Canada, Israel, and South Africa, but the list is growing. There is little to no regulation currently in place to control the international trade in these technologies, especially to safeguard against transferring them to governments or others who are likely to use them for serious human rights violations and abuses. 

 

 

What is the solution?

 

CAUSE is calling for a “Core Rule” governing transfers of communications surveillance technologies. Transfers should not be allowed to proceed unless thorough analysis can show there is not a substantial risk the recipient state would use the technologies to arbitrarily interfere with the right to privacy or violate other human rights. 

 

Governments must take strong action to tackle the proliferation and abuse of these technologies across the world. It should be self-evident that such intrusive surveillance technology should not be exported to countries where they may be used for arbitrary invasions of the right to privacy, or to facilitate other human rights violations. 

 

These technologies are easy to proliferate and abuse, so should always be highly regulated and only used with great care by law enforcement agencies under strict judicial supervision. For example, in each case, authorization must be sought from a judge and a warrant issued before an individual can be targeted. 

 

In December 2013, the Wassenaar Arrangement – an association of 41 of the world’s largest arms exporters (excluding China and Israel) – took a step in the right direction when it developed guidelines to include this technology in its control lists. However, the control lists are not sufficient by themselves, and a lot of the technologies being sold are not covered by some of the definitions contained in the proposed lists. 

 

The best instrument to control the trade would be a legally binding treaty. Strict international criteria based upon international human rights law must be developed and implemented to ensure transparency and oversight of this huge, largely unregulated industry. Governments must also take into account the disastrous human rights impact these technologies have – no export licences should be granted unless all of the legally binding criteria are fully met by the recipient law enforcement agency. Intrusive technologies should never be exported to companies or individuals.

 

In addition to robust legal controls, the companies that manufacture and export these technologies must set strict business practices that ensure they do not facilitate human rights violations. They cannot abdicate responsibility if their products are knowingly sold to countries where the use of technology to violate human rights is a foreseeable risk.

 

 

What types of technologies are there? What do they do?

 

There are a variety of communication surveillance technologies currently on the market. These include: malware that allows surreptitious data extraction from personal devices; tools that are used to intercept telecommunications traffic; spygear used to geolocate mobile phones; monitoring centres that allow authorities to track entire populations; anonymous listening and camera spying on computers and mobile phones; and devices used to tap undersea fibre optic cables to enable mass internet monitoring and filtering. 

 

To give an example of how they can be used, the British-German company Gamma International has made specific malware that can infect a person’s computer and phone without their knowledge. The government that purchases the malware can then use it to gain access to individuals’ devices and extract emails, data, text messages, contacts, calendar, content of calls and even turn on the camera and microphone remotely.

 

 

Whom do they target?

 

Anyone can be a victim of a government’s abuse of these technologies.

 

They have been used against anti-government groups in Bahrain and journalists in Morocco. In al-Gaddafi’s Libya, they were used to record all calls coming in and out of the country.

 

State security services in a growing number of countries are freely able to target groups of opponents whom they wish to place under surveillance. Some, like the USA, can monitor the communications of entire countries by using systems that tap undersea fibre-optic cables that carry the communications. 

 

 

Where have these technologies been used?

 

An interactive map on the CAUSE website (www.globalcause.net) details which companies and countries have supplied these technologies and where their use has been reported. CAUSE members have also documented the human rights violations linked to the supplies.  For example:

  • Technologies from the French company Amesys were found in Colonel al-Gaddafi’s Libya.
  • Technologies from the German company Trovicor were found in Syria and Iran.
  • Technology from the Italian company Hacking Team was found in Morocco and the UAE.
  • Technologies from the Dutch company DigiVox were found in Nigeria.
  • Technology from the Canadian firm Netsweeper was found in Yemen.
  • Technology from the US company Naurus was found in Mubarak’s Egypt, al-Gaddafi’s Libya, and Pakistan.

 

 

Are these technologies legal?

 

There is nothing inherently illegal about selling these communication surveillance technologies. Governments and companies say they are used for legitimate law enforcement and intelligence purposes to defeat terrorism and crime. However, government agencies should only be allowed to use them according to a strict legal framework as outlined above (i.e. warrant, judicial authorization, necessity, legality, proportionality). These technologies are found in many countries with non-existing or very weak legal systems or in countries with very poor human rights records.

 

The technologies are considered “dual use”, i.e. they have both a civilian and military/security use. This presents a challenge for states to prevent them from being exported to countries on human rights grounds. However, strict regulations are already enforced on the trade in “dual use” goods that could be used to make weapons of mass destruction or military equipment, so many states already have similar sophisticated trade control systems in place. International standards for these controls have been agreed by the 28 states in the European Union and the 41 states of the Wassenaar Arrangement, an association of the world’s largest arms exporters (excluding China and Israel).

 

 

Can these technologies be bought by private individuals?

 

Currently, the only thing stopping a private individual from buying the technologies is company policy – their manufacturers say that they only sell them to governments. While the use of such technologies by a private individual would likely be illegal under most countries’ national data protection laws, and the company would risk being held legally liable for assisting this, there is nothing in principle beyond company policy preventing a private individual from purchasing the technology.

 

 

How is this different to the mass surveillance revealed by Edward Snowden?

 

Edward Snowden, a US national and former computer technician – who had also worked for the National Security Agency (NSA) and the Central Intelligence Agency (CIA) – exposed large-scale surveillance efforts worldwide by US and UK government agencies. His leaks of information to major media outlets demonstrated the ability of certain states to undertake surveillance on a massive scale, violating users’ privacy. Amnesty International has publically condemned this type of mass surveillance. 

 

The CAUSE addresses the international trade in communications surveillance technologies – including software, equipment and expertise – as one important dimension of the problem. Its aim is to stop the proliferation of such technologies and their use in many countries around the world to target and intimidate individuals, including political opponents, journalists and human rights activists.