Posts Tagged ‘surveillance technology’

United Arab Emirates: Dubai Expo continues whitewashing – EU Parliament call for boycott

October 4, 2021

Expo 2020 On 1 October 2021. Human Right Watch published “UAE: Tolerance Narrative a Sham Censorship; Surveillance; Prison or Barred Entry for Critics”. It stated that the United Arab Emirates authorities are using Expo 2020 Dubai to promote a public image of openness that is at odds with the government’s efforts to prevent scrutiny of its rampant systemic human rights violations. See also: https://humanrightsdefenders.blog/2021/09/03/uaes-new-human-rights-institute-sounds-like-a-joke/

Expo 2020 is a prominent global cultural event built on the free exchange of ideas. Domestic critics are routinely arrested and, since at least 2015, UAE authorities have ignored or denied requests for access to the country by United Nations experts, human rights researchers, and critical academics and journalists. The government’s pervasive domestic surveillance has led to extensive self-censorship by UAE residents and UAE-based institutions; and stonewalling, censorship, and possible surveillance of the news media by the government. “Dozens of UAE peaceful domestic critics have been arrested, railroaded in blatantly unfair trials, and condemned to many years in prison simply for trying to express their ideas on governance and human rights,” said Michael Page, deputy Middle East director at Human Rights Watch. “Expo 2020 is yet another opportunity for the UAE to falsely present itself on the world stage as open, tolerant, and rights-respecting while shutting down the space for politics, public discourse, and activism.” Expo 2020 is being held from October 1, 2021, to March 31, 2022, with the theme, “Connecting Minds, Creating the Future.”

This event, as with other expensive entertainment, cultural, sports, and educational events before it, is designed to promote a public relations image of the UAE as an open, progressive, and tolerant country while its abusive authorities forcefully bar all peaceful criticism and dissent, Human Rights Watch said.

…. Major international human rights organizations, including Human Rights Watch and Amnesty International, have also faced increased restrictions on their ability to visit and engage with government officials on human rights issues. Staff of both organizations were refused access to prisons and high-profile trials, and eventually admission to the country. UAE authorities have rarely responded to either organization’s requests for information or meetings.

The UAE has embarked on a decades-long effort to whitewash its reputation on the international stage. These efforts were made explicit in the government’s 2017 Soft Power Strategy, which includes cultivating “cultural and media diplomacy” as a central pillar and has a stated objective “to establish [the UAE’s] reputation as a modern and tolerant country that welcomes all people from across the world.” Expo 2020 is the latest in a long list of investments in ambitious cultural and educational projects that seek to further that goal, Human Rights watch said. Others include the acquisition of the Louvre, the Guggenheim, and New York University outposts, establishing Dubai as a luxury tourism destination, and hosting global cultural events such as the 2019 Special Olympics in Abu Dhabi and the upcoming World Expo in Dubai.  

While leading international academic and cultural institutions first established a presence in the UAE with the promise to serve the public good by promoting “ideas, discourse, and critical thinking,” they have since remained silent in the face of increasing repression of basic rights. … Some of those whose communications and devices were targeted by the government surveillance and who are residents of the UAE, were subsequently arrested and abused in detention.Among them is the prominent Emirati human rights activist Ahmed Mansoor. [See also: https://www.trueheroesfilms.org/thedigest/laureates/074ACCD4-A327-4A21-B056-440C4C378A1A] A UAE court sentenced Mansoor to 10 years in prison in May 2018 following a grossly unfair trial, partly based on private email exchanges and WhatsApp conversations. A 2016 Citizen Lab report demonstrated five other cases where arrests or convictions of users followed malware attacks against their Twitter accounts from 2012 to 2015. This repressive environment, coupled with the authorities’ use of advanced spyware to target anyone deemed a threat to the country, has led citizens, residents, and even journalists, academics, businessmen, and others who frequent the UAE to warily restrict their public criticism of the authorities. As one journalist said about their office based in Dubai, “The head of office is shit scared of the authorities … There is a practice of holding back stories if they can’t get official comment – which they often can’t. They don’t go hard on the UAE.” Governments and businesses have a human rights responsibility to avoid contributing to UAE authorities’ efforts to whitewash its abuses. As countries prepare to showcase their pavilions at the Dubai EXPO, they should help prevent the UAE’s whitewashing attempts by either advocating for the UAE to unconditionally release all those unjustly detained for exercising their right to free expression and to regularly open up the country, including its jails and its courts, to scrutiny by independent researchers and monitors, or not participate in the EXPO, Human Rights Watch said. “With widespread arrests, intimidation, surveillance, and retaliation that citizens and residents face for speaking out, Expo participants and other countries should raise concerns about rights abuses in the UAE,” ..The HRW report contains a lot more detail about the media repression.

The European Parliament has called on the United Arab Emirates to immediately release three prominent human rights defenders and urged EU member states to boycott next month’s Dubai Expo in order to “signal their disapproval” of rights violations. In a resolution adopted on Thursday, the parliament demanded the “unconditional release” of Ahmed Mansoor, Mohammed al-Roken, and Nasser bin Ghaith, as well as all other Emirati political activists and dissidents. Mansoor was arrested in 2017 on charges of publishing false information and rumours, and using social media to “damage the country’s reputation”.

According to letters that were published online in July, the 52-year-old said he had been held in solitary confinement since his arrest, cut off from the outside world as well as fellow prisoners.

Roken, a university professor and human rights lawyer, was arrested in July 2012, and convicted in July 2013 over charges of “establishing an organisation seeking to bring about the government’s overthrow”. He was sentenced to 10-years in prison and stood trial as part of a group that became known as the “UAE 94”. Former US intelligence officials admit to hacking for UAE at hearing in Virginia. See also: https://www.trueheroesfilms.org/thedigest/laureates/7B69B1D9-E359-444A-B448-02E8B9C0750C

Meanwhile, Ghaith, an economist, and human rights defender was arrested in August 2015 and jailed in March 2017 for 10 years over tweets that criticised Egypt, a key ally of the Gulf country. Ghaith had tweeted a picture of a burnt building in Cairo on 11 August 2015, a few days before the anniversary of the killing of hundreds of protesters in Rabaa square. 

In the resolution, which passed with 383 votes in favour, 47 towards and with 259 abstentions, the parliament criticised Mansoor’s prolonged detention and urged member states to boycott the upcoming World Fair in Dubai.

“In order to signal their disapproval of the human rights violations in the UAE, [the European Parliament] invites the international companies sponsoring Expo 2020 Dubai to withdraw their sponsorship and encourages member states not to participate in the event,” the resolution said.

Dubai has poured billions of dollars into Expo 2020, hoping the exhibition will generate new business and spur its economy amid a slowdown in growth due to the Covid-19 pandemic. 

Thursday’s strongly-worded resolution also condemned the role the UAE played in the extradition of women’s rights activist Loujain al-Hathloul. Hathloul was kidnapped in the UAE in 2018 and flown into Saudi Arabia against her will, where she faced a trial based on a loosely worded terror law often used to prosecute activists. She was released in February after almost three years in prison but is subject to a five-year travel ban and other restrictions.

On 15 September 2021 the Middle East Monitor has reported that the UAE had placed an additional 4 human rights defenders on its terror list:

Authorities in the United Arab Emirates (UAE) have placed 38 individuals and 15 companies on a terrorism list, saying they are “keen to target networks linked to the financing of terrorism.”

The updated list, issued by the Council of Ministers under Ministerial Resolution No. 83 of 2021, includes the names of four Emirati opposition figures living in exile: Ahmed Al Shaiba Al Nuaimi, Muhammad Saqr Al Zaabi, Hamad Al Shamsi and Saeed Al Tunaiji.

The UAE seeks to curb the political and legal activities of these activists who document human rights violations in the Emirates, WAM reported.

The four opposition activists are believed to be part of a small group that survived the state security apparatus’ 2012 arrest campaign of dozens of academics, lawyers, community leaders and students calling for political reform. However, they were outside the country and then tried in absentia in a case known as the “UAE94”.

The four opposition figures had announced the formation of the “Emirati League Against Normalisation” more than a year ago and issued a statement calling the normalisation agreement with the Israeli occupation a departure from the principles on which the UAE was founded.

https://www.hrw.org/news/2021/10/01/uae-tolerance-narrative-sham-0

https://www.middleeasteye.net/news/uae-european-parliament-release-political-prisoners-boycott-dubai-expo

https://www.middleeastmonitor.com/20210915-uae-puts-4-human-rights-defenders-on-terror-list/

https://www.middleeasteye.net/news/uae-ahmed-mansoor-activist-former-un-official-urges-release

Big Coalition urges UN to denounce abuses facilitated by spyware technologies

October 4, 2021

During the 28th U.N. Human Rights Council (HRC) Access Now joined 94 other civil society organizations and independent experts in urging member states to denounce abuses facilitated by spyware technologies.

The Pegasus Project revealed a long list of journalists, activists, human rights defenders, lawyers, world leaders, and civil society actors that were a target of NSO Group’s Pegasus Spyware. The U.N. HRC should mandate comprehensive measures to investigate and prevent further violations linked to the sale, export, and use of Pegasus spyware and cases of targeted surveillance. For earlier post on this hot topic, see: https://humanrightsdefenders.blog/tag/pegasus/

Member States must urgently act to address the perpetual human rights abuses by States facilitated by NSO Group’s Pegasus spyware,” said Laura O’Brien, UN Advocacy Officer at Access Now. “The clandestine surveillance industry must be held accountable.

The recent revelations showcased the unprecedented scale of human rights violations by States facilitated by the use of Pegasus with Budapest-based photojournalist Dániel Németh being the latest victim targeted by the spyware.

In the Middle East and North Africa (MENA), governments continue to use digital surveillance tools to target journalists and activists. In 2016, a Citizen Lab investigation revealed that the UAE spied on human rights defender Ahmed Mansoor, who is now serving 10 years in prison under inhumane conditions. The Pegasus Project revealed that friends and family of slain Saudi journalist, Jamal Khashoggi, were also targets of Pegasus spyware with the iPhone of Khashoggi’s Turkish fiancée, Hatice Cengiz, targeted and successfully infected. Last June, Access Now and the Gulf Centre for Human Rights launched the MENA Surveillance Coalition, convening civil society organizations working to defend freedom of expression, privacy, and fundamental rights, to call for an end to the sales of digital surveillance tools to repressive governments in the region.

“Invasive surveillance invades and corrodes the lives and work of human rights defenders, journalists, and activists across the globe,” said Kassem Mnejja, MENA Campaigner at Access Now. “Companies like NSO have been given free rein to proliferate the market with the dangerous Pegasus spyware used to facilitate these dehumanising and unsafe actions — this must end now.”

Despite the mounting evidence of its human rights abuses, the NSO Group continues to repeat its false claim that its spyware is only used for legitimate purposes like investigating crime and terror. This cannot continue.

U.N. human rights experts and civil society groups have previously called on governments to immediately implement a global moratorium on the sale, export, transfer, and use of private surveillance technology. Supporting this call, civil society organizations and independent experts are today requesting member states of the U.N. HRC to urgently denounce and mandate independent investigations into the human rights violations facilitated by this technology.

Read the full letter.

https://www.scoop.co.nz/stories/WO2110/S00016/act-now-against-spyware-coalition-tells-un-human-rights-council.htm

NSO’s Pegasus spyware now really in the firing line

July 21, 2021

Frank Andrews in the Middle East Eye of 20 July 2021 tracks the history of the unhealthy story to which also thsi blog has regularly paid attention: see https://humanrightsdefenders.blog/tag/nso-group/

Claims made this week that the Israeli company’s Pegasus spyware technology has been used to surveil 50,000 phones – belonging to heads of state, journalists, human rights defenders, political opponents and more – may be the highest-profile accusations against the firm, but they are not the first.

Pegasus, which infects phones with spyware through various means, has proven to be a boon to digital authoritarians wanting to track anyone perceived as critical of their rule. It has also been the subject of numerous lawsuits and legal complaints.

It begun in August 2016, when the United Arab Emirates was found to be tracking the iPhone of Emirati human rights activist Ahmed Mansoor using Pegasus spyware, according to a report by Citizen Lab and Lookout Security. [see also: https://humanrightsdefenders.blog/2016/08/29/apple-tackles-iphone-one-tap-spyware-flaws-after-mea-laureate-discovers-hacking-attempt/]

Geneva experts on cybersecurity and digital governance tell Geneva Solutions what citizens must do to stem the erosion of our right to privacy.

U.N. High Commissioner for Human Rights Michelle Bachelet, in a statement, said that the revelations “are extremely alarming, and seem to confirm some of the worst fears about the potential misuse of surveillance technology to illegally undermine people’s human rights.” See statement by @UNHumanRights Chief @mbachelet: https://ohchr.org/EN/NewsEvents/

https://www.middleeasteye.net/news/israel-pegasus-spyware-nso-group-history-accusations-denials

https://www.rawstory.com/as-un-human-rights-chief-urges-stricter-rules-snowden-calls-for-end-to-spyware-trade/https://www.rawstory.com/as-un-human-rights-chief-urges-stricter-rules-snowden-calls-for-end-to-spyware-trade/

https://indianexpress.com/article/explained/the-making-of-pegasus-from-startup-to-spy-tech-leader-israel-invasive-spyware-7414370/

In-depth interview with Ron Deibert, Citizen Lab’s founder

May 31, 2021
a smiling man in a collared shirt standing in front of a staircase

Ron Deibert is director of the Citizen Lab at the University of Toronto’s Munk School of Global Affairs. (Courtesy of Ron Deibert)

On 25 May 2021 Nathaniel Basen for TVO.org spoke with professor Ron Deibert about internet censorship, espionage, and getting threats from authoritarian regimes. It is a long but rich interview: In 2001, Ron Deibert, a professor at the University of Toronto, founded Citizen Lab to help understand and track the spread of digital human-rights abuses around the world. 

In the 20 years since, the interdisciplinary lab has made headlines for protecting journalists and human-rights defenders from digital attacks; one of its researchers helped identify members of the group that attacked the United States Capitol earlier this year.

TVO.org: Let’s start at the beginning. How and why did Citizen Lab start, and what did it look like at the time? 

Ron Deibert: Back in the late 1990s, I was doing what I would consider to be conventional academic research — the lone professor studying a topic. A lot of desktop research. A student was taking a course of mine proposed doing a paper where he would explore censorship in China. This was a new topic back then — there was not any evidence really that China was censoring the internet — but people assumed they would, and there was a lot of uncertainty about what was going on there. 

He was kind of a self-taught hacker, and he put together this research paper where he connected to computers in China using some proxy servers and started comparing the results he got to what he could see here in Canada, doing it very systematically. It opened my eyes to the ways in which methods from computer science and engineering science — technical interrogation tools and techniques — could be used to surface real primary evidence about what’s going on beneath the surface of the internet around information control. Especially what governments, and also private companies, are doing that isn’t in the public domain. No one was really doing that at the time, and a lightbulb went on, where I realized that this is a really powerful way of surfacing primary evidence and data in a way that really no one else was doing. 

So I put together a prospectus for a lab that would be interdisciplinary, that would bring together people who have these skills to work systematically on uncovering information-control practices and look at surveillance and censorship and information warfare, from the standpoint of risks to citizens from a human-rights perspective. I was very fortunate at the time to get support from the Ford Foundation — I got a grant from them in 2001 — and I put the proposal together for the Citizen Lab from that. 

TVO.org: And at the time you were in a pretty small basement lab.

Deibert: Actually, it was my office in political science where it all got started. When I got the grant, the Munk Centre was just being established, and the building at Devonshire [at the University of Toronto] was under construction. I went over to that building and scoped out what I thought would be a room that no one else would want, to increase my chance of getting approval. I found this space, and I went to Janice Stein, the director, and said, “Hey, I’ve got this grant. I’ve got this idea. I need some space.” And she said, “Okay, you can have it.” 

So she supported the idea and took a risk. Space is a very valuable asset on campus. And even though it sounds less glamorous, we were really happy to have that room.

After 10 years, we moved to the new Munk building, the observatory, where we’re located now, and that was really great, because we needed more space. Security is not perfect — where we are there are lots of problems — but it is much better than it was in the old building, where people would just wander in and could easily locate us. Now we’re wrapped behind several layers of access control…..

TVO.org: Let’s talk a little bit about your process. How does Citizen Lab decide what to look into next?

Deibert: It’s a combination of factors. First and foremost, we are looking at the topic, at the domain, broadly speaking, which for us is global in scope. We don’t have a particular regional focus. We’re looking at risks to human rights that arise out of information technology: that’s the broadest possible definition of what we do.

That also limits our selection of cases that we want to examine. We assume that, however problematic cybersecurity is for big banks or government, they have resources — they can go hire a private company. But journalists, human-rights defenders, people living in the global south who are human-rights defenders and are advocating for policy change, they really lack capacity. So we put our effort into identifying cases that present the highest risk to human rights and, ideally, affect the most vulnerable parts of the population. 

We divide our work systematically. So there are certain teams that we organize around, though there’s a bit of overlap. It’s fluid, but we have some teams that are more interested in applying network-measurement techniques to uncovering internet censorship, let’s say, and that’s probably the area where we’ve doing the most work for the longest time. Then there’s what we call the targeted-threats group, which is really the most serious stuff around espionage, and it certainly has the highest risk and has gotten us in the crosshairs of some bad actors, to such an extent that we’ve now become a target. We also apply non-technical methods in an interdisciplinary way — we have people who are trained in law and policy. So we’ve done a lot of work around legislation of analyzing national security laws and practices in Canada. 

I would say how things are chosen depends on the opportunities that come up. We may hear about something, some preliminary evidence, perhaps a journalist tips us off or a victim comes forward. Or the team itself decides, hey, this is something we should look into. A good example of that is Zoom. We knew about Zoom: it was a kind of obscure business, networking-communications platform, until the pandemic hit. Suddenly, everyone was on Zoom. So our researchers got together and said, “Hey, we better take a look at this” and indeed uncovered some highly problematic security and privacy issues.

TVO.org: Your work with Zoom is a good example of getting immediate results from your work. If I’m correct, after a public outcry, Zoom cleaned up a lot of what you found. How does that feel to have an immediate impact on the world in that way? 

Deibert: It’s actually super-rewarding in a number of ways. First of all, there’s the gratification to get the message out. Ultimately, we see ourselves as a university-based watchdog group, so if you can publish something and the next day everybody’s reading about it because it’s on the front page of the New York Times? That’s phenomenal. We’ve been actually really fortunate to have high-profile coverage for our research. I think we’ve had, like, close to 30 front-page stories in the New York Times, the Washington Post, other global media, the Financial Times, about different reports of ours over the last 20 years. 

Going further, ultimately, we don’t just want to get attention for what we’re doing — we want to see some change. So there have been so many cases now where we’ve seen consequences, actions taken, policy changes, or advocacy campaigns started as a result of the work that we’ve done. 

Probably the biggest one was back in 2016, when we investigated a targeted espionage attack against a human-rights defender in the United Arab Emirates. He shared with us an SMS message that was tainted with malware that the UAE government was using to try to hack his phone, and when we reverse-engineered it, that malware infected our own device, our own iPhone. We realized that it was so sophisticated and involved what were then three software flaws in the Apple operating system, that even Apple itself didn’t know about. We did a responsible disclosure to them and, within two weeks, they pushed out a patch that affected directly the security of more than 1 billion people. So, to be able to say, “Hey, we were responsible for that” is, I think, quite an accomplishment.

TVO.org: On the flip side, there are people that don’t like the work you do. What has it been like for you to become a target? I can’t imagine when you started this thing that you pictured yourself coming under threat. 

Deibert: Well, first of all, you’re right. I grew up studying world politics as something out there, and I’m a spectator. There were a couple of instances before this, but, really, when we published the GhostNet report in 2009, which was the first public-evidence-based report on cyber espionage, it was the one that involved the hacking of the office of His Holiness the Dalai Lama, and we uncovered this massive Chinese espionage operation. 

It suddenly dawned on me, okay, we’ve gone from kind of just observing and recording to becoming a factor, because very quickly thereafter, we had all sorts of inquiries and veiled threats and concerns about physical security. From that point on, from 2009 to today, they’ve really only amplified. The worst is probably when we were targeted by Black Cube, the same private-intelligence firm made up of ex-Mossad agents that notoriously went after the accusers of Harvey Weinstein. Now, that’s really frightening to be in their crosshairs. We ended up actually exposing that operation, but to know that something like that is going on, frankly, is very disturbing. It really forces you to change your behaviour, think about practical issues: when you’re travelling, hotels, getting into elevators, who’s accessing the same building as you. 

At the same time, though, I think it’s a mark of success. If we’re not successful, those people wouldn’t care. It’s just something you have to factor into your risk calculation and take all the precautions, and we’re most concerned about the risks to the subjects of our research. Frankly, we go to extraordinary lengths to protect the security in terms of the data we handle, how we interact with them and interview them. But, yeah, it’s just constant. Actually, every day there’s something, ranging from people who, unfortunately, maybe are mentally disturbed, and they read about us and want to visit us, all the way to, you know, the world’s worst authoritarian regimes that are trying to threaten us. 

TVO.org: A lot of this work is global in nature, but some Ontarians might be surprised to know a lot of it is quite local. I’m thinking about your work with internet-filtering technology and Waterloo-based Netsweeper. What makes filtering technology so important, and what was Netsweeper up to? 

Deibert: As the internet evolves, there are all sorts of reasons why people want to control access to certain content online — beginning, I would say, with schools and libraries. There are legitimate concerns among parents and teachers that children have access to pornography or other types of content. Service providers like Netsweeper fill the market niche, providing filtering technology to those clients. 

But, very quickly, there grew a need among governments — national-level internet censorship. In the beginning, like I talked about with the Chinese, it was very rare in the 1990s or 2000s. I could count on one hand the number of governments that were doing this sort of thing. Now, it’s routine, and it’s big business. So with a company like Netsweeper, for us, it was, frankly, a no-brainer to zero in on it, and not even because they’re based in our own backyard. There’s certainly a motivating factor there because we’re Canadians, and we want to make sure that, as best we can, we identify businesses operating out of Canada to see if they’re in compliance with Canadian law or Canadian values. Here, we had a company that seemed to be not just kind of stumbling into selling internet-censorship services to some of the world’s worst violators of human rights, but actively courting them. 

They were showing up all over the world, especially in the Middle East. The Middle East is where Netsweeper really profited from selling internet-censorship services to governments that routinely violate human rights and block access to content that would be considered protected legally here in Canada. And they were also doing this in a non-transparent way. 

This is not something they openly advertised, and yet we knew, from our research and technical investigation, we could identify basically unquestionable proof that their technology was being used to filter access to content that would be legally protected here in Canada, in places like Bahrain and Yemen and in the Gulf. 

So we did a report about Netsweeper’s technology in Yemen, and at this time, the main telco, YemenNet, was controlled by Houthi rebels, and of course there’s an ongoing civil war, which at that time was really quite intense. We simply documented that Netsweeper’s technology was being used to actually block the entire Israeli top-level domain — the only time we’d ever seen that in the world, with the exception of Iran. 

We published this report, and we mentioned in the commentary around it that, in providing services to one participant in an armed conflict, who is censoring information, including information related to international news, they’re effectively inserting themselves in an armed conflict, and it raises all sorts of ethical, moral, and potentially even legal issues. Netsweeper sued me and the University of Toronto for defamation for over $3 million. Of course, we thought that was entirely baseless, and six months later, they simply withdrew the suit. 

Coincidentally, their suit came shortly before the Ontario government passed anti-SLAPP legislation to prevent lawsuits that chill free expression, which in our opinion, is very much what it is, because as we were going through the litigation, we couldn’t report on Netsweeper. After the lawsuit was dropped, we then published several subsequent reports on Netsweeper…..

TVO.org: In your 20 years, what is the work you’re most proud of?

Deibert: What I’m most proud of is the staff. I’d say a skill that I have is, I think I would make a good NHL scout or a band manager. I have the ability, for what it’s worth, to identify talented people and give them the support they need. So there’s not a particular report that I’m proud of; I’m most proud of the people who work at the lab. I’m so fortunate to be surrounded by these extremely talented, ethical, dedicated people, most of whom have been with me for over 10 years. It’s rare to have that in a small university. And that’s what I’m most proud of.

TVO.org: The lab itself, as we talked about a little bit, is somewhat unique: you’re working outside of government or corporations and working in the interest of human rights. Others around the world have taken note of your model. Do you hope to export it? 

Deibert: It’s beginning to be surprising to me that there aren’t more Citizen Lab–like organizations at other universities. To me, this is a field with such endless opportunity. There’s so much unfortunate malfeasance going on in the digital world. 

And, yet, you have these extremely powerful methods and techniques, as we’ve demonstrated, that, by way of analogy, act like an X-ray on the abuse of power. That’s the way I think about it. It’s astonishing. 

Sometimes I sit back and shake my head. A lot of the stuff we don’t even publish. It’s remarkable what you can see when you use these very precise, careful methods to uncover and track abuses of power. Why haven’t other university professors jumped on this and tried to mimic it? I don’t really know. I suppose there’s no one answer. There are risks involved with it, and it’s actually not easy to cross disciplinary boundaries. 

So I think that we’re helping to build the field, at least I hope, and you’re right that there are a few other places where I’m seeing either professors or, in some cases, human-rights organizations, attempting to build something like this. That is fantastic. That’s really where my effort and the next phase of my career is, around really field-building by promoting that model and hoping that others build up centres like the Citizen Lab at other universities, while also ensuring the sustainability of the lab.

This is a bit “inside university,” but the reality is, as the only professor in the lab, I’m the weakest link. So if something happens to me, the lab would really fall apart. Not because I’m the wizard directing everything — purely because I’m the responsible principal investigator for the grant, and you need that at a university. What I hope to do is ensure the sustainability of the lab outside of me, and that means recruiting other professors to the lab. We’re actively fundraising to do that and to try to get more tenure-track positions connected to the lab so that it can continue once I move on.

TVO.org: And what will the next 20 years hold for the lab itself?

Deibert: Hopefully, we ‘ll be able to continue. We know we have the support from the University of Toronto; they’ve been incredible in a number of ways. We live in a time when big university bureaucracies are criticized, sometimes rightfully so — I’ve been critical of my own university in various areas. But one thing I can say, they have been so supportive of work that we do in a variety of real practical ways, including legal support. 

I just want the lab to not be something that is tied to one profession. I want it to continue and to duplicate what we do globally. If we had 25 Citizen Labs sprinkled around the planet, it would be better for human rights overall, because there would at least be another protective layer, if you will, of dogged researchers who aren’t afraid to uncover abuses of power, no matter where they are.

https://www.tvo.org/article/x-ray-on-the-abuse-of-power-citizen-labs-founder-on-fighting-for-human-rights

30 NGOs call on Google to drop plan for a Cloud region in Saudi Arabia

May 27, 2021
Groups call on Google to drop out of Saudi project over human rights concerns

© Getty Images

The Hill of 26 May 2021 reports that a coalition of more than 30 human rights and digital privacy rights groups called on Google to abandon its plans to establish a Google Cloud region in Saudi Arabia over concerns about human rights violations.

The groups, which include Amnesty International, Human Rights Watch and PEN America, wrote in their letter that Saudi Arabia’s record of tamping down on public dissent and its justice system that “flagrantly violates due process” made it unsafe for Google to set up a “cloud region” in the kingdom.

While Google publishes how it handles government requests for customer information and reports when requests are made through formal channels, there are numerous potential human rights risks of establishing a Google Cloud region in Saudi Arabia that include violations of the rights to privacy, freedom of expression and association, non-discrimination, and due process,” the groups said. See also: https://humanrightsdefenders.blog/2019/03/08/saudi-arabia-for-first-time-openly-criticized-in-un-human-rights-council/

The letter also pointed to Saudi authorities who have routinely sought to identify anonymous online dissenters and spy on Saudi citizens through digital surveillance. The groups also pointed to how they themselves are believed to have been put under surveillance by the Saudi government.

“Google has a responsibility to respect human rights, regardless of any state’s willingness to fulfill its own human rights obligations,” the letter continued, pointing to Google’s statement in which it expressed its commitment to human rights and to “improve the lives of as many people as possible.”

In order to address these concerns, the groups called on Google to conduct a “robust, thorough human rights due diligence process” and to “draw red lines around what types of government requests concerning Cloud regions it will not comply with” due to human rights concerns.

“The Saudi government has demonstrated time and again a flagrant disregard for human rights, both through its own direct actions against human rights defenders and its spying on corporate digital platforms to do the same,” the letter read. “We fear that in partnering with the Saudi government, Google will become complicit in future human rights violations affecting people in Saudi Arabia and the Middle East region.”

https://thehill.com/policy/technology/555597-groups-call-on-google-to-drop-out-of-saudi-project-over-human-rights

UK criticised for selling spyware and wiretaps to 17 repressive regimes including Saudi Arabia and China

July 13, 2020

Jon Stone in the Independent of 13 july 2020 wrote about the UK Government being urged to explain £75m exports to countries rated ‘not free’. The British government is providing more than a dozen repressive regimes around the world with wiretaps, spyware and other telecommunications interception equipment they could use to spy on dissidents, public records show. Despite rules saying the UK should not export security goods to countries that might use them for internal repression, ministers have signed off more than £75m in such exports over the past five years to states rated “not free” by the NGO Freedom House.

The 17 countries include China, Saudi Arabia and Bahrain, as well as the United Arab Emirates, which was the biggest recipient of licences totalling £11.5m alone since 2015….One such beneficiary of the UK’s exports is Hong Kong, which had a £2m shipment approved last year despite ongoing repression of pro-democracy protests. The Philippines, where police extrajudicial killings are rampant, has also provided steady business for British firms hawking surveillance systems.,,

A government spokesperson said blandly : “The government takes its export responsibilities seriously and assesses all export licences in accordance with strict licensing criteria. We will not issue any export licences where to do so would be inconsistent with these criteria.” But Oliver Feeley-Sprague, Amnesty International UK’s programme director for military, security and police affairs, said the UK did not seem to be undertaking proper risk assessments when selling such equipment and said the government’s controls were becoming “notorious” for their “faulty decision-making”

With numerous human rights defenders arrested and jailed in countries like Saudi Arabia, the UAE and Turkey in the past five years, there’s a greater need than ever for the UK to be absolutely scrupulous in assessing the risk of UK telecoms technology being used unlawfully against human rights activists, journalists, and peaceful opposition figures.

“It’s just not clear that the UK is undertaking proper risk assessments when selling this equipment, and it’s not clear whether UK officials are making any effort to track how the equipment is used in one, two or three years’ time.

This week international trade secretary Liz Truss announced the UK would be resuming arms exports to Saudi Arabia, after a court had previously ordered that they were suspended. The government said it had reviewed claims that Saudi forces in Yemen had breached international humanitarian law and said any possible breaches were “isolated incidents” because they had happened in different places and different ways.

Andrew Smith of Campaign Against Arms Trade said the sale of the spying equipment raised “serious questions and concerns”.

See also: https://humanrightsdefenders.blog/2019/05/14/beyond-whatsapp-and-nso-how-human-rights-defenders-are-targeted-by-cyberattacks/

https://www.independent.co.uk/news/uk/politics/uk-spyware-wiretaps-saudi-arabia-china-bahrain-uae-human-rights-a9613206.html

Trump now starts dismanteling the Open Technology Fund

June 23, 2020

Raphael Mimoun wrote in Newsweek of 22 June 2020 an opinion piece “Dictators are Besieging Internet Freedom—and Trump Just Opened the Gates”. It is a detailed piece but worth reading:

raph-m

Last week, the Trump administration started dismantling one of the US government’s most impactful agencies, the Open Technology Fund, which supports projects to counteract repressive censorship and surveillance around the world.

The Open Technology Fund, or OTF, is relatively new, founded in 2012 as a program of the government-backed Radio Free Asia. In 2019, it became an independent non-profit reporting to the US Agency for Global Media (USAGM). Since its founding, the organization has funded dozens of projects now part of the toolkit of millions of rights advocates and journalists around the world. But OTF is now under attack: the new leadership of USAGM, appointed just weeks ago, fired the leadership of all USAGM entities, including OTF, dismissed OTF’s independent and bipartisan board of directors, and is threatening to hollow out OTF altogether….

Many of those tools help those who most need it, where surveillance, censorship, and repression is most acute. Just last month, Delta Chat declined a request for user data from Russia’s communication regulator—because the security architecture developed with OTF support meant it did not have any data to handover. FreeWechat, which publishes posts censored by the Chinese government on the app WeChat, has been visited over 7 million times by Chinese-speakers. Dozens more OTF-funded tools enable millions to evade surveillance by autocratic governments and access the open internet, from Cuba to Hong Kong and Iran.

OTF’s work is critical to human rights defenders and journalists, but it brings privacy and security far beyond those groups. OTF only supports open-source projects, meaning that the code used must be available for anyone to view and reuse……….

But OTF’s work on internet freedom isn’t limited to funding technology development. The organization takes a holistic approach to internet freedom, providing life-saving training and capacity-building to groups directly targeted by cyberattacks, harassment, and violence: LGBTQI advocates in Indonesia, journalists in Mexico, civic activists in Belarus, or exiled Tibetan organizations. OTF also funds events bringing together researchers, technologists, policy-makers, and advocates. Those gatherings—whether global like the Internet Freedom Festival or focused on specific countries or regions like the Iran Cyber Dialogue, the Vietnam Cyber Dialogue, or the Forum on Internet Freedom in Africa–have been transformative. They have helped build a tight community in a space where trust is hard to achieve. Without such events, many of the projects, tools, and collaborations to circumvent censorship and counter surveillance would not exist.

See also: https://www.theverge.com/2020/6/23/21300424/open-technology-fund-usagm-circumvention-tools-china-censorship-michael-pack

https://www.newsweek.com/open-technology-fund-trump-dismantling-1512614

Big Brother Awards try to identify risks for human rights defenders

February 24, 2019

Citizen Lab at big RIGHTSCON in Toronto

May 12, 2018
 RightsCon, held this year in Toronto from 16 – 18 May 2018, brings together an international audience to discusses all topics related to human rights in the digital age, such as surveillance, AI, censorship, access to the internet, etc. Citizen Lab researchers, fellows, and associates will be participating in panels and events throughout the week.Citizen Lab is the organization that helped Ahmed Mansoor with his iPone spyware in 2016: https://humanrightsdefenders.blog/2016/08/29/apple-tackles-iphone-one-tap-spyware-flaws-after-mea-laureate-discovers-hacking-attempt/.
 on 11 a run-down of topics and where you can find them:

Session name Citizen Lab participant(s) Date Time Room location
Artificial Intelligence: Lethal Autonomous Weapons Systems and Peace Time Threats Ron Deibert Wednesday, May 16 14:30 – 15:45 206B
Access My Info: Exposing Disconnects Between Data Protection in Theory and in Practice Masashi Crete-Nishihata, Chris Parsons, Bram Abramson Wednesday, May 16 16:00 – 17:00 200C
Do We Need Free Speech Legislation like We Need privacy Laws? Moses Karanja Wednesday, May 16 16:00 – 17:00 201A
Scrutinizing the Little Brothers: Corporate Surveillance and the Roles of the Citizen Consumer and Company Chris Parsons Wednesday, May 16 17:15 – 18:15 203B
Crypto Wars Revisited? Hosted by the Canadian Internet Policy and Public Interest Clinic & Citizen Lab Wednesday, May 16 17:15 – 18:15 206C
Who Did it? Why We Need an International Cyber Attribution Organization to Address Nation-State Attacks in Cyberspace Ron Deibert Thursday, May 17 12:00 – 13:15 200C
Access My Info: Running a Personal Data Access Campaign Andrew Hilts Thursday, May 17 14:30 – 15:45 200A
Disappearing Space, Disappearing Voices: How the Chinese Government & Big Tech are Silencing Tibetans Online Masashi Crete-Nishihata Thursday, May 17 16:00 – 17:00 203B
Understanding Freedom of Expression in Southeast Asia: Internet Freedom and Online Censorship Irene Poetranto Thursday, May 17 16:00 – 17:00 TBA
Coders Free Speech Rights in The Americas at Risk Sarah McKune Thursday, May 17 16:00-17:00 201C
Journalism Free Expression and Digital Security Masashi Crete-Nishihata Thursday, May 17 17:15 – 18:15 205A
Beyond Security Updates: Providing Relevant, Accessible, and Sustainable Digital Security Advice Online Christine Schoellhorn, John Scott-Railton Thursday, May 17 17:15 – 18:15 201C
The Surveillance Tool We Love to Carry: Cell Phones, Searches, and Privacy in the Evolving Legal Landscape Lex Gill, Jon Penney Thursday, May 17 17:15 – 18:15 204A
How to win the privacy/surveillance debate Jon Penney Thursday, May 17 17:15-18:15 206A
How does the Kremlin Manipulate the Russian IT Industry to Exert Control over the Internet Ksenia Ermoshina, Jakub Dalek Friday, May 18 9:00 – 10:15 203A
A Technologist, a Policy Wonk, and an Internet Advocate Walk into a Bar: Assessing how Internet Communities Build Bridges for Human Rights Moses Karanja, Masashi Crete-Nishihata Friday, May 18 10:30 – 11:45 200A
My First Transparency Report Bram Abramson, Chris Parsons Friday, May 18 10:30 – 11:45 206A
What have We Learnt about 5 Years of Internet Disruptions in Africa? Moses Karanja Friday, May 18 12:00 – 13:15 201A
Tech Against Terrorism – Respecting Human Rights in Tackling Terrorist Exploitation of the Internet Irene Poetranto Friday, May 18 12:00 – 13:15 201B
Frontiers of Feminist Issues Online: Understanding the Tensions and Opportunities at the Intersection of Innovations, Digital Rights, and Security Irene Poetranto Friday, May 18 14:30-15:45 203A
Have We Entered a Brave New World of Global Content Takedown Orders? Jon Penney Friday, May 18 16:00 – 17:00 206C
CLE: Ethical Duties in the Digital Age: Encryption Done Dirt Cheap Sarah McKune Friday, May 18 16:00-18:00 206A
Online Anonymity: Key Lessons & Emerging Threats Bram Abramson Friday, May 18 17:15 – 18:15 200A
Chilling Effects, Surveillance, and the Future of Automation and the Law Jon Penney Friday, May 18 17:15 – 18:15 TBA
Big Brother is Really Watching: Digital Surveillance & Gender-based Violence Irene Poetranto Friday, May 18 17:15 – 18:15 206D

For previous event see: https://citizenlab.ca/2016/02/citizenlab-partners-rightscon-2016/

European Parliament votes to restrict exports of surveillance equipment

January 22, 2018
Members of the European Parliament have voted to curb export of surveillance equipment to states with poor human rights records, following mounting evidence that equipment supplied by companies in Europe has been used by oppressive regimes to suppress political opponents, journalists and campaigners. MEPs in Strasbourg agreed on 17 January to extend EU export controls to include new restrictions on the export of surveillance equipment, including devices for intercepting mobile phones, hacking computers, circumventing passwords and identifying internet users. The proposals also seek to remove encryption technologies from the list of technologies covered by EU export controls, in a move which aims to make it easier for people living in oppressive regimes to gain access to secure communications which can circumvent state surveillance.

Dictators spy on their citizens using EU cyber-surveillance. This must stop. The EU cannot contribute to the suffering of courageous activists, who often risk their lives for freedom and democracy,” said MEP Klaus Buchner, European Parliament rapporteur. “We are determined to close dangerous gaps in the export of dual-use goods and call on member states to follow suit.”

The proposed changes to the EU dual use export control regime are likely to face opposition from the defence industry and governments, as the European Parliament, and the European Commission prepare to negotiate their implantation with Europe’s 28 member states.

European technology companies, including UK firms, have supplied equipment that  has been used for arresting, torturing, and killing people in Iran, Egypt, Ethiopia, and Morocco, according to the European Parliament. An investigation by Computer Weekly revealed that the UK government had approved export licences to Gamma International (UK) to supply mobile phone interception equipment, known as IMSI catchers, to Macedonia, when the regime was engaged in a massive illegal surveillance operation against the public and political opponents.

And the UK’s largest arms manufacturer, BAE Systems, has exported equipment capable of mass internet surveillance to countries that campaigners say regularly commit human rights abuses, including Saudi Arabia, Qatar, Oman, Morocco and Algeria. An overwhelming majority of MEPs supported reforms to the EU’s export control regime, which will require member states to deny export licences if the export of surveillance technology is likely to lead to a serious impact on human rights in the destination country. The proposed changes, backed by 571 votes to 29 against, with 29 abstentions, will impose tough requirements for EU governments.

Member states will be required to assess the likely impact of surveillance technology on citizens’ right to privacy, freedom of speech, and freedom of association, in the destination country before they grant  export licences – a significant step up from current levels of scrutiny.

The proposed rules contain safeguards, however, that will allow legitimate cyber-security research to continue. Companies exporting products that are not specifically listed will be expected to follow the OECD’s “due diligence” guidelines, if there is a risk they could support human-rights violations.

Improved transparency measures will require member states to record and make data on approved and declined export licences publicly available, opening up the secretive global trade in surveillance technologies to greater public scrutiny.

http://www.computerweekly.com/news/252433519/European-Parliament-votes-to-restrict-exports-of-surveillance-equipment