A Long Island firm is helping Kazakhstan and Uzbekistan clamp down on dissent
American companies are supplying technology that the governments of Kazakhstan and Uzbekistan are using to spy on their citizens’ communications and clamp down on dissent, according to a new report from the UK-based advocacy group Privacy International.
Verint Systems, a manufacturer of surveillance systems headquartered in Melville, N.Y., has sold software and hardware to Kazakhstan and Uzbekistan that is capable of mass interception of telephone, mobile, and Internet networks, the group alleged in its Nov. 20 report. It also provided the training and technical support needed to run them, the report said.
Verint, which claims customers in 180 nations, in turn sought decryption technology made by a firm in California, Netronome, as it helped the Uzbek government attempt to crack the encryption used by Gmail, Facebook, and other popular sites, according to the report.
The report’s overall message is that countries in Central Asia – including also Turkmenistan and Kyrgyzstan – regarded as among the world’s most autocratic are getting Western help to install, on a much smaller scale, some of the same advanced mass interception techniques that Edward Snowden revealed are used by the National Security Agency.
Those acquisitions have been facilitated in part by loose export controls over surveillance technology. To be subject to U.S. export restrictions, products must appear on a Commerce Department control list — and the key components of the surveillance products described in the Privacy International report do not appear to be on those lists, according to report co-author Edin Omanovic.
Products that can lay the foundation for mass surveillance are not restricted by special export controls if they are sold in an off-the-shelf, unaltered state, according to Eva Galperin, a global policy analyst at the Electronic Frontier Foundation, a non-profit digital rights foundation.
While many of the group’s sources are not listed in the report, and its claims therefore cannot all be confirmed, the report says that staff members interviewed activists in the region who recounted that transcripts of their private communications were used to convict and imprison them on charges of conspiracy.
Recent U.S. State Department reports for Kazakhstan and Uzbekistan describe a pattern of state-sponsored torture, inhumane treatment of prisoners, arbitrary arrest, and limited civil liberties in both countries. The State Department’s report on Uzbekistan specifically accused authorities there of detaining and prosecuting activists and journalists for politically motivated reasons. In the Kazakhstan report, “severe limits on citizens’ rights to change their government” was listed as a significant human rights problem.
Kathleen Sowers, an assistant to the general manager of Verint Systems, said in a telephone conversation on Nov. 20 that all of the company’s senior personnel were traveling and could not be reached for comment. Netronome spokeswoman Jennifer Mendola said in an email that the company had “no information on the matter” described in the Privacy International report. The company complies with all applicable laws of the United States and every other jurisdiction in which it operates, and “does not condone any violation of human rights or personal privacy,” she added.
Privacy International, a 24-year-old registered charity in the United Kingdom, publishes investigations and studies about digital privacy. It has challenged the legality of Britain’s spy agency using information obtained from the U.S. National Security Agency’s PRISM surveillance program to conduct mass surveillance of British citizens.
Several of the firms alleged to have exported snooping gear to the region have Israeli connections. Verint’s exports, for example, were dispatched by its Israeli subsidiary, according to the report. According to Omanovic, multiple sources had told his group that the transfers had been approved by the Israeli government. Israel and Kazakhstan signed an agreement for defense trade and cooperation at the beginning of 2014. A spokesman at the Israeli embassy in Washington did not have any immediate comment.
The report also said the Israeli firm NICE Systems has supplied monitoring systems with mass surveillance capabilities to the Kazakh and Uzbek regimes. Erik Snyder, NICE’s director of Corporate Communications, told the group in response that NICE provides law enforcement agencies and intelligence organizations with solutions for lawful communication interception, collection, processing, and analysis, but that it “does not operate these systems, and has no access to the information gathered.”
Some of the U.S. companies named in the report allegedly provided the Central Asian governments with technology that has less controversial purposes. Sunnyvale, CA-based Juniper Networks manufactured broadband equipment that Kazakhstan has been using to transmit data, according to the report, and a surveillance system that actively monitors internet users is now operating from that equipment. But the report makes no claim about Juniper’s complicity in surveillance. Juniper spokeswoman Danielle Hamel said she would look into the claim but then did not respond further.
The sole international agreement that includes regulations for the export of mass surveillance technologies – known as the Wassenaar arrangement — is non-binding on its 41 signatories. Israel is not a signatory, but says it uses Wassenaar’s control list as a guide, according to Privacy International’s Omanovic.
In October 2014, the European Commission amended its export controls to impose extra licensing requirements on monitoring and interception technologies. But the U.S. has not enacted its own controls on such exports.
Rep. Chris Smith (R-N.J.) has introduced several versions of a bill entitled “The Global Online Freedom Act,” meant to “prevent United States businesses from cooperating with repressive governments in transforming the Internet into a tool of censorship and surveillance.” But he has not been able to get the bill approved even by the subcommittee on Africa, Global Health, Global Human Rights and International Organizations that he chairs.
LONDON (Reuters) – Telecommunications firm Cable Wireless helped Britain eavesdrop on millions of Internet users worldwide, Channel 4 reported on Thursday, citing previously secret documents leaked by a fugitive former U.S. National Security Agency contractor.
Cable Wireless, which was bought by Vodafone in 2012, provided British spies with traffic from rival foreign communications companies, Britain’s Channel 4 television said, citing documents stolen by Edward Snowden.
Channel 4 said Cable Wireless gave Britain’s GCHQ eavesdropping agency access by renting space on one of the arteries of global communications, a cable that runs to the southern English region of Cornwall.
The Channel 4 report, which was impossible to immediately verify given the secrecy of the surveillance programmes, said Cable Wireless carried out surveillance on Internet traffic through its networks on behalf of British spies.
The documents cited in the report were not shown on Channel 4’s web site. But previous disclosures by Snowden have illustrated the scale of U.S. and British eavesdropping on everything from phone calls and emails to Internet and social media.
Some telecommunications and Internet companies in Britain and the United States were asked or forced to cooperate with the eavesdropping programmes, according to previous media reports.
When asked for comment on the Channel 4 report, Vodafone said in a statement that it had examined the history of Cable Wireless compliance and found no evidence that would substantiate the allegations.
“We have found no indication whatsoever of unlawful activity within Vodafone or Cable Wireless and we do not recognise any of the UK intelligence agency programmes identified,” it said in a statement. “Furthermore, Vodafone does not own or operate the cables referred to.”
It added that national laws require it to disclose some information about its customers to law enforcement agencies or other government authorities when asked to do so.
In the wake of the Snowden revelations, GCHQ was accused by privacy groups and some lawmakers of illegally monitoring electronic communications.
British ministers denied any illegality and top spies dismissed suspicions of sinister intent, saying they sought only to defend the liberties of Western democracies. GCHQ declined to comment on the Channel 4 report.
Andrew Parker, director general of MI5, Britain’s domestic security service, warned last year that the revelations from Snowden, who now lives in Moscow, were a gift to terrorists because they had exposed GCHQ’s ability to track, listen and watch plotters.
(Reporting by Guy Faulconbridge and Kate Holton; Editing by Mark Heinrich)
Russian security services have the ability to monitor Skype communications, IT security experts said Thursday.
Ilya Sachkov, general director of the Group-IB computer security firm, said Russian security services have been able not only to eavesdrop on communications over Skype, but also to determine users’ locations “for a couple of years now,” Vedomosti reported.
“That’s why our company’s employees are prohibited from discussing work-related issues via Skype,” Sachkov said.
According to Peak Systems head Maxim Amm, when Microsoft bought Skype in May 2011, it fitted it out with a special technology for legal eavesdropping of online communications. The technology involved switching users to a special mode in which their messages are encrypted on a server where security agencies can decipher and read messages and voice conversations.
In the original Skype settings, messages were encrypted and thus impossible for third parties to read.
Another industry expert said that Microsoft provides monitoring capabilities for all secret services worldwide, not only Russian ones, Vedomosti reported.
Mikhail Pryanishnikov, the head of Microsoft’s Russian branch, said earlier that the company could legally give the Federal Security Service access to Skype’s source code.
Neither the Interior Ministry nor the Federal Security Service have commented on the news, but a source in the police said that “monitoring Skype cannot be considered an insurmountable task for Russian law enforcement agencies.”
Two experts on information security told Vedomosti that Russian security services do not always need a court decision to get access to private communications on Skype, and that in some cases they can eavesdrop “simply by request.”
British intelligence nerve-centre MI5 is recruiting fluent Chinese speakers to eavesdrop on phone calls – but it got more than it bargained for when its Mandarin comprehension test was ridiculed by Redditors.
Blighty’s Security Service set up an online language exam, which encourages peeps with Mandarin, Russian, Sylheti, Swahili, Somali and Pashto skills to test their suitability for a role with the service.
It explains as follows:
The tests reflect the nature of some of the work of our Foreign Language Analysts, Mandarin Intelligence Analysts and Russian Analysts, who listen to lawfully intercepted phone calls made by the targets of our investigations.
You’ll use your judgement, language skills and cultural knowledge to decide between those calls that are important and those calls that are not, and transcribe your findings in clear and succinct written English to help further investigations.
However, users of the wildly popular social news website Reddit took the Chinese exam – which requires the applicant read or listen to a passage and answer a set of related questions – and were none too impressed with the quality of the language.
One Redditor, willdunz, opined yesterday: “This can’t be the real admission test right? I mean nobody talks like that in China; even those news anchors on CCTV [China Network Television] talk faster than this.”
Another, snackburros, claimed that the “written passage has some grammar, usage and sentence structure awkwardness to it”. One wag, getting his MI6 and MI5 mixed up, added: “Easiest test ever. I’m gonna be the first American James Bond in China.”
To be fair, the test is meant to be a basic first hurdle for those interested in such a role, rather than a green light for Chinese speakers into one of the UK’s most secretive and revered institutions.
MI5 explained as much in the following disclaimer:
The clips do not reflect the full complexity of the challenges offered by our analyst roles but they are indicative of the type of skills successful candidates should be comfortable using on a routine basis.
The Security Service, which mainly tackles major crime and terrorism within the UK, needs more language experts as it makes more requests to telcos than any other body for information on phone calls and internet activities in the UK.
That was according to a parliamentary report last month into a controversial draft communications surveillance law, which calls for much wider snooping powers. Officials claimed there is a 25 per cent “shortfall” in the comms data the authorities want and what they can currently get.
A Maryland Transit Administration decision to record the conversations of bus drivers and passengers to investigate crimes, accidents and poor customer service has come under attack from privacy advocates and state lawmakers who say it may go too far.
The first 10 buses — marked with signs to alert passengers to the open microphones — began service this week in Baltimore, and officials expect to expand that to 340 buses, about half the fleet, by next summer. Microphones are incorporated in the video surveillance system that has been in place for years.
“We want to make sure people feel safe, and this builds up our arsenal of tools to keep our patrons safe,” said Ralign Wells, MTA administrator. “The audio completes the information package for investigators and responders.”
Wells said the system was deemed legal by the state attorney general’s office and letters were sent to the American Civil Liberties Union and the union representing bus drivers informing them of the initiative. A spokesman for the attorney general’s office confirmed that transit officials were advised by their counsel that based on a 2000 appeals court decision, the audio recordings did not violate the state wiretapping law.
But an ACLU lawyer said he was “flabbergasted” that MTA officials would try to record people’s conversations under the guise of a pilot program after a similar proposal was rejected in 2009 by the state’s highest-ranking transportation official and by the General Assembly on three occasions.
“People don’t want or need to have their private conversations recorded by MTA as a condition of riding a bus,” said David Rocah, a staff attorney with the Maryland chapter of the ACLU. “A significant number of people have no viable alternative to riding a bus, and they should not be forced to give up their privacy rights.”
Wells said a digital recorder similar to an aviation black box and capable of storing 30 days of audio and video information is locked in an equipment box on each MTA bus. In the event of an accident, an incident involving passengers or a complaint against a driver, investigators can remove the recorder and download the file for review.
The cost is negligible, Wells said, since the six cameras inside each bus are capable of recording audio and all new buses will have audio-video systems as standard equipment.
MTA police dispatchers receive 45 to 100 daily calls for assistance from bus drivers for everything from an unhappy rider to criminal activity, said Capt. Burna McCollum, commander of the MTA police technical services division.
Video is a critical tool for investigators sorting out the details of an incident, but when witnesses walk away, are reluctant to cooperate or give conflicting accounts, an audio recording can fill in missing information, McCollum said.
Surveillance policies in the region vary widely. The Washington Metropolitan Area Transit Authority and Southeastern Pennsylvania Transportation Authority use security cameras on their buses but draw the line at audio recordings of passengers. Montgomery County’s 335-bus Ride On system is about to add audio surveillance to its video capability. Baltimore’s nearly three-year-old Circulator buses record both video and audio.
Two members of the state Senate Judicial Proceedings Committee say the MTA’s decision to record passengers without their consent is troubling.
“It’s an end run and ripe for a court challenge,” said Sen. James Brochin, a Baltimore County Democrat. “They have absolutely no grounds to do this. If we can’t get them to listen and change their minds, we’ll deal with this … and make them defend what’s indefensible.”
Sen. Jamie Raskin, a Montgomery County Democrat and a constitutional law expert, said that while he understands the need to protect public transportation customers, “this sounds kind of Big Brotherish to me.”
Raskin said bus patrons should have been consulted, and a clear policy on who has access to the recordings and how long they are kept should have been spelled out to the public before the program was initiated.
“This is such a giant step forward in dissolving the privacy expectations of people who ride the bus,” he said. “Legislators are going to want to know what the compelling reason is for initiating this now.”
In 2009, the acting secretary of the Maryland Department of Transportation derailed a similar MTA proposal and asked for more review, calling privacy matters “the ultimate test of people’s trust in government.”
In each of the last three legislative sessions, bills filed on behalf of MTA to authorize recording devices and establish ground rules for their use were rejected in committee.
“When House and Senate committees individually look at a proposal and nearly unanimously reject it, you know it’s bad public policy,” Brochin said.
But one of the bills’ sponsors, Del. Melvin Stukes, an MTA customer service investigator, said state officials have been “gun-shy” in dealing with the ACLU and unions. The intent of the legislation, he said, was to eliminate bad language that often sparks violence.
“This is not your bathroom. This is not your bedroom. Buses are public spaces and people are elbow to elbow,” Stukes said. “I’m not trying to punish people. I’m just trying to clean up problems I hear about every day so that people realize that MTA is trying to provide a more congenial, more cordial ride.”
The chairman of the Senate Judicial Proceedings Committee predicts that the entire matter will have to be resolved by the legislature.
“If this is something that’s necessary and useful, standards must be set for oversight and accountability,” said Sen. Brian Frosh, a Montgomery County Democrat. “The job of figuring this out definitely should not be left to the agency doing the listening.”
candy [dot] thomson [at] baltsun [dot] com
