Privacy International defends the right to privacy across the world, and fights surveillance and other intrusions into private life by governments and corporations. Read more »


Watching the Watchers at Milipol 2013

If you were a Middle Eastern tyrant or a Central Asian strongman, and you suddenly found your position of power under threat, where would turn for assistance? Well, Paris, it seems, is actually pretty good start.

This week, the city that gave us a defining revolution based on the very idea that we as human beings are entitled to certain universal rights, plays host to some 1,000 exhibitors and 30,000 attendees as part of Milipol 2013, one of the world’s foremost trade shows for law enforcement agencies showcasing the latest tools in state security and internal repression.

One of the most striking things about this arms fair is the lack of arms. Traditionally, if a government wanted to clamp down internally and strengthen controls over its population, it did so through the use of brute force. Not so in the 21st Century. Milipol 2013 highlights just how significant a role that data and intelligence plays in the work of modern law enforcement agencies with location tracking, communications interception devices, data processing and analysis software, biometric identification systems, and surveillance drones now clearly an integral part of modern law enforcement techniques.

With the launch of the Surveillance Industry Index this week containing Privacy International’s database of surveillance companies and their products, Milipol provide’s a perfect opportunity to examine what has - and sadly hasn't - changed in this burgeoning industry.

The times, they are a changin'

Authoritarian governments have been shown time and time again to use surveillance equipment to impose and enforce their authority. While well understood within industry, some companies didn’t want to leave room for doubt as to just how powerful a tool their technology is for crushing dissent. Step forward Chinese company Semptian; flouting all the rules of the game by openly boasting that their SempScope Public Opinion Monitoring System “Monitors any activity of groups of individuals of interest to the government” including “political party networks or potential terrorist social networks.” And if you’re in any doubt as to what kind of activity they mean, they even spell it out for you: The "London riots, “Arab Spring”, and the Moscow Gathering staged by the Opposition Parties" all seem to be equally fair and legitimate targets for Semptian. Let us re-emphasise that last example: the peaceful marches organised by the political opposition in Russia is considered a perfectly suitable example as an example to use this technology.

Another notable development relates to Gamma’s FinFisher, one of the most intrusive offensive surveillance devices on the market and – by no coincidence – one of the most widely abused. Such is the success of FinFisher, the board of Gamma appeared to have incorporate FinFisher as a separate entity. The invasive spying tool found across the world in Bahrain, Turkmenistan, Malaysia and others, is now branded and marketed as its own company. Judging by the open-source company records from Germany, FinFisher GmbH was registered in October 2013 and appears to be the new name for the German Gamma International, as standing alongside FinFisher GmbH in Munich are FinFisher Holding and FinFisher Labs. At Milipol 2013, this new FinFisher GmbH venture shared a stand with UK-based Gamma TSE and Gamma Group.
 

Now with even more to add to their numerous subsidiaries, separate entities, opaque ownership structure, varied export practices and numerous lists of distributors and strategic partners - Gamma Group is undoubtedly one of the most interesting and dangerous companies in the Surveillance Industry Index.

The rise of big traditional arms companies and their move into the surveillance industry market also continues. BAE, the 3rd biggest arms manufacturer in the world, were represented at Milipol by their Applied Intelligence division. This is a catch all term for a range of services and products they supply related to “cyber security” and intelligence gathering. Their capacity has been extensively expanded by acquiring smaller firms such as in 2008 with the acquisition of Detica (forming the current basis of its intelligence wing) and also with the continued strategic acquisitions of smaller firms since then. This is important development - not just because of what this tells us about the surveillance industry or the defence and security market, but because of what this tells us about the role of intelligence and surveillance in national security and modern warfare.

Predictably, the technology continues to advance, and at a rapid pace. One of the most eye-catching items on display was Israeli Septier’s new “IMSI Catcher Mini”, a 1990’s mobile phone-sized device that allows its user to identify the unique reference of your mobile phone. With just that information, a user can have access to all the data contained within it.

And yet, still I see no changes

There are, unfortunately, some things that haven’t changed. Vendors continue to take – at best – a skeptical view of any regulation of their activities, and indeed some seek to take proactive steps to avoid them altogether. When asked specifically on the point of export licenses, which will allow some measure of oversight over the trade, responses were varied; one seller said they avoided selling from the US in order to avoid strict US extra-territorial export controls, another European company complained that their products were subject to encryption export controls, while another reassured me that they didn’t need a license at all – and already had business in North Africa and the Middle East.

This variety of answers is deeply worrying, and yet unexpected. The end goal of their presence at these trade shows is to sell, sell, sell.

“We’re 100% legitimate!”

The main justification used by surveillance companies throughout the day contains a common thread: they sell only to governments, and they do so in strict compliance with trade law. 

They are, of course, perfectly correct on these points. However, if you understand that the “trade law” on surveillance technology they are referring to covers a tiny proportion of the goods on sale, and that some of the governments they refer to use their technology for everything other than the provision of internal state security, it’s an argument that’s hard to swallow, and is frankly unjustifiable.

What Milipol demonstrates above all is that while the demand for surveillance by states grows year by year, there remains a shocking lack of regulation covering the trade. The situation needs to be addressed quickly. Next year’s Milipol is hosted in Qatar and there will be no lack of potential customers there.