You are here
Did Hacking Team receive Italian public funding?
Only a few days after it was reported that intrusive surveillance technology developed and sold by Italian surveillance company Hacking Team was found in some of the most repressive countries in the world, Privacy International has uncovered evidence which suggests the company has received over €1 million in public financing.
It has come to Privacy International’s attention that Hacking Team appears to have received €1.5 million from two venture capital funds originating from the Region of Lombardy in 2007. One of the funds, Finlombarda Gestioni SGR S.p.A (FGSGR) has only a single shareholder - Finlombarda S.p.A, a public financial services agency whose only shareholder is the Region of Lombardy. Finlombarda S.p.A. designs, builds and manages financial services on behalf of the Region of Lombardy, placing the profits of Hacking Team hand-in-hand with the public finances of Lombardy. FGSGR also lists the Head of Venture Capital as being a Board Member of Hacking Team itself.
Given the countries where Hacking Team's products appeared to have been identified, and that the company is potentially being financed with public money, Privacy International today written to over 175 members of the Italian Parliament and senior Italian Government authorities urging them to investigate and to take action to ensure that its invasive and offensive not exported from Italy and used in human rights violations.
Hacking Team technology identified in repressive regimes
A recent report published by the Citizen Lab, an interdisciplinary research institute based at the University of Toronto, has shown indications that Hacking Team’s technology has been used in Azerbaijan, Egypt, Ethiopia, Kazakhstan, Malaysia, Nigeria, Oman, Saudi Arabia, Sudan, Turkey and Uzbekistan, amongst others. Sudan, currently subject to EU restrictive measures that include an arms embargo, is also reported to have obtained surveillance technology from Hacking Team. Hacking Team's 'Remote Control System', a suite of customised surveillance technologies designed to target electronic devices and allow the purchaser to copy files from a computer’s hard disk, to record Skype calls, emails, instant messages and turn on a device’s camera and microphone without the victim’s knowledge. Hacking Team’s brochures boast that the Remote Control System can "monitor a hundred thousand targets".
A separate report by Citizen Lab also indicates that the Ethiopian journalist group ESAT was targeted with sophisticated spyware. ESAT describes themselves as a "broad based collective of exiled journalists, human rights advocates, civic society leaders and members in the Diaspora", and the report points out that their radio and television signals have been the target of jamming from within Ethiopia several times in recent years. While recent focus has centred on Gamma International and the use of their FinFisher tool in the targeting of Ethiopian refugees living in the UK, it appears Ethiopia was not content with having only one surveillance company on their books.
Many of the laws governing free speech and press in Ethiopia are considered be repressive and used merely to clamp down on dissidents, journalists and political opponents are jailed for lengthy terms on terrorism charges, while others are more blunt in describing the State as being authoritarian.
Outside of Ethiopia, a look at Hacking Team's alleged customers suggests the significant risk that their surveillance technology could enable systematic and ongoing violations of human rights in countries such as Morocco, Western Sahara, Sudan, Kazakhstan, Uzbekistan, Azerbaijan, Egypt, Turkey, and Nigeria.
Questions over Hacking Team and public money
In light of where Hacking Team's technology has been found, it was disturbing to uncover any potential connections between Hacking Team and the Region of Lombardy. Hacking Team is listed as a beneficiary of the “NEXT Fund” portfolio of 'Finlombarda Gestioni SGR' S.p.A (FGSGR), in which the investments have the aim, "in line with international best practice", of supporting high growth start-ups and is dedicated to small and medium enterprises belonging to the "innovative and technological sectors". FGSGR lists the Head of Venture Capital as being a Board Member of Hacking Team, but critically FGSGR has only a single shareholder - 'Finlombarda S.p.A.'. This is a public financial services agency whose only shareholder is the Region of Lombardy. Finlombarda S.p.A. designs, builds and manages financial services on behalf of the Region of Lombardy, placing the profits of Hacking Team hand-in-hand with the public finances of Lombardy.
The apparent provision of public money into the growth of Hacking Team is in conflict with the public financial services agency's attempts to codify ethics as a core internal policy. We are therefore calling for an urgent clarification by both the Italian Government and the Region of Lombardy into this, and for their response to the appropriateness of investing public money in technologies that can be used to facilitate human rights abuses. Similarly, we would welcome clarification that the Italian Government and / or the Region of Lombardy does not benefit financially from any continuing links with Hacking Team.
Unfortunately, the investment of public money into developing and growing surveillance companies is a trend that has been replicated elsewhere, most recently in South Africa. Often, these companies are portrayed as ‘innovative’ or ‘high growth start-ups’, meaning they are ripe for development or seed funding from venture capitalist funds or direct funding via government agenices. If there is profit to be made, and we have seen the profitability of this industry, money will continue to be pumped into these companies. However in this instance, it appears it is not such as clear-cut case of private venture capitalists making a quick profit in a technology firm.
Given these shocking revelations, it is critical that the Italian authorities investigate immediately. In relation to any potential public financing, we have asked the President of the Region of Lombardy to clarify if due diligence procedures are carried out on an annual basis for Finlombarda S.p.A’s investments, and if these include any human rights impact assessment. We have also asked if the Regional Government will continue to fund Hacking Team in light of the reports and human rights concerns outlined above, and query if Hacking Team has benefited from any direct funding programmes run by the Italian Ministry of Economic Development.
We have already seen that the export of surveillance technologies often occurs without effective or in some cases, any, regulatory oversight from national governments. In light of this fresh report from Citizen Lab, we also asked the Italian Government, very fundamental questions:
- Do Hacking Team's “Remote Control System”, “Da Vinci”, or “Galileo” products currently require approval from the Italian Government when exporting?
- Has the Italian Government reviewed any applications before exports have taken place
- If it has approved any export licences, what countries were the exports approved to?
In the past and when presented with pressing information, the Italian Government has reacted positively in clamping down on Italian technology companies having links to repressive regimes, as occurred with AREA S.p.A and the Syrian Government in 2011. In light of this new report, suggesting that an Italian company is openly trading in technologies that can be easily and readily abused, we call on the Government to once again act unilaterally. In accordance with Article 8 of European Regulation 428/2009, which says a state can unilaterally impose a licencing requirement for "reasons of public security or human rights considerations", we urge the Italian Government to act in the same manner regarding Hacking Team’s technology.
With the Government of Matteo Renzi and his new Cabinet now in place, it would be the perfect opportunity for both the new Minister for Economic Development and the Italian Government as a whole to take action on the companies that operate in its territory. International statements highlight the human rights responsibilities of both the business and the State where the company is located, and also those businesses that receive funds from governments. This issue raises serious questions as to the suitability of the continuous use of State funding for the development of these technologies. The new Italian Government has been presented with a perfect opportunity to break from the past in many aspects, and here it needs to step up and address Italy’s role in the development and export of these technologies.
If Prime Minister Renzi wants to provide for a more hopeful future for Italian politics and society, his government has now been provided with one such opportunity to change it. The question is: will Italy react?