Feeds

UK has no idea if it's selling spyware to evil regimes

And that's how we like it, thanks, says gov

7 Elements of Radically Simple OS Migration

The UK government says it isn't exercising any control over the sale of surveillance software nor stopping it from finding its way into the hands of repressive regimes.

At the start of the month, Lord David Alton of Liverpool called on the Coalition to ban the export of espionage software and equipment, and questioned previous sales of UK software to Iran and Yemen.

However, Foreign Office minister Lord David Howell of Guildford has said that there is "no evidence of controlled military goods exported from the United Kingdom being used for internal repression in the Middle East and North Africa".

In terms of spying software, Lord Howell said, in a written reply, that the government doesn't usually keep an eye on where it was going because it could be used for legitimate purposes.

"Surveillance equipment, including telephone intercept equipment, covers a wide variety of equipment and software, and generally is not controlled because of its use for a wide variety of legitimate uses and its easy and widespread availability," he said.

If the gear's export is subject to licence, the application would be considered on a case-by-case basis, the minister explained.

"The UK will not issue licences where we judge there is a clear risk that the proposed export might be used to facilitate internal repression," he added.

But since, as he mentions, the government is actually not really controlling the sale of this type of software, that's probably not all that comforting.

We need to talk about Iran

Lord Alton had also asked the government about a particular company, Creativity Software, claiming that it had sold "lawful intercept" software to Irancell, an Iranian telco.

Despite some very specific requests for information about any discussions the government may have had with the company on their activities in Iran, who was present in these meetings, when they occurred and whether or not the firm had service contracts on the technology it sold to Iran, Lord Alton got rather fobbed off with a literal interpretation of his question.

"The UK Government National Technical Authority for Information Assurance provides technical advice to BIS on whether information security products are subject to export controls. In this capacity, on 31 March 2009 officials from this authority had a meeting with Creativity Software to consider products that the company wished to export," wrote the department of Business, Innovation and Skills' Baroness Wilcox in her reply to Lord Alton.

However, she did add that "there has been no export licences issued to Creativity Software to Yemen, Iran or Syria over the past five years".

Creativity Software itself released a statement a few days after the initial allegations, saying that it had only sold location-based technology to Irancell to enable it to offer commercial services to its customers.

"The first services that have been launched are zone based billing and a mobile social networking service (“Friend Finder” and “Family Finder”) - which have been used by over 3 million people in the country since it was launched in January this year," the company said.

However, the firm acknowledged that it was bound by contract to respect the confidentiality of its customers where they wanted it. The statement also pointed to the legitimate uses of location-based softwares for "public safety services, national security and law enforcement applications, as well as commercial" purposes.

All of which seems to neatly sum up the crux of the problem with using surveillance software: it all depends on who is setting the national security agenda, who gets to say what is a "legitimate use" and how this may differ in regimes that would prefer to silence dissenting voices. ®

Bootnote

According to Cambridge's Christ's College, human rights lobbying Lord Alton was the first parliamentarian to visit North Korea, and as chairman of the British-DPRK All-Party Parliamentary Group, he met the chairman of the Supreme People's Assembly, Choe Thae Bok. Last month he gave a talk at Pyongyang University of Science and Technology on "good science and good ethics", telling students: "It is better for men to build bridges than to build walls".

Endpoint data privacy in the cloud is easier than you think

More from The Register

next story
PEAK LANDFILL: Why tablet gloom is good news for Windows users
Sinofsky's hybrid strategy looks dafter than ever
Leaked Windows Phone 8.1 Update specs tease details of Nokia's next mobes
New screen sizes, dual SIMs, voice over LTE, and more
Fiendishly complex password app extension ships for iOS 8
Just slip it in, won't hurt a bit, 1Password makers urge devs
Mozilla keeps its Beard, hopes anti-gay marriage troubles are now over
Plenty on new CEO's todo list – starting with Firefox's slipping grasp
Apple: We'll unleash OS X Yosemite beta on the MASSES on 24 July
Starting today, regular fanbois will be guinea pigs, it tells Reg
Another day, another Firefox: Version 31 is upon us ALREADY
Web devs, Mozilla really wants you to like this one
Secure microkernel that uses maths to be 'bug free' goes open source
Hacker-repelling, drone-protecting code will soon be yours to tweak as you see fit
Cloudy CoreOS Linux distro declares itself production-ready
Lightweight, container-happy Linux gets first Stable release
prev story

Whitepapers

7 Elements of Radically Simple OS Migration
Avoid the typical headaches of OS migration during your next project by learning about 7 elements of radically simple OS migration.
Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Consolidation: The Foundation for IT Business Transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.
Solving today's distributed Big Data backup challenges
Enable IT efficiency and allow a firm to access and reuse corporate information for competitive advantage, ultimately changing business outcomes.
A new approach to endpoint data protection
What is the best way to ensure comprehensive visibility, management, and control of information on both company-owned and employee-owned devices?