Feeds

UK has no idea if it's selling spyware to evil regimes

And that's how we like it, thanks, says gov

The Power of One Brief: Top reasons to choose HP BladeSystem

The UK government says it isn't exercising any control over the sale of surveillance software nor stopping it from finding its way into the hands of repressive regimes.

At the start of the month, Lord David Alton of Liverpool called on the Coalition to ban the export of espionage software and equipment, and questioned previous sales of UK software to Iran and Yemen.

However, Foreign Office minister Lord David Howell of Guildford has said that there is "no evidence of controlled military goods exported from the United Kingdom being used for internal repression in the Middle East and North Africa".

In terms of spying software, Lord Howell said, in a written reply, that the government doesn't usually keep an eye on where it was going because it could be used for legitimate purposes.

"Surveillance equipment, including telephone intercept equipment, covers a wide variety of equipment and software, and generally is not controlled because of its use for a wide variety of legitimate uses and its easy and widespread availability," he said.

If the gear's export is subject to licence, the application would be considered on a case-by-case basis, the minister explained.

"The UK will not issue licences where we judge there is a clear risk that the proposed export might be used to facilitate internal repression," he added.

But since, as he mentions, the government is actually not really controlling the sale of this type of software, that's probably not all that comforting.

We need to talk about Iran

Lord Alton had also asked the government about a particular company, Creativity Software, claiming that it had sold "lawful intercept" software to Irancell, an Iranian telco.

Despite some very specific requests for information about any discussions the government may have had with the company on their activities in Iran, who was present in these meetings, when they occurred and whether or not the firm had service contracts on the technology it sold to Iran, Lord Alton got rather fobbed off with a literal interpretation of his question.

"The UK Government National Technical Authority for Information Assurance provides technical advice to BIS on whether information security products are subject to export controls. In this capacity, on 31 March 2009 officials from this authority had a meeting with Creativity Software to consider products that the company wished to export," wrote the department of Business, Innovation and Skills' Baroness Wilcox in her reply to Lord Alton.

However, she did add that "there has been no export licences issued to Creativity Software to Yemen, Iran or Syria over the past five years".

Creativity Software itself released a statement a few days after the initial allegations, saying that it had only sold location-based technology to Irancell to enable it to offer commercial services to its customers.

"The first services that have been launched are zone based billing and a mobile social networking service (“Friend Finder” and “Family Finder”) - which have been used by over 3 million people in the country since it was launched in January this year," the company said.

However, the firm acknowledged that it was bound by contract to respect the confidentiality of its customers where they wanted it. The statement also pointed to the legitimate uses of location-based softwares for "public safety services, national security and law enforcement applications, as well as commercial" purposes.

All of which seems to neatly sum up the crux of the problem with using surveillance software: it all depends on who is setting the national security agenda, who gets to say what is a "legitimate use" and how this may differ in regimes that would prefer to silence dissenting voices. ®

Bootnote

According to Cambridge's Christ's College, human rights lobbying Lord Alton was the first parliamentarian to visit North Korea, and as chairman of the British-DPRK All-Party Parliamentary Group, he met the chairman of the Supreme People's Assembly, Choe Thae Bok. Last month he gave a talk at Pyongyang University of Science and Technology on "good science and good ethics", telling students: "It is better for men to build bridges than to build walls".

Seven Steps to Software Security

More from The Register

next story
Secure microkernel that uses maths to be 'bug free' goes open source
Hacker-repelling, drone-protecting code will soon be yours to tweak as you see fit
KDE releases ice-cream coloured Plasma 5 just in time for summer
Melty but refreshing - popular rival to Mint's Cinnamon's still a work in progress
NO MORE ALL CAPS and other pleasures of Visual Studio 14
Unpicking a packed preview that breaks down ASP.NET
Cheer up, Nokia fans. It can start making mobes again in 18 months
The real winner of the Nokia sale is *drumroll* ... Nokia
Put down that Oracle database patch: It could cost $23,000 per CPU
On-by-default INMEMORY tech a boon for developers ... as long as they can afford it
Another day, another Firefox: Version 31 is upon us ALREADY
Web devs, Mozilla really wants you to like this one
Google shows off new Chrome OS look
Athena springs full-grown from Chromium project's head
prev story

Whitepapers

Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Consolidation: The Foundation for IT Business Transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.
Application security programs and practises
Follow a few strategies and your organization can gain the full benefits of open source and the cloud without compromising the security of your applications.
How modern custom applications can spur business growth
Learn how to create, deploy and manage custom applications without consuming or expanding the need for scarce, expensive IT resources.
Securing Web Applications Made Simple and Scalable
Learn how automated security testing can provide a simple and scalable way to protect your web applications.