Syrian activist Rami Nakhle said that after he set up an online newspaper and started blogging about human rights, Syria’s secret police last year began summoning him for regular interrogations that involved threats of torture and a day in solitary confinement. Officers made it clear that they had watched him online despite his efforts to conceal his identity.
Police also hacked into fellow activists’ Facebook accounts, said Nakhle, 29. “Before, they were not very good at this, but now they are getting more advanced,” he said.
Nakhle fled to Lebanon in January and now lives in suburban Washington as a political exile. Many of his friends are still in Syrian prisons. “I am not that idealistic. I know that companies need money, but this is about people’s lives,” he said.
A Syrian Embassy spokesman did not respond to messages seeking comment on the government’s use of surveillance technology.
Getting past sanctions
The Commerce Department is investigating how monitoring devices made by Blue Coat Systems, based in Sunnyvale, Calif., reached Syria despite sanctions, according to several U.S. officials who spoke on the condition of anonymity to discuss an ongoing investigation. Blue Coat Systems has said it didn’t know its products were being used by Syria and that the devices in question were intended for the Iraqi communications ministry. A distributor, the company said, shipped the products to a reseller in Dubai late last year.
In a statement last month, Blue Coat said it was cooperating with government agencies probing “this unlawful diversion” and conducting its own internal review. A spokesman for the company declined to comment further.
NetApp, also of Sunnyvale, produced hardware and software that the Syrian government was using to build a system to intercept and catalogue vast amounts of e-mail, according to Bloomberg News. NetApp has denied selling equipment to Syria. The project, which was never finished, also included computer equipment from another California company and two European businesses.
The technology’s spread is not limited to the Middle East. A federal lawsuit filed in May accuses Cisco Systems of helping China monitor the Falun Gong group.
The lawsuit, filed by the U.S.-based Human Rights Law Foundation, alleges that Cisco helped design and provide equipment for China’s “Golden Shield,” a firewall that censors the Internet and tracks government opponents. Cisco has acknowledged that it sells routers, which are standard building blocks for any Internet connection, to China. But it denies the allegations in the suit, saying that it has not customized any items for use in censorship.
A spokesman for the Chinese Embassy did not respond to messages seeking comment. U.S. companies that want to export devices “primarily useful for the surreptitious interception of wire, oral or electronic communications” must apply to the Commerce Department for a license to sell to overseas buyers under the department’s Export Administration Regulations.
But it can be hard to prove that an export is “primarily useful” for surveillance. Some products need to be used in combination with other equipment in order to eavesdrop. Even standard anti-virus software can be retooled to read e-mails and attachments.
Daniel Minutillo, a Silicon Valley-based lawyer who advises technology companies, said that in most cases his clients can show that their products have multiple uses, making them exempt from export licensing rules.
Human rights groups want this exemption ended. “As long as the market is increasing and there is a lack of regulation, it’s a perfect mix,” said Arvind Ganesan, who studies online surveillance for Human Rights Watch. “The Obama administration has not led in this regard, and there are only a few voices in Congress talking about this. It’s a massive oversight.”
Smith’s bill, which has stalled in committee several times in recent years, would prevent sales to countries, such as China and Syria, that restrict Internet freedom. Yet more aggressive U.S. laws might push the industry overseas if other nations don’t impose similar restrictions. Indian and Chinese vendors have attended Wiretappers’ Balls in recent years.
A State Department official who attended the event in October was pessimistic that government regulation could curb a fast-changing technology sector. “We’ve lost,” said the official, who spoke on the condition of anonymity. “If the technology people are selling at these conferences gets into the hands of bad people, all we can do is raise the costs. We can’t completely protect activists or anyone from this.”