Guest Post: Corporate Responsibility in the Age of Surveillance – How IT Companies undermine Freedom of Expression

Very pleased to welcome this guest post by Mesenbet Assefa Tadeg, a doctoral fellow at the Irish Centre for Human Rights at NUI Galway. Mesenbet is a lecturer at Addis Ababa University and his PhD examines the protection of freedom of expression in Ethiopia. You can follow him on twitter: @messiassefa

Information technology in the twenty-first Century has revolutionized the ability of individuals to access information and the opportunity to participate in different affairs of government. The democratizing force of information technology has been particularly phenomenal. It created the possibility for individuals to use different social media platforms and other forms of internet based communications for greater public participation which has hitherto been limited to certain segments of society. Moreover, unlike the traditional paper based media outlets such as magazine and newspapers which can be heavily influenced by the state machinery of censorship, the advent of different platforms through the internet has enabled individuals to have the freedom as well as the ability to participate in socio-political issues with limited constraints.

While this has been one of the remarkable features of the digital age, parallel developments such as the use of surveillance, blocking and filtering internet sites, infringement of individual privacy rights and cyber attacks continue to have a chilling effect on the effective utility of the technology. In particular, the use of the internet as a major means of communication has expanded the range and amount of information that can be monitored by governments. One of the worrying trends in this regard has been the issue of cyber surveillance. Human Rights Watch notes that new communications tools like Voice over Internet Protocol, chat, email, and social media services can be intercepted. Governments can easily gather information to monitor the political activities of individuals.

Recent reports also show that some states have been using advanced surveillance technologies to target and identify political dissidents both inside and outside of their jurisdiction. For example, it was reported that Ethiopia, which continues to have one of the lowest records on freedom of expression, has been using cyber surveillance technologies to track down political dissidents with technologies supplied by foreign companies. Citizen Lab, a research institute based at the Munk School of Global Affairs at the University of Toronto in Canada, reported that the Government of Ethiopia has been able to acquire advanced surveillance technologies from the Italian based IT company Hacking Team. Through a contract estimated to be worth millions of dollars, Hacking Team supplied the Ethiopian authorities with surveillance technology called the Remote Control system.

This technology works through malware called FinFisher which is installed on a targeted individuals’ computer, having been sent by an email containing a malicious link or a file disguised as something of interest to the individual. It was reported by the Washington Post last year that the FinFisher malware was found when ESAT, an Ethiopian News Channel based in the US reported that it was the target of the FinFisher malware. The FinFisher malware can effectively acquire and send all the information needed from the targeted computer including computer files, e-mails, Skype calls and other details. In the same year Mr. Kidane, an Ethiopian political dissident living in the US, filed a case in the District of Columbia against the Government of Ethiopia for being victim of the surveillance program of the Ethiopian government and the infringement of his right to privacy (Kidane v Ethiopia). The case is still pending and it will be interesting to see how it develops.

Ethiopia is no exception to the growing demand for surveillance technologies by governments. One observes that there is a growing trend in the supply of surveillance technologies to states with very limited accountability for human rights violations. Index on Censorship in its 2014 report indicated that the Hacking Team’s surveillance technologies were supplied not only to Ethiopia but also to Azerbaijan, Egypt, Kazakhstan, Oman, Saudi Arabia, Sudan, Turkey, Uzebekistan, Malaysia and Nigeria. Recently, the Washington Post reported that Ethiopia continues to target dissident journalists abroad through the use of the same surveillance technology. Despite repeated calls for Hacking Team and other companies that supply the surveillance technologies to comply with their human rights obligations and corporate responsibility, they have not adequately responded to such calls.

Screen Shot 2015-03-20 at 10.33.30

Many international human rights organisations including Human Rights Watch and Amnesty International have called for greater accountability for IT companies. IT companies that provide these surveillance technologies should observe their attendant human rights obligations and the ethical demands of the business. In the case of the Hacking Team, while Human Rights Watch had called for serious consideration of its deals with Ethiopia to make sure that its technologies will not be used for silencing dissent and violations of other human rights, recent reports show the use of the technology to target journalists and political dissidents continues unabated. What is worrying is that in countries like Ethiopia where human rights accountability is rarely visible, the repercussions of identity disclosure of a political dissident means that not only his right to privacy and his ability to oppose the regime are drastically affected, but it may also lead to other serious human rights violations.

While the conventional narrative has been that the issue of cyber surveillance has been articulated from the perspective of the right to privacy, its impact in silencing political dissent is enormous.

While the conventional narrative has been that the issue of cyber surveillance has been articulated from the perspective of the right to privacy, its impact in silencing political dissent is enormous. It creates a self censoring environment by instilling fear in individuals and by making them feel insecure and that their political activities are being monitored by the very government they intend to oppose. Silencing dissent has a multiplier effect, drastically affecting the ability of individuals to express their dissent and seriously undermining their ability to share their views. In the face of constant persecution, individuals often use anonymity to criticize a government that is bent on dismantling any form of political dissent. The exposure of the identity of individuals and the information they hold means that it effectively decimates dissenting voices and thereby seriously undermines the democratization process of states. It is no accident that States with a very low track record in tolerating political dissent such as Ethiopia, have been engaging in aggressive cyber surveillance.

The supply of advanced surveillance technologies for governments without closely studying the attendant obligations of IT companies to consider the serious human rights concerns related with their deals decimates the expression of dissent and serves as a controlling mechanism for authoritarian governments. While states bear the primary responsibility with regard to respect for human rights, non-state actors including multinational companies have the responsibility to ensure that their business practices do not undermine the enjoyment of human rights and fundamental freedoms. The UN Guiding Principles on Business and Human Rights states that business entities should not be involved in activities that implicate them in human rights violations. In the context of freedom of expression, it has to be noted that the Global Network Initiative, a global multi-stakeholder initiative that aims to ensure technology companies respect the rights to freedom of expression has also endorsed this principle.

In the face of the serious implications that cyber surveillance may entail in repressive regimes, it is important for IT companies to seriously scrutinize the human rights implications of their technologies. Ireland being the hub of multinational IT companies in Europe should play a leading role in ensuring that the operations of its companies are not implicated on the supply of technologies that would have a silencing effect. The violation of the free expression of individuals and other fundamental human rights in turn can be seriously damaging to their reputation.


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s