Spyware for sale: Hacking Team leaks show Australian companies scrambling to cash in on Government surveillance contracts |
At least four Australian companies have tried to sell a range of controversial spyware and surveillance tools to Australian law enforcement agencies as well as foreign governments, according to emails revealed by WikiLeaks.
The sophisticated spyware has been developed by controversial Italian company Hacking Team, which recently came under criticism for its links to repressive regimes.
Earlier this month Hacking Team's inner workings were revealed after the company itself was hacked and thousands of emails were published by WikiLeaks.
The trove of emails exposed the secretive and lucrative dealings of the private surveillance industry.
An investigation by the ABC revealed Australian companies have been acting as middle-men, dealing with Hacking Team on the one hand, and agencies such as the Australian Federal Police, Defence and Indonesian intelligence on the other.
Hacking Team's leading product - called Remote Control System (RCS) – can siphon off data and listen in on communications before they are encrypted.
Once a computer or mobile phone is infected the tool can read emails, switch on the microphone or camera on the device, identify passwords and record Skype calls.
The emails, and inquiries by the ABC, reveal four Australian companies - Providence Australasia, Miltect, Criterion Solutions and GRC360 - have been in contact with Hacking Team.
Secret negotiations uncovered
ASIO and the AFP are more closely linked to notorious Italian-based surveillance company Hacking Team than previously thought, according to leaked emails published by Wikileaks.
Former AFP officer Nigel Phair told the ABC more transparency around those companies and their contractors was needed.
"If you're going to rely on the private sector to develop technology which [is] going to use privacy invasion, spy on citizens, then you've really got to look at the bona fides of that organisation," he said.
Greens senator Scott Ludlam said it was clear that Hacking Team "appear not to have a high moral threshold when it comes to choosing some of the client regimes they work with".
"They operate though a series of sub-contractors and affiliates and it's not easy to know who is working for who," he said.
Suburban Perth, special ops and Ecuador
One company, Providence Australasia, operates from a suburban Perth home and has earned $70,000 this year by providing multimedia surveillance services to the Australian Defence Force.
In November 2012 Providence Australasia's Matt Jamieson wrote to Hacking Team saying a number of agencies in Australia and New Zealand were interested in the Italian company's product.
An internal Hacking Team email says: "FYI the client Providence is representing in Australia is the special forces from Defence. Apparently this client is already using Gamma's solution but he is not happy at all with it and asked Providence to contact us. Time for us to defeat the competition!"
Providence then went a step further, attempting to sell some of its "black ops" capability to Hacking Team.
Hacking Team responded favourably.
"The training they provide is unconventional, focusing on military intelligence and surveillance ... it may prove to be a high-value complementary formation. Well worth a try proposing it to some selected clients. Premium price here is mandatory!"
Hacking Team chief executive David Vincenzetti replied with "agreed".
In a statement to the ABC, the Defence Department said the Army had "no direct relationship with Hacking Team".
Other emails reveal that Providence facilitated an opportunity for Hacking Team in Ecuador, a country known for censoring news and persecuting opposition protesters.
"This is a new group to be formed by Ministerio del Interior (MDI) for the use of a number of agencies active in policing. The focus is on traffic social networks."
The ABC has made several efforts to contact the Australian office of Providence for comment.
The company is yet to return the calls, however since the ABC first contacted Providence its Australian office listing has disappeared from its website.
The company has not responded to follow-up questions on email.
"The private sector are key critical partners in the development of this sort of technology. They are able to do the development. Government just hasn't got enough staff to be able to create these sorts of things," he said.
Miltect is another Australian surveillance company identified in the Hacking Team emails. It operates from a suburban house in regional NSW.
The company has traded over $1 million with Defence in the past few years, but its website says it also works with commercial clients.
Miltect director Kevin McKinnon sought to position himself as a middle-man between Hacking Team and Indonesian intelligence agencies, which were already among his company's clients.
"Our company provides various products and services to government agencies within Indonesia. Agencies include National Police, Bureau National Intelligence, Bureau National Narcotics and Military," he said.
"These products and services include secure communications, tactical intelligence products, covert surveillance and interception equipment.
"We are headquartered in Australia, however, now have an established project office in Jakarta due to the volume of contracts."
The ABC approached Mr McKinnon for an interview but he declined, citing legal advice.
Emails between Miltect and Hacking Team appear to show that a deal did not eventuate.
However, Hacking Team worked to exploit the rift between Australia and Indonesia following revelations Australia had tapped the Indonesian president's phone.
"The Indonesian Government, is trying to achieve a sort of intelligence autarchy because it deeply mistrusts the so called Five Eyes (Commonwealth) ... So the Indonesian market, is ready, it is willing to build up its own intelligence apparatus - Let's go," Hacking Team's Mr Vincenzetti said.
Hacking Team also declined to be interviewed, but offered this response: "Hacking Team requires clients to affirm that HT [Hacking Team] technology will not be used for military or illegal purposes."
'Stingrays' used to suck up mobile data
A third Australian company identified in the Hacking Team emails is Criterion Solutions. In a series of emails, it is suggested the company was representing ASIO.
Last year alone the company earned over $5 million from the Australian Defence Force for items including "communication devices" and "surveillance and speciality aircraft".
Former AFP officer Mr Phair said much of that was for drones.
"They import drones out of the Nordic countries and sell them into Defence. They are particularly good technology. They have great range, and they are every stealthy," he said.
However, the company also claims to be the exclusive Australian distributor and in-country support provider for QRC Technologies.
QRC Technologies' products include the SimSucker and IMSI-catcher technology, commonly known as stingrays.
Stingrays are fake mobile phone towers which indiscriminately suck up anyone's mobile phone data within a particular range.
Surveillance specialist Mr Molnar said these types of technologies were widely used by law enforcement agencies in the United States.
"The FBI has been very adamant about their use. When they [law enforcement] use it, they don't always disclose it in court and that has meant that there is a lack of transparency about when exactly the technology is being used, how often it is being used," he said.
"The FBI say they purge that information directly after an operation but in countries like Australia, where there is no limit on how long data can be retained for, it creates a situation where there is a trove of data that is subsequently searchable and can be acted upon."
Criterion Solutions confirmed it did contact Hacking Team, but denied its client was ASIO.
"I don't know where that came from," company director Michael Sinkowitsch said.
On the company's website, it says it seeks highly skilled intelligence analysts, with current high-level security clearances.
Mr Sinkowitsch also denied the company was importing stingray technology.
"I've never heard it, other than something that unfortunately killed Steve Irwin. I've never heard the term stingray and technology," Mr Sinkowitsch said.
'This is just the tip of the iceberg'
Mr Molnar said he believed surveillance technology was well out in front of the legislation permitting its use in Australia.
"I don't think the restrictions that are required exist here in Australia to deal with these kinds of technologies," he said.
"There are so many exemptions and exceptions for law enforcement under the Australian Privacy Principles around collection, storage, and disclosure of data that they are effectively meaningless, and then there is the absence of a bill of rights," he said.
Former AFP officer Mr Phair called for more transparency and reporting on the use of surveillance technologies in both law enforcement and intelligence gathering.
The corporate culture inside [Hacking Team] is vile and contemptuous of human rights and even the rule of law ... I suspect this is really the tip of the iceberg.
Greens senator Scott Ludlam
"As a society we need to have that discussion and we need these government agencies to be a little more outwardly-focused in what they are doing, and report these matters in a bit more of a transparent way," he said.
"I think we need a bit more granularity in that reporting; what was it used for, how many convictions did it result in?"
It is almost impossible to know what technologies are being deployed by Australian intelligence and law enforcement agencies, as a result of a lack of reporting by the agencies to parliament and the effect of "commercial-in-confidence" clauses used by private contractors.
Senator Ludlam sees a trend of outsourcing Australia's military-industrial complex.
"As soon as you take that across to the private sector, in addition to the normal national security shroud that gets thrown over some of these things, you've got commercial-in-confidence and you've got people acting on a very, very long leash, still on taxpayers' funds, operating in this legal grey area," he said.
"I think it's a big concern."
Senator Ludlam added: "The corporate culture inside [Hacking Team] is vile and contemptuous of human rights and even the rule of law.
"In this instance Hacking Team are getting singled out, because they got so effectively owned and their DNA effectively spooled out on WikiLeaks.
"But there are a lot of other outfits like them and I suspect this is really the tip of the iceberg."
HAVE YOUR SAY!!! - What do you think about this story? Tell us here. |
|