UK to regulate export of spy software
The UK government plans to place restrictions on the sales and export of commercial spyware software from Gamma International, which sells the FinFisher trojan to governments for use by security agencies. According to a report from the Guardian, the Treasury Solicitor's Department (TSol), which advises the UK government in legal matters, assessed the FinFisher software and found that "the system does require a licence to export to all destinations outside the EU". According to TSol, this is because it "is designed to use controlled cryptography".
TSol reportedly began its investigation into the FinFisher software following a letter from civil rights group Privacy International (PI). The UK-based human rights organisation has been fighting to prevent remote monitoring tools like FinFisher from being sold to repressive regimes. The report says that, in a letter from TSol to Privacy International, the UK government suggests that it will not issue the necessary licence for the export of the software to Iran and Syria.
Privacy International says that it welcomes the government's move to begin controlling the export of FinFisher. "However, without swift further action to bring other British companies under the export licensing regime, it's just a sticking plaster on a bullet wound," said Eric King, head of research at Privacy International, adding: "There are a number of pressing questions about the circumstances surrounding the government's volte-face that remain unanswered." The group says that nearly 250 British companies currently work in the communications surveillance industry. Of these, only 62 are said to have publicly available corporate social responsibility policies and only four include constraints that specifically mention use by regimes to commit human rights abuse.
In July, security specialists discovered a trojan closely related to FinFisher was targeting political activists in Bahrain. One month later, mobile variants of Gamma International's commercial spyware for Android, BlackBerry, iOS, Symbian and Windows Mobile devices were sighted by researchers. While Gamma International confirmed that it had demonstrated its software to the Egyptian government before the February 2011 revolution, it says that it "did not supply any FinFisher products to Egypt that could have been used during the movement of the opposition".