Subject: Letter to His Excellency Mr Adam Thomson, High Commissioner Of Britain: Call for Transparency, Accountability & Action Following Reports On FinFisher’s Presence in Pakistan.
Dear High Commissioner Thomson,
As a civil society organization that works on upholding & securing citizen’s right to open and secure access to information, we write to you to raise the issue regarding the presence of FinFisher, sold by a British company, Gamma International. This was brought to public attention through a report published by Citizen Lab, a research group based at the Munk School of Global Affairs, University of Toronto.The lab is independent from government and corporate interests, and publishes research based on evidence.
FinFisher has the ability to affect all forms of software (Mac/Apple, Windows, Android), including but not limited to all Smartphones. It works as an espionage surveillance equipment, obtaining passwords for your hardware and social networks, has the ability to read an individual’s chats,listen in to Skype calls, the capability of listening to private in-room conversations as well as stealing & emailing personal files from an individual’s device. This kind of technology has the potential to be abused & is in clear violation of international human rights laws.
Human rights to privacy and free access is a universal right as made evident by the United Nations Declaration of Human Rights. We quote Article 12 and Article 19 of the Universal Declaration of Human Rights:
Article 12: “No one shall be subjected to arbitrary interference with his privacy, family, home or correspondence, nor to attacks upon his honor and reputation. Everyone has the right to the protection of the law against such interference or attacks”.
Article 19: “Everyone has the right to freedom of opinion and expression; this right includes freedom to hold opinions without interference and to seek, receive and impart information and ideas through any media and regardless of frontiers”.
By reportedly exporting it’s equipment to countries with a questionable human rights record, Gamma is in violation of United Nation’s Guiding Principles on Business and Human Rights, which identifies “a global standard for preventing and addressing the risk of adverse impacts on human rights linked to business activity”.
The reported presence and use of FinFisher is not only a violation of the multiple UN Declarations, but a grave violation of Constitutional Provisions of Human Rights of both the United Kingdom & Pakistan. The United Kingdom protects the privacy of an individual through “The Human Rights Act 1998 (Article 8)”, “Everyone has the right to respect for his or her private and family life, home and correspondence” and the European Convention of Human Rights. According to UK Law RIPA, before obtaining encrypted information, the appropriate person must be notified and it must be proven that national security may be breached, or a crime may be committed, if this data is not retrieved (Section 49, RIPA).The right to data protection is further encapsulated in the Data Protection Act 1998.
In Pakistan, an individual is protected from breach of privacy by Article 14 of the Constitution, establishing that privacy is an “inviolable right” of a citizen, something that cannot be breached under any circumstance. The right to information has been established under Article 19 and 19A of the constitution, bearing that an individual should have freedom of access, expression and information.
Recently, Bolo Bhi joined a Global Coalition that endorses 13 International Principles on the Application of Human Rights to Communications Surveillance. These principles create a framework to limit surveillance, provided legitimate reasons, legitimate transparent actions are taken in proportion to the situation at hand. It gives protection to the individual from being prosecuted or violated for no reason, while giving a legal pathway for governments and individuals to follow. It forms a compromise between the individual and the state. The principles uphold the fundamental right to privacy.
We have a reason to believe that FinFisher has been used to aid in human rights violations. The very first evidence, as per research, of the presence and use of FinFisher was in Bahrain, 2012, against pro-democratic activists. Cyber attacks were launched against journalists and activists in Bahrain that gravely compromised their security and privacy; many of the activists were sent pictures and news of tortured victims as a means to intimidate them.
Thus, the presence of such equipment in Pakistan where Journalists have been targeted throughout the years is quite frightful. Reporters Without Borders has classified Pakistan to be one of the most dangerous places to be a reporter, and the reported presence of such espionage surveillance equipment is an added threat to an already hostile environment.
More than just a violation of the constitution, FinFisher enables private information to be obtained and used illegally against the respective individual, being a possible threat to their life and liberty.
We request the United Kingdom Government to assist us in seeking answers from FinFisher, that has reportedly sold technology to Pakistan with full awareness that it would be abused. We ask for assistance to hold FinFisher accountable for unethical business practice and for greater transparency and accountability in the trade. We seek assistance in disabling FinFisher command and control centres in Pakistan & call for strict action and tougher laws to hold British companies accountable as and when they are in violation of domestic, national and international laws.
We hope the British Government and western governments around the world follow their commitment to free speech and freedom of expression and take action against western companies that sell surveillance and filtering equipment to repressive governments. Put an end to the trade that aids repression.
Director- Bolo Bhi