Privacy International today has made a criminal complaint to the National Cyber Crime Unit of the National Crime Agency, urging the immediate investigation of the unlawful surveillance of three Bahraini activists living in the UK by Bahraini authorities using the intrusive malware FinFisher supplied by British company Gamma.
Moosa Abd-Ali Ali, Jaafar Al Hasabi and Saeed Al-Shehabi, three pro-democracy Bahraini activists who were granted asylum in the UK, suffered variously from years of harassment and imprisonment, and were subject to unspeakable torture at the hands of the Bahraini government.
Investigation and analysis by human rights group Bahrain Watch showed that while Moosa, Jaafar, and Saeed were residing in the UK, Bahraini authorities targeted the activists and had their computers infected with the surveillance Trojan FinFisher.
While it’s long been known that Gamma has provided surveillance capabilities to Bahrain, amongst other countries, the extent of Gamma’s complicity in Bahrain’s unlawful surveillance of individuals located abroad has only recently been confirmed. Two months ago, a number of internal Gamma documents were published revealing that Gamma is both aware of, and actively facilitating, the Bahraini regime’s surveillance of targets located outside Bahrain through the provision of intrusion technology called FinFisher to the Bahraini authorities.
The analysis by Bahrain Watch clearly shows that, amongst the Gamma documents published online, those targeted by the Bahraini government with FinFisher technology were Mohammed, Jaafar, and Saeed, along with prominent Bahraini opposition politicians, democracy activists and human rights lawyers.
FinFisher was developed and produced by the British company Gamma International. Promotional material for FinFisher shows that it allows its user full access to a target’s infected device and everything contained within it, even enabling them to turn on functions such as cameras and microphones. Reports from the Citizen Lab suggest that FinFisher command and control servers have been found in 35 countries, including Ethiopia, Turkmenistan, Bahrain, and Malaysia.
The complaint filed today argues that the actions of the Bahraini authorities qualifies as an unlawful interception of communications under section 1 of the UK’s Regulation of Investigatory Powers Act 2000. By selling and assisting Bahraini authorities, the complaint argues that Gamma is liable as an accessory under the Accessories and Abettors Act 1861 and/or encouraged and assisted the offence under the Serious Crime Act 2007.
Moosa, Jaafar, and Saeed are being represented by Privacy International, who have instructed Mark Scott of Bhatt Murphy Solicitors. Earlier this year, Privacy International and Bhatt Murphy filed a criminal complaint in the UK in relation to the targeting of Tadesse Kersmo, an Ethiopian refugee who was infected with FinFisher.
Adriana Edmeades, Legal Officer for Privacy International, said:
For too long companies like Gamma have been enabling repressive states’ unlawful conduct, but then seeking to suggest that they bear no responsibility for the products that they supply. We think it’s time that companies like Gamma, which earn a significant amount of money from providing pernicious technologies to states which are known to torture and repress, are made to face the consequences of their doing so.”
Saeed Al-Shehabi said:
It is shocking to know that in the country where you have sought asylum and fled the dark repression of tyranny and dictatorship you are not left alone and that the protection you had aspired to get has not materialised.”
Moosa Abd-Ali Ali said:
I thought I was safe here in Britain, but the Bahraini government is monitoring me here, and I think that anybody helping them should be charged with a crime.”
Jaafar Al Hasabi said:
To find out that I was not even safe in the UK made me very upset. It is wrong for the Bahrain government to be able to hack into my computer from overseas. And I think it is wrong for a British company to help them to do that.”
Mark Scott of Bhatt Murphy said:
These activists came to the UK to seek protection from the Bahraini government. And to the extent to which they are being unlawfully spied on here, the British state and the police must take action.”