Non-profit Privacy International (PI) has revealed how the EU funds surveillance techniques using development aid programmes. These include training security forces in non-EU countries. Privacy International and other campaigners are demanding reform of EU aid in respect of this, demanding they “do not facilitate the use of surveillance which violates fundamental rights.”
PI learnt of the situation following the public release of documents that revealed:
- Police and security agencies in Africa and the Balkans are trained with the EU’s support in spying on internet and social media users and using controversial surveillance techniques and tools
- EU bodies are training and equipping border and migration authorities in non-member countries with surveillance tools
- Civipol, a well-connected French security company, is developing mass biometric systems with EU aid funds in Western Africa in order to stop migration and facilitate deportations without adequate risk assessments.
In an article, Thomas Brewster discusses how CEPOL, the EU’s law enforcement training agency, taught security personnel in Europe and Africa, on how to use malware to access citizen’s phones and monitor social media. As PI points out, some of the countries that EU aid for this type of surveillance was given to, are those with a history of human rights abuses. Which is why PI and other organisations want to press the EU to change its funding programme.
Edin Omanovic, advocacy director of Privacy International, said: ““Instead of helping people who face daily threats from unaccountable surveillance agencies, including activists, journalists and people just looking for better lives, this ‘aid’ risks doing the very opposite.”
He added, “The EU as the world’s largest provider of aid and a powerful force for change… failure to reform is a betrayal not just of the purpose of aid and the people it’s supposed to benefit, but of the EU’s own values.”
In the EU parliament, MEP Markéta Gregorová, who works in the EU group on surveillance reforms, commented: “We just made it much harder to export cyber-surveillance and it is unacceptable that at the same time our own law enforcement agencies are training dictators to spy on their people and even recommend surveillance software. This is unacceptable and irreconcilable with our values and screams for reform.”
According to some of the training materials obtained by PI, there are those promoting iPhone hacking tools like GrayKey. For example, in a training session for Morocco, the participants were told that by using Graykey and Axiom together, security personnel would be able to “grab the Apple keychain from within the iPhone, granting it access to apps and the data within.” Morocco is a good example of the reason PI is so determined to change the EU aid programme, as the country has for some time been accused of targeting iPhones to track the activity of journalists and all kinds of activists. In another example, found in the documents, Spain’s Policia Nacional, a CEPOL partner, trained authorities in Bosnia and Herzegovina on using malware to remotely control devices. The files also show how CEPOL and European police are encouraging foreign governments to spy on social networks.
It is unfortunate that the PI revelations come at exactly the same time as the EU announced it would be curtailing the export of particular surveillance tools, which they claim is a move that supports global human rights, saying, “We have set an important example for other democracies to follow.”
PI’s response to the statement was that it “critically undermined by the fact that EU agencies are themselves secretly promoting the use of techniques which pose serious threats.”
It would appear that while the European Parliament and Council are legislating to stop surveillance abuses, CEPOL and European police are doing the opposite. This kind of situation where the left hand apparently doesn’t know what the right is doing, is exactly one where those who wish to undermine the EU will look for ammunition. It must get its house in order on this important issue.