We encourage you to republish this article online and in print, it’s free under our creative commons attribution license, but please follow some simple guidelines:
  1. You have to credit our authors.
  2. You have to credit SciDev.Net — where possible include our logo with a link back to the original article.
  3. You can simply run the first few lines of the article and then add: “Read the full article on SciDev.Net” containing a link back to the original article.
  4. If you want to also take images published in this story you will need to confirm with the original source if you're licensed to use them.
  5. The easiest way to get the article on your site is to embed the code below.
For more information view our media page and republishing guidelines.

The full article is available here as HTML.

Press Ctrl-C to copy

Arms-exporting nations have agreed to extend the export control regime that limits the proliferation of military products to include internet surveillance technology.

Campaigners have cautiously welcomed the move to widen the Wassenaar Arrangement, and hope that it could slow the transfer of technologies used to suppress dissent in autocratic countries.

The arrangement was established in 1996 to limit the proliferation of weapons and dual-use items after the fall of the Soviet Union. Its ‘control lists’ include technologies that are either exclusively for military use, such as arms and munition, or that can be repurposed for security applications, including electronics, computers and propulsion technologies.

In all, 41 nations that produce or export these technologies have signed up to the voluntary agreement. The arrangement does not ban such exports, but it does mean that companies must obtain licences and that exporting countries must report transfers to the rest of the group.

Last month, technologies that are increasingly used by security services and intelligence agencies for online surveillance, such as intrusion software and communications surveillance systems, have been added to the list at a meeting in Vienna (3-4 December).

The moves comes after a series of diplomatic rows between the United States and regional powers including Brazil and Germany over the apparently widespread surveillance of official communications by the United States’ National Security Agency (NSA). A statement issued by the Wassenaar Arrangement’s secretariat following the meeting noted that these surveillance tools “may be detrimental to international and regional security and stability”.  

While the NSA’s online dragnet has attracted the majority of recent attention, these technologies are also proliferating outside the United States, and many are developed by the private sector.

An index of the surveillance industry published last November by UK campaigning organisation Privacy International identified 338 vendors in 35 countries. UK Trade and Investment, the government’s trade promotion department, estimates that the global cybersecurity industry is worth nearly US$200 billion a year.

Clamping-down on dissent

Human rights defenders and journalists organisations have highlighted the increased use of sophisticated surveillance technology in repressive regimes around the world. The use of social media and voice-over-internet-protocol during the Arab Spring woke some governments up to the potential for dissent to be incubated and transmitted online.

Several have reportedly moved on from banning access to Facebook and Skype to more-active surveillance using commercial technology imported from Europe, according to the anti-censorship Reporters Without Borders group. Bahrain, Syria and Vietnam have joined a list of nations reported by mainstream press to use sophisticated technology to clamp down on dissent.

Marietje Schaake, a Dutch member of the European Parliament who has campaigned for greater restrictions on the technology, welcomed the expanded agreement. “For years, this has been a gaping hole in European Union regulation which has had profound implications for human rights,” she said in a statement. “Authoritarian regimes use technology to spy on and repress their populations, but the systems that European and other companies export can also be used against us in a cyber attack or for corporate espionage. Digital weapons can be as effective and dangerous as conventional arms.”

Edin Omanovic, a surveillance technology specialist at Privacy International, says that the expansion of the control list represents progress, but that more work needs to be done to curtail access to such technologies.

“We have to think of ways for [governments] to enforce the controls,” he says. “It’s always going to be the case that some of these technologies are intangible and very easy to export, which presents unique enforcement challenges that conventional arms don’t.”

Even before the revelations of widespread NSA surveillance, cybersecurity was increasingly on the agenda at gatherings of developing nations. The African Union and African Development Bank both opened discussions on formulating cybersecurity strategies for the continent during 2013.

Vulnerability to cyber attack

While some developing country governments have used surveillance and cybersecurity products to invade privacy and curtail their citizens’ rights, their own technology infrastructure can also be vulnerable to state-sanctioned and private attacks.

In 2010, an affiliate of the international hacking collective Anonymous claimed responsibility after Zimbabwean government websites were defaced in protest at censorship in the country. Last year, the network also claimed to have attempted distributed denial-of-service attacks, which overload a website with traffic, on the Zimbabwean Ministry of Defence and the Zimbabwe Revenue Authority.

Ahead of the announcement of the additions to the Wassenaar Arrangement, several reports and analysts raised concerns that a crackdown on technology exports could accidentally capture technologies legitimately used for security or research. In an analysis last month, the Open Technology Institute in the United States warned: “Although unintended, these controls could also catch some legitimate security products.”

But Omanovic says these fears now appear ill-founded as the new controls focus on technologies that can be used for intelligence gathering, rather than those applicable for cyber defence. “The agreements that they have ended up with have been incredibly specific,” he says.

Link to Wassenaar Arrangement

Related topics