English-Video.net comment policy

The comment field is common to all languages

Let's write in your language and use "Google Translate" together

Please refer to informative community guidelines on TED.com

TED Fellows Retreat 2013

Christopher Soghoian: Government surveillance — this is just the beginning

Filmed
Views 829,853

Privacy researcher Christopher Soghoian sees the landscape of government surveillance shifting beneath our feet, as an industry grows to support monitoring programs. Through private companies, he says, governments are buying technology with the capacity to break into computers, steal documents and monitor activity — without detection. This TED Fellow gives an unsettling look at what's to come.

- Privacy researcher and activist
Christopher Soghoian researches and exposes the high-tech surveillance tools that governments use to spy on their own citizens, and he is a champion of digital privacy rights. Full bio

The 2011 Arab Spring
00:12
captured the attention of the world.
00:14
It also captured the attention
00:16
of authoritarian governments in other countries,
00:18
who were worried that revolution would spread.
00:20
To respond, they ramped up surveillance
00:23
of activists, journalists and dissidents
00:25
who they feared would inspire revolution
00:28
in their own countries.
00:30
One prominent Bahraini activist,
00:32
who was arrested and tortured by his government,
00:34
has said that the interrogators showed him
00:36
transcripts of his telephone calls
00:38
and text messages.
00:40
Of course, it's no secret
00:42
that governments are able to intercept
telephone calls and text messages.
00:43
It's for that reason that many activists
00:46
specifically avoid using the telephone.
00:49
Instead, they use tools like Skype,
00:51
which they think are immune to interception.
00:53
They're wrong.
00:56
There have now been over the last few years
00:57
an industry of companies
01:00
who provide surveillance technology to governments,
01:02
specifically technology that
allows those governments
01:05
to hack into the computers
01:07
of surveillance targets.
01:09
Rather than intercepting the communications
as they go over the wire,
01:11
instead they now hack into your computer,
01:13
enable your webcam, enable your microphone,
01:16
and steal documents from your computer.
01:18
When the government of Egypt fell in 2011,
01:20
activists raided the office of the secret police,
01:23
and among the many documents they found
01:26
was this document by the Gamma Corporation,
01:28
by Gamma International.
01:31
Gamma is a German company
01:33
that manufactures surveillance software
01:34
and sells it only to governments.
01:36
It's important to note that most governments
01:38
don't really have the in-house capabilities
01:40
to develop this software.
01:42
Smaller ones don't have the resources
01:43
or the expertise,
01:45
and so there's this market of Western companies
01:47
who are happy to supply them with the tools
01:50
and techniques for a price.
01:52
Gamma is just one of these companies.
01:54
I should note also that Gamma never actually sold
01:56
their software to the Egyptian government.
01:59
They'd sent them an invoice for a sale,
02:01
but the Egyptians never bought it.
02:04
Instead, apparently, the Egyptian government
02:05
used a free demo version of Gamma's software.
02:07
(Laughter)
02:10
So this screenshot is from a sales video
02:13
that Gamma produced.
02:16
Really, they're just emphasizing
02:18
in a relatively slick presentation
02:20
the fact that the police can sort of sit
02:21
in an air-conditioned office
02:23
and remotely monitor someone
02:25
without them having any idea that it's going on.
02:26
You know, your webcam light won't turn on.
02:28
There's nothing to indicate that
the microphone is enabled.
02:30
This is the managing director
of Gamma International.
02:34
His name is Martin Muench.
02:37
There are many photos of Mr. Muench that exist.
02:39
This is perhaps my favorite.
02:42
I'm just going to zoom in a little bit onto his webcam.
02:44
You can see there's a little sticker
02:46
that's placed over his camera.
02:48
He knows what kind of surveillance is possible,
02:50
and so clearly he doesn't want it to be used
02:52
against him.
02:54
Muench has said that he intends
02:55
for his software to be used
02:57
to capture terrorists and locate pedophiles.
02:59
Of course, he's also acknowledged that once
03:02
the software has been sold to governments,
03:04
he has no way of knowing how it can be used.
03:06
Gamma's software has been located on servers
03:10
in countries around the world,
03:12
many with really atrocious track records
03:13
and human rights violations.
03:16
They really are selling their
software around the world.
03:17
Gamma is not the only company in the business.
03:21
As I said, it's a $5 billion industry.
03:23
One of the other big guys in the industry
03:26
is an Italian company called Hacking Team.
03:29
Now, Hacking Team has what is probably
03:31
the slickest presentation.
03:33
The video they've produced is very sexy,
03:35
and so I'm going to play you a clip
03:38
just so you can get a feel
03:39
both for the capabilities of the software
03:41
but also how it's marketed
03:42
to their government clients.
03:44
(Video) Narrator: You want to look
through your target's eyes.
03:46
(Music)
03:50
You have to hack your target.
03:52
["While your target is browsing the web, exchanging documents, receiving SMS, crossing the borders"]
03:55
You have to hit many different platforms.
04:01
["Windows, OS X, iOS, Android,
Blackberry, Symbian, Linux"]
04:04
You have to overcome encryption
04:08
and capture relevant data.
04:10
[Skype & encrypted calls, target location,
messaging, relationships,
04:13
web browsing, audio & video"]
04:18
Being stealth and untraceable.
04:21
["Immune to any protection system
Hidden collection infrastructure"]
04:25
Deployed all over your country.
04:28
["Up to hundreds of thousands of targets
Managed from a single spot"]
04:32
Exactly what we do.
04:37
Christopher Soghoian: So, it
would be funny if it wasn't true,
04:40
but, in fact, Hacking Team's software
04:42
is being sold to governments around the world.
04:44
Last year we learned, for example,
04:47
that it's been used to target Moroccan
journalists by the Moroccan government.
04:49
Many, many countries it's been found in.
04:53
So, Hacking Team has also been actively courting
04:56
the U.S. law enforcement market.
04:59
In the last year or so, the company
05:01
has opened a sales office in Maryland.
05:03
The company has also hired a spokesperson.
05:08
They've been attending
05:10
surveillance industry conferences
05:12
where law enforcement officials show up.
05:13
They've spoken at the conferences.
05:15
What I thought was most fascinating was
05:17
they've actually paid for the coffee break
05:19
at one of the law enforcement conferences
05:21
earlier this year.
05:23
I can't tell you for sure that Hacking Team
05:24
has sold their technology in the United States,
05:26
but what I can tell you that if they haven't sold it,
05:29
it isn't because they haven't been trying hard.
05:31
So as I said before,
05:34
governments that don't really have the resources
05:36
to build their own tools will buy
05:38
off-the-shelf surveillance software,
05:40
and so for that reason,
05:41
you see that the government of, say, Tunisia,
05:43
might use the same software
as the government of Germany.
05:45
They're all buying off-the-shelf stuff.
05:47
The Federal Bureau of
Investigation in the United States
05:50
does have the budget to build
their own surveillance technology,
05:52
and so for several years, I've been trying
05:55
to figure out if and how the FBI
05:57
is hacking into the computers of surveillance targets.
05:59
My friends at an organization called
the Electronic Frontier Foundation --
06:02
they're a civil society group —
06:05
obtained hundreds of documents from the FBI
06:07
detailing their next generation
of surveillance technologies.
06:10
Most of these documents were heavily redacted,
06:13
but what you can see from the slides,
06:15
if I zoom in, is this term:
06:18
Remote Operations Unit.
06:20
Now, when I first looked into this,
06:22
I'd never heard of this unit before.
06:24
I've been studying surveillance
for more than six years.
06:26
I'd never heard of it.
06:28
And so I went online and I did some research,
06:30
and ultimately I hit the mother lode
06:32
when I went to LinkedIn,
06:34
the social networking site for job seekers.
06:35
There were lots of former
U.S. government contractors
06:38
who had at one point worked
06:41
for the Remote Operating Unit,
06:42
and were describing in surprising detail on their CVs
06:44
what they had done in their former job.
06:47
(Laughter)
06:49
So I took this information
06:51
and I gave it to a journalist that I know
and trust at the Wall Street Journal,
06:53
and she was able to contact several other
06:57
former law enforcement officials
06:59
who spoke on background and confirmed
07:01
that yes, in fact, the FBI has a dedicated team
07:02
that does nothing but hack into the computers
07:06
of surveillance targets.
07:08
Like Gamma and Hacking Team,
07:09
the FBI also has the capability
07:11
to remotely activate webcams, microphones,
07:13
steal documents, get web browsing information,
07:17
the works.
07:19
There's sort of a big problem
07:21
with governments going into hacking,
07:23
and that's that terrorists, pedophiles,
07:24
drug dealers, journalists and human rights activists
07:27
all use the same kinds of computers.
07:30
There's no drug dealer phone
07:32
and there's no journalist laptop.
07:34
We all use the same technology,
07:36
and what that means then is that for governments
07:38
to have the capability to hack into the computers
07:40
of the real bad guys,
07:42
they also have to have the capability
07:44
to hack into our devices too.
07:46
So governments around the world
07:48
have been embracing this technology.
07:50
They've been embracing hacking
07:51
as a law enforcement technique,
07:53
but without any real debate.
07:55
In the United States, where I live,
07:57
there have been no congressional hearings.
07:58
There's no law that's been passed
08:00
specifically authorizing this technique,
08:02
and because of its power and potential for abuse,
08:04
it's vital that we have an informed public debate.
08:07
Thank you very much.
08:10
(Applause)
08:12

▲Back to top

About the speaker:

Christopher Soghoian - Privacy researcher and activist
Christopher Soghoian researches and exposes the high-tech surveillance tools that governments use to spy on their own citizens, and he is a champion of digital privacy rights.

Why you should listen

Christopher Soghoian is a champion of digital privacy rights, with a focus on the role that third-party service providers play in enabling governments to monitor citizens. As the principal technologist at the American Civil Liberties Union, he explores the intersection of federal surveillance and citizen's rights.

Before joining the ACLU, he was the first-ever technologist for the Federal Trade Commision's Division of Privacy and Identity Protection, where he worked on investigations of Facebook, Twitter, MySpace and Netflix. Soghoian is also the creator of Do Not Track, an anti-tracking device that all major web browsers now use, and his work has been cited in court.

More profile about the speaker
Christopher Soghoian | Speaker | TED.com