According to the European Council's Arms Exports Common Position 2008/944/CFSP and other directives, the EU can adopt controls "to prevent the export of military technology and equipment that might be used for undesirable purposes such as internal repression or international aggression, or contribute to regional instability."
According to its report, Hacking Team, based in Milan, has sold its spyware "Remote Control System" to an estimated 21 countries in the last 12 months. The list of countries includes Azerbaijan, Egypt, Ethiopia, Kazakhstan, Saudi Arabia and Sudan, all known for their governments' poor records on the protection of human rights.
Cyber-Surveillance
The EU is proposing stricter licensing conditions for technology companies exporting dual-use products — including location tracking devices — that can be used to breach people's human rights. In its draft, it states that the current rules lack legal clarity and "sufficient control of cyber-surveillance technology."
Privacy International says it has been working in 13 countries to find out the extent of state monitoring of communications — especially email and social media — which played such a major part in the spread of the Arab Spring.
Part of its investigation was to discover the level of surveillance being used in North Africa rumored to be for preventing the spread of a "Moroccan Spring."
It gave an example the story of four journalists and activists who have been personally targeted by state surveillance. Three of them — Hishaam Almiraat, Samia Errazzouki and Yassir Kazar — were part of Mamfakinch, a collective of citizen journalists born out of the February 20th Movement who are critical of the Government.
Mamfakinch was targeted using spyware developed and sold by Hacking Team.
#TalDiaComoHoy 2015 se descubrio los hackeos de #HackingTeam https://t.co/kW1P5jAkOH pic.twitter.com/i4ASACi7rb
— CronopioX (@CronopioX) July 9, 2016
An email sent out via the contact form on the Mamfakinch website was forwarded to the whole editorial team. The email suggested the attached document would reveal a major scandal. What the attached document actually contained was spyware, which granted the attacker complete remote access to the target's computer. Since February 2014, Mamfakinch has been inactive.