FinFisher spyware preliminary investigation started in Germany
Deutsche Welle - NSA and Digital Privacy

FinFisher spyware preliminary investigation started in Germany

German prosecutors are assessing whether German-made spyware is being used against activists in the country. The Bahraini regime is thought to have bought the virus to catch its opponents.

Read it in Deutsche Welle

German state prosecutors have started preliminary investigations into whether the German-developed spy software FinFisher is being used by foreign intelligence agencies against targets inside Germany, it was revealed this week.

Following an official Bundestag information request by the Left party, the government confirmed that “media indications of spying activities by foreign secret services using the software FinFisher are the subject of an investigation of the federal state prosecutor at the Federal Court of Justice.”

According to the answer, dated February 11 and published by the Netzpolitik website, the investigation has not yet been concluded. The investigation comes after the German-British company FinFisher – previously called Gamma International – was hacked last fall, and company files and a complete version of its spyware were published online by Wikileaks.

Targets in Germany

The activist network Bahrain Watch used the Wikileaks files to identify several opposition activists who had been targeted by FinFisher, a malware virus that allows security forces to control computers remotely, turning on their microphones and cameras, and effectively turn them into surveillance devices. Bahrain is one of several autocratic regimes thought to have bought the software from Germany and use it to track down opponents.

The data released by Wikileaks also contained a list of 77 computers and IP addresses thought to have been infected by FinFisher. According to the finance magazine Capital, some 2,500 IP addresses were targeted via FinFisher from Bahrain, 15 of which were in Germany.

“I welcome the fact that the federal state prosecutor has started preliminary investigations,” the Left party’s Jan Korte told the magazine. “We need a complete and unreserved explanation of the machinations of foreign secret services against regime opponents in Germany.”

“If it emerges that the buyers of German surveillance technology are also using it here against human rights activists and regime opponents, that would be a clear scandal,” he added. Bahrain Watch believes that the Bahraini government was a direct customer, though FinFisher still denies selling them its software.

Surveillance for autocrats

The Canada-based analysts Citizen Lab have been able to identify FinFisher spy software found on activists’ computers, but it is very difficult to trace which countries use which software. It is also very difficult to determine what levels of online surveillance are legal in which countries, and what the buyer is using the software for – making it very easy for malware developers like Digitask, Medav, Reuter, Rheinmetall Defence, Siemens, Syborg, Trovicor, and Utimaco to sell software and claim it is being used for “lawful interception.”

“FinFisher continues to operate brazenly from Germany selling weaponized surveillance malware to some of the most abusive regimes in the world,” Wikileaks founder Julian Assange said when the FinFisher files were released. “The Merkel government pretends to be concerned about privacy, but its actions speak otherwise. Why does the Merkel government continue to protect FinFisher? This full data release will help the technical community build tools to protect people from FinFisher including by tracking down its command and control centers.”

Organizations like Privacy International and Reporters Without Borders have long warned against the illegal export of surveillance software. But given that German investigators were unable to prosecute anyone for the alleged hacking of Merkel’s cellphone during the NSA scandal, it seems unlikely there will be legal consequences in the case of Bahraini activists in Germany.