EU proposals to establish export restrictions on spyware are being held back by Germany, which has adopted an ambiguous stance on the matter, EURACTIV has learnt.

A recent proposal from EU member states backing the European Commission plans “doesn’t have anything in it that would change the situation on the controls for cyber surveillance goods,” said an EU official close to the matter who spoke to EURACTIV under conditions of anonymity.

This may be, the source said, due to Germany’s commercial interest in exporting such goods. Although Berlin isn’t explicitly part of a blocking majority of member states in the Council, behind closed doors they stand in direct opposition to the plans.

“Germany is merely pretending to support the restrictions in public,” the source said. “But in reality, they have no interest in adopting these measures.”

Nine countries unite against EU export controls on surveillance software EXCLUSIVE / An EU proposal to impose export controls on technology products that can be used as spyware is at risk of being delayed as a group of nine countries have pushed back against the overhaul.

The regulation on dual-use items aims to clamp down on exports that can be used in the surveillance of citizens in countries with less than democratic regimes.

The Commission’s 2016 proposal for a reform in this area were rubber stamped by the European Parliament in January 2018, but have since then suffered setbacks in the Council of Ministers, where EU member states are represented.

The original proposal came after the 2011 Arab Spring, where European technology was allegedly being used by authoritarian regimes to oppress activists. As part of the plans backed by Parliament, exporters of cyber surveillance items would have to make sure that their goods “will not fall into the wrong hands.”

However, recent attempts to hamper the proposal, reportedly on commercial grounds, have provoked dismay from the European Parliament’s rapporteur on the file, German Green MEP Klaus Buchner. He told EURACTIV about his frustration that the restrictions are being heavily influenced by business interests.

“I am deeply disappointed that the German and French government have surrendered to their domestic cyber surveillance industries and have practically stopped any progress on the Dual Use file,” he said.

“We are continuing to sell European spyware to dictators.”

Currently, Germany accounts for an estimated 50 to 60% of EU exports of so-called dual-use items. But “business interests have completely taken over” on the regulation of EU cyber-surveillance goods in Germany, the source said, following a change in personnel at the Ministry of Economic Affairs in March 2018, when the SPD’s Brigitte Zypries was replaced by CDU’s Peter Altmaier.

Eleven member states back EU controls on selling spyware EXCLUSIVE / Eleven EU countries have signalled their support for draft rules that would place export restrictions on companies selling surveillance technologies, a leaked working paper shows.

Previously in the Council, a blocking group of member states had stymied the adoption of the bill. A coalition of countries including Sweden, the Czech Republic, Cyprus, Estonia, Finland, Ireland, Italy, Poland and the United Kingdom drafted a paper criticising the measures in May last year.

France have since joined that group, but Germany’s opposition has been much more ‘hidden’ from the public eye, the EU official said.

Concerns have been circulating that, despite a ban on arms exports being in place since 1989, EU countries are still able to export so called dual use technologies to China in particular.

Such technologies include products ranging from parts used in the construction of drones and IT security and cyber surveillance software. China has consistently been under the microscope of global politicians for purported human rights violations, including its highly controversial social credit system, which aims to impose a framework for the enforcement of good-behaviour, by using surveillance equipment on a mass scale to ensure that citizens toe the line.

Despite criticism on China’s surveillance regime from several members of the blocking majority against the regulation on dual-use items, EU exporters are still permitted to facilitate the continuation of such frameworks by supplying the Chinese government with the goods required for mass surveillance to take place.

During the EU-China summit in March, Commission Vice-President Katainen also aired his frustration that the restrictions against such goods were being held back by member states.

“The Commission calls on the Council to swiftly adopt the EU modernized rules on export control of dual use goods,” he said. “All these steps will reinforce EU resilience and security.”

But of course it’s not only China who have previously been in for criticism when it comes to the use of cyber surveillance tools.

In February 2018, reports surfaced of a high-level meeting between senior officials from Germany electronics company, Rohde & Schwarz, and Turkmenistan’s President Gurbanguly Berdymukhammedov. It was reported that the company seeks “to gain a stronger foothold” in the highly controversial country.

Radio Free Europe notes that the American rights group Freedom House have ranked Turkmenistan among its “worst of the worst” for political rights and civil liberties.

'God help us': Khashoggi's hacked WhatsApp messages provide clues about killing Messages obtained from the WhatsApp account of murdered journalist Jamal Khashoggi shine a light on the possible reasons behind his death, depicting the full extent of his animosity towards Saudi Arabia and his plans to establish an “electronic army” of activists against the regime.

A number of EU member states came out strongly against the Saudi regime following the October 2018 murder of Jamal Khashoggi, a staunch critic of Saudi Arabia.

German Chancellor Angela Merkel said those responsible for the murder must be held accountable and face consequences for their actions, while Foreign Minister Heiko Maas announced that Germany would halt arms sales to the country.

Reports have since surfaced that cyber surveillance software was used to track Khashoggi in the lead up to his murder. Research conducted by Toronto’s Citizen Lab found that military-grade spyware from Israeli company NSO had been used in this instance. NSO has since been in receipt of investment from European private equity firm, Novalpina Capital.

The buyout sparked criticism from the international advocacy group Access Now, who penned an open letter to Novalpina Capital, regarding the acquisition.

“We call on Novalpina to publicly address our serious concerns regarding accountability for NSO Group’s involvement in previously documented spyware abuses,” the letter wrote, citing research that the NSO Group’s Pegasus spyware had been used in a range of human-rights abuses, including the Khashoggi murder.

The EU source told EURACTIV earlier this week that the regulation on dual-use goods would help to stop EU involvement in such controversial cyber surveillance issues.

“NSO is effectively now a European company,” he said. “Europe needs to send a message that it wants no part in working with dictatorial regimes to carry out the most abhorrent human rights violations.”

EU demands full probe, accountability after Khashoggi death The EU’s top diplomat Federica Mogherini called Saturday (20 October) for a thorough investigation into the “deeply troubling” death of Saudi critic Jamal Khashoggi and full accountability for those responsible.

[Edited by Frédéric Simon]