A prominent computer security researcher says he recently rejected a request by a Saudi telecommunications company to help it spy on mobile customers using social networking accounts such as Twitter.

The security researcher, who goes by the name Moxie Marlinspike and who recently left Twitter where he worked on that company's security team, said he was contacted via email earlier this month by an employee of Mobily, a mobile phone operator in Saudi Arabia, seeking his help with a surveillance project the company was developing.

The employee, from Mobily's network and information security department, told Marlinspike that Mobily wanted to intercept data for the mobile versions of four social media applications used in that country – Twitter, Viber, Line and WhatsApp – and asked his help in doing so.

Equally disturbing was a document the employee provided Marlinspike, which discussed compelling a Certificate Authority in the United Arab Emirates or Saudi Arabia to produce SSL certificates that Mobily could use to intercept traffic. The document also discussed the possibility of purchasing information about security vulnerabilities and exploits that could be used to intercept traffic.

The employee told Marlinspike, who described the email exchange on his web site, that the company was trying to comply with requirements made by a Saudi regulator that it provide the ability to both block and monitor mobile data communication.

"We are working in defining a way to deal with all such requirements from regulator and it is not only for Whatsapp, it is for whatsapp, line, viber, twitter etc.,” he wrote.

Mobily already had a prototype for the ”WhatsApp interception system working, the employee said.

"Their level of sophistication didn’t strike me as particularly impressive, and their existing design document was pretty confused in a number of places, but Mobily is a company with over 5 billion in revenue, so I’m sure that they’ll eventually figure something out," Marlinspike wrote, noting that he could have easily helped them intercept all of the traffic they were interested in except Twitter. "I helped write that TLS code, and I think we did it well," he wrote.

It's unclear why the mobile company would contact someone like Marlinspike, who is an outspoken critic of government surveillance and the developer of free voice and text encryption software programs called RedPhone and TextSecure, produced through his former company Whisper Systems, and that are designed to thwart surveillance. In 2011, he made the software available for download to activists in Egypt during the Arab Spring so that they could organize political protests. That same year, Twitter acquired Whisper Systems, after which Marlinspike joined Twitter's security team.

Marlinspike told Wired that the original email to him mentioned his expertise on SSL certificates and that this may have been why the employee contacted him. Marlinspike gave a talk at the DefCon hacker conference in 2009 about vulnerabilities in the SSL system and created Convergence, an alternative to the flawed system.

Marlinspike also said it was possible the employee was acting on his own and that the company didn't know he had reached out to a privacy and security advocate who would be opposed to such surveillance.

"Someone with a little better judgment might have known that it would be a bad idea [to contact me]," Marlinspike said.

Following several exchanges with the Mobily employees, Marlinspike told the employee that he wasn't interested in assisting them, on privacy grounds.

The employee replied that he was aware of Marlinspike's privacy stance and suggested that Mobile only wanted to monitor traffic to collect intelligence on terrorists.

"Saudi has a big terrorist problem," the employee wrote, "and they are misusing these services for spreading terrorism and contacting and spreading their cause that’s why I took this and I seek your help." He implied that if Marlinspike was not willing to help, then he was indirectly aiding the terrorists.

Marlinspike said he disclosed the correspondence with Mobily because he wanted to highlight an ongoing debate in the hacker and security research communities about the ethics of providing tools and assistance to governments and intelligence agencies for purposes of surveillance.

"[W]hat do we in the hacker community value and prioritize, and what is the type of behavior that we want to encourage?" he asked on his blog.

The Saudi Arabia reportedly said earlier this year that it was asking telecommunication companies there to configure their systems to make it possible for the government to intercept communications through Skype, WhatsApp, Viber and other applications.

Despite this, a Mobily spokesman told the Wall Street Journal that Marlinspike's account of the email exchange ”is not 100% accurate" and said the company was investigating his assertions.