IGF 2023 – Day 3 – Networking Session #186 Surveillance technology: Different levels of accountability – RAW

The following are the outputs of the captioning taken during an IGF intervention. Although it is largely accurate, in some cases it may be incomplete or inaccurate due to inaudible passages or transcription errors. It is posted as an aid, but should not be treated as an authoritative record.

***

 

>> KHALID IBRAHIM: Good morning.  We are going to start the next session.  We will start in two minutes.  Thank you so much.

 

Good morning.  AccessNow is a (?) organisation in 2009 with a mission to defend and extend digital civil rights of people around the world.  On my right, (?) network for social media.  Foreign issues that concern Iraq.  Ansome serves as a source of accurate and verified news and updates of the digital rights in Iraq.

 

And with us online we have Samuel Jones.  Samuel Jones is the President of heartland initiative which is a nonprofit practise‑based organisation that promotes the fundamental rights and freedom of people and conflict‑affected and high‑risk areas.

 

So let me talk about the Coalition.  The Coalition to combat surveillance launched during the public session at (?) 7th of June, 2021.  The Coalition has come together to end the sale of digital surveillance tools to repressive governments in (?) region.  For a safe and open Internet, and to protect human rights defenders, journalists and Internet user from governments' prying eyes.

 

(?) journalist on the 2nd of October, 2018, demonstrated consequences of targeted surveillance on secretive impunity on which governments in the region can obtain and deploy sophisticated and oppressive spyware tools.  Until now there has been no real accountability in the killing of the journalist.  The Saudi Government still never held account for his killing and the killing of other activists.  While group as you know managed to hack into the accounts of many Internet activists using the spyware.

 

I have also to mention the case of my colleague hamad Masood, centre of human right who is the first victim of spyware back in 2015.  It is the same year in which he got the award for human rights.  And was arrested on the 20th of March, 2017, tortured and sentenced to ten years in prison, only for his peaceful and legitimate human rights work.  He's still in solitary confinement since his arrest.  He, his family, friends and we his colleagues have paid a heavy price for the use of surveillance technology.  We are all still in pain.  Back to the group, it says it builds spyware solely for governments to use to counterterrorism and law enforcement way.  But as I said, many of my colleagues, many human rights defenders, journalists and Internet activists, they were victims of Pegasus spyware.

 

Now, I want to talk about the level of accountability.  There is no local mechanism to address human rights violations in the region.  And as such,ably use by use the concept of national jurisdiction, the (?) for height on the 28th of July, 2021.  Again, the software company NSO which is responsible for harm caused to human rights defender in the MENA region.  The case is still ongoing.

 

Now I will ask each distinguished speaker to present a brief summary of their work on the level of accountability they focus on.  Let me start with my colleague Marwa.  Marwa planned a Plan of Actions to combat surveillance and the work you intend to do on accountability.  Yes, Marwa.

 

>> MARWA FATFATA: Is this on?  Good morning, everyone.  And thank you very much, Khalid, for putting this session together.  As Khalid mentioned, AccessNow launched in 2021 the MENA Coalition to combat surveillance and that came from the urgent need to combat the proliferating use of commercial spyware and the digital surveillance tools in the MENA region.  We, as highlighted, we have in different countries in the MENA region have been investigating and exposing the depths and the spreads of how spyware, difficulty surveillance tools like NSO groups among others, are used systematically to target, monitor, and surveil human rights defenders, journalists, lawyers, civil society from Bahrain to Morocco, Saudi Arabia, UAE, Jordan, Egypt, you name it, and therefore, we decided to bring local organisations together with global organisations to fight this phenomena.

 

The issue of spyware in surveillance, for people who work on this issue, it is a transnational issue.  For one, there are companies that are outside of the MENA region or in this case Israel is one of the top exporters of these surveillance technologies that, in order to fight ‑‑ in order to combat this industry, we need to strengthen solidarity, but also information exchange and advocacy, tactics between civil society organisations.  That's number one.  Just looking at the transnational cross‑border nation of the surveillance industry.

 

Another important fact here was ‑‑ or factor was the fact that many activists and human rights defenders in the region are activists in exiled, especially after the Arab spring, and the spyware has enabled their countries to target them while they're abroad, to spy on them, to forcibly disappear them, to kill them.  I mean, the case of the (?) we have commemorated the fifth anniversary of the murder at the Saudi embassy in Istanbul.  His fiancée, his acquaintances, his son, his ex‑wife, even their lawyers, all of those individuals have been targeted with Pegasus spyware.  So again, we're talking just to emphasise again on the point that we are dealing with a cross‑border transnational issue that requires a collective commitment to fight the proliferation of spyware among civil society.

 

Now in terms of the plans, of course, we are dealing with a ghost‑like industry.  It's extremely opaque, elusive.  Companies are hiding behind shell names.  Their investors are also just as elusive.  They transfer the sale of these technologies of these technologies are highly secretive.  There's no way for us to know whether X country, X government has the Government of Egypt contracted or had bought specific spyware, there is no way for us to know.  The only way is to investigate through working with affected individuals and Access Now among other partners we have built recently our forensic analysis team that we would be able to receive cases from human rights defenders, journalists and activists to investigate and see whether their devices have been infected or targeted.  Same goes with our partners like Amnesty International, citizen lab among others.  And so the first objective here is to investigate and expose the companies and the human rights abuses that result from the use of the products that they've sold to the governments.  The second thing once we have exposed, we've published reports, we've ‑‑ where activists and victims have been facted and what the result was in terms of human rights abuses.

 

The second thing is looking at accountability venues and that's of course the panel which is ‑‑ which has been hard because for one, when a victim recognises or are told, like, once their device is checked that you have been infected with Pegasus, they are traumatised.  If you're a human rights defenders, you're also afraid that you might be harming the communities you work with, and then the question becomes, who targeted me?  And retribution is becoming harder andrd whater.  For example we can check who has become infected with Pegasus but who is the government behind this infection is difficult and that is important for accountability and especially at an individual level.  People want to know who is the entity or the government spying on them.

 

And then they are also seeking litigation.  They want accessed remedy.  And most of ‑‑ all of MENA countries, you can't just go to court and sue NSO group or sue the government because of lock of rule of law and law enforcement, and therefore, the question always for us remains, how can victims seek remedy or have access to effective remedy when there is none in their home countries?  And we have been exploring the Gulf Centre ways we can overcome this hurdle or challenge, for instance, I mean, the Gulf Centre and Khalid maybe can speak about this, have filed a lawsuit against NSO group in France on behalf of a number of human rights defenders in the MENA region.  We have also collaborated most recently a few weeks ago in a lawsuit filed against a surveillance company dark matter, which has hacked the device of the prominent Saudi, a woman human rights defenders, Loujanea lit Uhel with executives who have helped set up at the dark matters surveillance operation.  Now, of course, the company is trying to kill the lawsuit in the US on grounds that the victim and the company and that the US court has no jurisdiction over these individuals.  The victim is Saudi national.  The company is in Maraty and the lawsuit is taking place in the US.  And I'm a bit simplifying the matter but it this is the summary of it.  And we think ‑‑ we wrote to the courts an amicus brief emphasising again that those ‑‑ this victim does not have access to effective remedy, would not be able to sue either dark matter or the UAE government for spying on her and, therefore, the court can actually exercise its jurisdiction to uphold human rights and most importantly send a message to the surveillance industry that they can, indeed, be held accountable.

 

>> KHALID IBRAHIM: Thank you, Marwa.  And let me just ask you briefly about, what about your fort in relation to human rights diligence in relation to put an end to this cooperation between companies and democracies supporting governments in the MENA region?

 

>> MARWA FATFATA: That's an important point because again, going back to the issue of the surveillance industry itself where it comes from, where is it exported from, and in some instances, like, for example, the German company Fenn fisher, yes, I forgot the name, fin fisher, now thankfully, they declared bankruptcicy in Germany but they had provided their surveillance technologies to the UAE, to Egypt, to UNHCR itty, and so here again ‑‑ to Türkiye, and so here again we go to the issue of export controls and the role of so‑called democratic countries in exports or making the surveillance technology available to authoritarian regimes.

 

Often, and even though there are some export controls in place, these technologies find their ways in the hands of authoritarians that use them to target and attack human rights defenders and journalists.  Our role has been to expose where export controls have been lacking and also to add pressure on governments to regulate that industry within their jurisdictions through enforcing bylaw accountable measures that, for example, companies that where technologies have human rights diligence in place in order to stop selling that tech to human rights abusing countries among other issues.

 

>> KHALID IBRAHIM: Thank you a lot, Marwa.  Let me move now to you.  Can you tell us about the work of human rights activists in Iraq, again, the surveillance and digital attacks and also what level of accountability you will have in Iraq?  Thank you.

 

>> Good morning, everyone.  And thank you for this session.  Actually, for those who are not, network for social media working in a group of digital right defenders and digital experts who has been working in Iraq since 2011 as a non‑governmental, nonprofit for free diverse Internet in Iraq.  So we are a part of this MENA alliance to combat surveillance.  Before I Gipp ibegin to explain in detail, I want to tell those who don't know and emphasise to those who do that Iraq is a country that has experienced many wars and conflicts over the years in various form as these conflict have involved ‑‑ evolved have the capability of civil society activists and human rights defenders in dealing with these disputes in a new way.  So we now have a concept of resistance which has become increasingly prevent in recent year due to its significance importance in changing the course of events.

 

And regarding your question in Iraq, human right defenders increasingly rely on technology, technology to monitor and advocate for human right or to share their opinion, promote debate on mobilise.  Nonetheless, (?) governmental groups including have also used these online platforms to threaten, intimidate and harass activists.  With the rise of massive social media in you can ra, digital privacy and digital security have never been more important.  We play a vital role against digital attacks.  We do this by providing trainings and resources on digital security and privacy reporting on cases of surveillance and digital attacks, working on policies and laws that protect the digital rights, supporting Internet activists who are under attack.  And monitor to civil society in Iraq to provide training and resources to help civil society organisation to protect themselves.

 

Some work has been instrumental in empowering Internet activists to resist surveillance and digital attack.  So for example, we have provided as I said many trainings and recommended numerous cases of surveillance and digital attacks against Iraq.  Against the activists in Iraq.

 

Let me talk more about the hacking of activists for arrests using surveillance technology.  Some have documented that a lot of us that have been compromised that have led to arrests as reported by (?) we will turn up to an area to hold a protest and find a mass militia waiting for us with knives and clubs.  Activists in Iraq face various form of digital threats ranging from hate speech to misinformation, hacking attempts, etc.  In this regard, to our platform, we aim to remain awake 24/7 to detect any attempts to spread misleading information that could lead to deadly consequences.  Tragically we witnessed the loss of two valuable individuals, the activists and a politician and journalist who were assassinated following a very massive online (?) arms affiliated with Iranian‑backed militias back in 2019.

 

So we lost these two due to the (?) to stop the harmful disclosure.  However, today we are striving to protect the lives of these defenders with all the tools and connections at our disposal from ‑‑ by our platforms.

 

Also, I want to mention that ‑‑ just one second.  The level of accountability in digital rights in Iraq are (?) still in a (?) stage.  However, there are some promising signs like involving ‑‑ regarding cyber‑crimes, law and access to information.  However, there are also some challenges that ansome face, the Iraqi Government track down human rights activists who are often targeted by the government and non‑state actors like the government‑backed militia.  The Iraqi Government is slow to implement reforms.  It's unclear how long it will take for the government to pass and implement laws that protect digital rights.

 

Despite these challenges, we are playing a vital role and employing activists to resist surveillance and digital attack.  These tactics are hoping to create more open and diverse and democratic Internet in Iraq.

 

So ‑‑

 

>> KHALID IBRAHIM: Okay.  Thank you.  Now, just briefly, could you talk about your plan for future work and actions in relation to this important topic?

 

>> Yes, of course.  So now we have a lot of plans actually.  We are maintain a direct communication with the Iraqi political leadership, especially the media and communication Commission and the Ministry of Communication.  We continually send rebirths of these violations and hold meetings with them to emphasise the importance of frequentising the human rights are not less significant than neutral human rights.  Also engage with (?) to put pressure on the authorities.  This can be an effective method at time given the influence of (?) political interference in Iraq and the consequences it can have.  Yeah.

 

>> KHALID IBRAHIM: Thank you a lot.  Now it's time to move for our third distinguished speaker, our colleague Samuel Jones, who is joining us online and the question for you, Sam, is, how can investors have ‑‑ advance accountability for surveillance related harms including these associated with authoritarian governments?  Yes, Sam.

 

>> SAMUEL JONES: Thank you.  So, first of all, sincere thanks to colleagues for the opportunity to participate in this timely and critical discussion.  Second, I wanted to mention that I've been fortunate enough to live in both Palestine and Iraq, and once again, I find myself following Palestinian and Iraqi women who are both smarter and more articulate than I am.  That said, I'll do my best to respond to the question.

 

So, just a quick note about heartland that will help set the stage for my remarks.  As you mentioned, Khalid, we're a practise‑based research organisation that assist investors in preventing and mitigating human rights risks across their investment portfolios, specifically those associated with business activities and relationships in conflict‑affected areas.  While we work across industries, we have spent considerable time over the last several years prioritising surveillance technology as a particularly at‑risk sector in these particularly at‑risk contexts.

 

Some of the most pronounced recent human rights crises have underscored the severity and systemic risks posed by surveillance technology, whether that's the Russian state surveillance system southern beam or to control Ukrainian Internet traffic, the deployment of spyware by the military to Myanmar, the surveillance state created by the Chinese Government in Dieng Dieng and Tibet or the use of targeted and mass surveillance throughout the acpied Palestinian territories by the Israeli Government.  If you introduce these high‑risk technologies in the areas where the human rights regime is already failing to function as intended, where regulation and enforcement are either inadequate or used in rights‑violating ways or where systemic or episodic violence and abuse are part of daily life, you can expect these products to exacerbate these issues unless companies have taken, as Marwa alluded to, the necessary steps to address human rights and conflict risk throughout their product life cycles and specific to their business models.

 

And yet in spite of the obvious heightened risk endemic to the use of such technologies, whether that's in Palestine or Iraq, the vast majority of companies producing surveillance technologies or those producing technologies that can be used for surveillance, like cloud‑based computing, for example, do not conduct correspondingly heightened version of human rights due diligence as called for by the UNGPs and this is where investors come in.

 

Investors are becoming increasingly aware that human rights risks to people due to high‑risk products and services, high‑risk value chain relationships or in high‑risk contexts can translate into financially material risks for companies and their shareholders.  This could be due to regulatory enforcement, strategic litigation, operational disruptions or brand damage.  And there's perhaps no greater example of this than the text‑based than the company that's been mentioned before, Israeli spyware maker NSO group.  Thanks to the investigative research citizen lap, amnesty tech, Access Now, the reporting of forbidden stories which detailed the global human rights harms emanating from the sale and use of Pegasus spyware, NSO group became the target of strategic litigation by WhatsApp and Apple, regulatory blacklisting, government investigation into the EU, and international advocacy campaigns like the Pegasus project.  Collectively, these efforts resulted in massive financial and reputation a costs for NSO group which was deemed valueless to its private equity investors during a London court case in April 2022., only three years after being purchased for $1 billion.

 

Now, while NSO group may represent perhaps one of the most egregious cases of surveillance‑related human rights harms, there are numerous other examples where investors had the opportunity and the responsibility under UNGPs to engage companies whose business models are at risk of contributing to surveillance‑related harms in high‑risk environments.  Some examples include Google's decision to partner with Saudi aranco and telecom to build a platform where surveillance‑related risk are both severe and documented.  Nokia's products and services being used to connect Russia's network with state‑run network known as swarm to compress the (?).  A range of surveillance related systems including biometric technology from French company Taalas group supplied to the Egyptian Government which is creating massage surveillance infrastructure in Cairo.  Sela Brite owned by a publicly traded Japanese company sun corporation selling digital forensics and intelligence tools to Myanmar's militarily junta and packaging a company's surveillance's offerings which have been used as part of the Chinese Government's internment programme in Dieng Dieng region.  So as regulators and policy‑makers struggle to keep space with the proliferation and use of these and other technologies globally, it's become even more critical for investors to directly engage companies and encourage rights respecting behavior from the design to the end‑use stages.  In other words, in the absence of effective regulatory frameworks, investors represent a key potential driver for improved corporate policy, practise and governance, corporate accountability for human rights harms and most importantly, better protection for rights‑holders.

 

So, I'm going to just quickly try to conquertize this point by reflecting on several potential roles investors can play vis‑à‑vis surveillance technologies.  First, many of our investor partners have exclusionary screens for controversial weapons that are fundamentally incatable with humanitarian and human rights law.  Think biological, cluster munitions and landmines.  We're currently working with some of those partners along with Access Now, business and human rights resource centre and other experts to develop similar criteria for spyware meaning that it would necessarily be excluded from investment portfolios due to the emerging discourse suggesting that spyware is also fundamentally incompatible with international law.  While many public equity investors may not directly be exposed to spyware since the sector is largely funded by private equity, these massive investors in North America, Europe and elsewhere could send a strong public signal that spyware is fundamentally a toxic class.

 

Second, and especially in light of emerging regulations around surveillance technologies and mandatory human rights due diligence in Europe, there's a role for investors to play in directly engaging in policy‑makers concerning the need to put into place laws governing the design, marketing and use oftacted and mass surveillance among state and non‑state actors.  There's both actually a human rights imperative and a long‑term financial interest for investors to advocate for the development and adoption of fit‑for‑purpose rules for these technologies that can contribute both to and most importantly a reduction or prevention of human rights harms, but then also co‑road public trust and state institutions and to stabilise the conditions that make for a prosperous economy.

 

And third and finally, investors can continue to engage companies, those in and adjacent to the surveillance technology industry on improved policy practise and governments measures that more effectively identify, assess, prevent and mitigate surveillance‑related harms.  In order for these engagements to be truly effective, though, investors must be equipped with technically sophisticated research and analysis that provided from our colleagues from pal Palestine and from Iraq so that companies aren't able to out‑tech them during these dialogues with investors.  And this is where civil society expertise becomes critical, providing investors with the recourses they need to have conversations operationally and technologically mitigating these harms even in a authoritarian and other high‑risk contexts.  So I'll close my remarks there.

 

>> KHALID IBRAHIM: Thank you, Sam.  Thank you for joining us.  Thank you for mentioning Palestine and Iraq.

 

Briefly, I have another question for you, Sam.  What are the future plans for heartland initiative around surveillance technologies in particular?

 

>> SAMUEL JONES: Yeah, so, I appreciate the question.  As I mentioned, we work across industries, but in the next 12 months, we're planning some fairly specific activities around surveillance technology.  So first, an effort to designate spyware as a toxic asset class among public and private equity investors, inspired by the antipersonnel landmine movement, this will include the development of investment exclusionary criteria that I mentioned previously, but it will also include a white paper on the severe human rights, financially material risk associated with this technology, investor and company collaborations designed for these stakeholders to work together on mutual threats posed by spyware and its exports.  A global to fully integrate gratroots efforts into ‑‑ sorry experts on targeted surveillance into and directly into investor‑related company engagements and working with partners to map out the spyware ecosystem and.

 

And then second, I would mention building off an event that heartland AccessNow and the resource centre held on London on the abuse of surveillance technologies in MENA.  We'll be working with Coalition of North American and European investors to engage a handful of tech industry leaders and private collaborative discussions on concrete and meaningful ways to address surveillance‑related risk through better market entry analysis, improved harm and chain monitoring and contractual and human rights guardrails.  The point of that is moving away from these 30,000‑foot policy discussions with the tech companies focussed on the UNGPs and really focussing on the operational impacts of their technologies on people on the ground.  And I'll close there.

 

>> KHALID IBRAHIM: Thank you, Sam.  Thank you for all this work that had the potential and has the protection of all of us.

 

Now we open the floor for any question, comment, discussion or any underlying question. ‑‑ online question.  Do you have any question?  Yes, please go ahead.

 

>> Hi.  Thank you so much.  Stephanie Mickelson, UNFPA.  So I look at kind of the gendered aspect of all of this.  This is still ‑‑ yeah, I'm learning a lot, so thank you again.  I was wondering, you know, if this is ‑‑ if the gendered element of human rights defenders is something that we consider and analyse as we have these reports and as we move forward because, as we know, clearly, two of the four people here today are women.  So, yeah, I would just like to hear a bit more about that, if we can.  Thank you.

 

>> KHALID IBRAHIM: I think Marwa will address that.  Yeah, Marwa.  Yes, take this.

 

>> MARWA FATFATA: Thank you, Khalid.  And thank you for raising this question.  We have actually started looking at the gender dimension of targeted surveillance.  As someone who has worked with surveillance victims in the MENA region, I know first‑hand and also as a woman from that region, I know first‑hand how scary it is to have your personal information ‑‑ or let me rephrase ‑‑ to have an adversary government that is hell bent on destroying your character, especially if you are a woman human rights defenders or a human rights lawyer or a journalist, a woman who works on public interest or human rights activism, and to have all of that personal information weaponised in order to smear your reputation and to discredit you and de(?) your work.  Just to take a step back, we have been working on how women are tacted generally online from ducks and campaign and that is sharing images or information about women without their consent, including like their home addresses.  We've seen cases where even the addresses of the woman's ‑‑ the addresses of their children's kindergartens or schools, medical records, sometimes even sexual activities, and Iit in ‑‑ intimate conversations, screenshots of WhatsApp conversations and sometimes when women were on the streets protesting we've seen their devices confiscated.  So we know first‑hand as an organisation the support provided to those at‑risk communities, how dangerous it can be if a government has its hands on that personal information and what it can do with it.

 

Now, adding to that layer, spyware.  So, if ‑‑ let's take Pegasus spyware as an example, and that's not the only spyware available on the market.  There are many other commercial spyware tools.  Some we know of, some we don't.  But once your device is infected, the government pretty much has access to everything, everything, your ‑‑ can turn your microphone on your phone on so it can spy on your conversations, your camera, telephone calls, messages, contacts, emails, even encrypted messages like on signal or WhatsAppen where you think you are communicating safely with individuals but in reality, all of that is being exposed and seen by the government.  Now, for women, the impact of targeted surveillance is particularly egregious because, one, women are subject to gender‑based violence online and offline.  They are ‑‑ they are afraid ‑‑ it kind of restricts their ‑‑ not only violence, their privacy and also restricts their ability to express theirselves but also it restricts their movement.  It ‑‑ women feel like ‑‑ women I spoke to that have been spied on feel afraid to walk on the streets.  They have to change tracks, for example, because they feel that someone is following them.  93 fell if they're physically harassed they won't receive any protection because again going back to gender‑based violence especially in a region like MENA where women are being killed and harassed without any consequences or little support, and therefore, for us, it was very important to advocate or ‑‑ to emphasise targeted surveillance is a form of gender‑based violence and should be for women's rights groups for UN agencies, for ‑‑ and to develop international norms that target surveillance we're not only talking about the ‑‑ a violation to the right to privacy but also in the case of women, it's a form of gender‑based violence.

 

>> KHALID IBRAHIM: Thank you, Marwa.  Yes, I see you have something to add.

 

>> Yes.  So I will talk about the side of Iraq.  During the (?) I was working on (?) research, and in this research we met with more than 100 Iraqi women.  We did interviews with them.  Most of them in the conclusion we found that they have faced digital violence.  Most of them are so afraid to face this true ‑‑ truth.  They are very afraid to go to the police, to report that they are facing blackmail or hate speech or any other threaten, online threaten.  So because of the conditions especially in close community in Iraq, they are so afraid to be killed.  And I mentioned one of the story, she was reported to the community police in Iraq that her father threaten her to be killed because she ran away with ‑‑ run away outside Iraq because of ‑‑ he was ‑‑ she was facing domestic violence.  So, they make her to ‑‑ so they make the dad to make a commitment to the police that he will not be targeting her, and the next morning she was dead.  So, the woman in Iraq are facing a lot of digital violence.  And this is is a very important challenge actually.

 

So, in Iraq also, the pornographic image is not just what it's mentioned in the word.  Pornographic may be that to spread an image of a girl that's where hijab but spread an image without hijab.  So that will be targeting her from the community, so we are trying for ansome actually, we launched a hotline.  We receive a lot of blackmail cases.  We trying to help them because as I mentioned, ‑‑ sorry ‑‑ they are so afraid to be in the court or in the police station.  So, we are trying to help them, but it's a very challenge ‑‑ actually, it's a global challenge.  We are trying, and we hope finally soon we will do our best to help all these women.

 

>> KHALID IBRAHIM: One minute.  I have no doubt at all that digital attacks on women, human right human right should be defender should be regarded as digital violence.  (?) impact on woman when they are going to be victims of spyware such as Pegasus.  We have colleagues in Bahrain, in Jordan, they were victims of Pegasus.  And it has a huge negative impact on their family life, and still all that never properly research.

 

Yes, go ahead.

 

>> Thank you very much.  Do you hear me?  Yes.  I just wanted to add a comment to this discussion.  I'm from the Internet alliance.  That it is a gender‑based form of violence.  Also because and that's part of the (?) do not see, like, every woman in this region but also more generally who is slightly being an activist or more on the spectrum is afraid of being surveilled or their information being released because of that reason.  So even before being surveilled, it does impact woman's lives.

 

>> KHALID IBRAHIM: Yeah.

 

>> Any gender's life, of course, but women to greater extent in societies where they're more targeted and impacts they have to basically adapt their lives to the potential threat which is another way of oppression.  Thank you.

 

>> KHALID IBRAHIM: Okay.  You want to comment on that?  Yes., please.

 

>> MARWA FATFATA: I could not agree more.  I could not agree more, especially in the MENA region, the whole notion around morality and how women should behave, how should dress, how should conduct themselves in public, that's already policed even before these technologies were invented and now deployed.  On a increasing scale, we have for example, cases where Khalid mentioned a human rights defenders, and she ‑‑ we published a report together with front‑line defenders showing how she was surveilled and targeted, and she told us that, even in her home, like, once your privacy is violated, especially right now with our devices becoming an integral part of our lives, it felt like an assault or an attack in her own kind of bodily integrity, and she doesn't feel safe in her own home.  As a veiled woman, she's a practising Muslim, she doesn't even feel like free to be herself at her own home.  She has to wear the veil at all times.

 

That's ‑‑ also ‑‑ we have had similar testimonies from Palestine.  Maybe it's a separate issue with not targeted surveillance but mass surveillance and facial recognition technologies pointing directly through the windows of people's houses or homes, and there women also expressed that they have to wear the veil at all times.  So just to share the ‑‑ how intimately that impacts women on levels beyond what we can imagine.

 

>> KHALID IBRAHIM: Thank you, Marwa.  Is there any comment, any question?  If there's nothing, I go back to Sam.  You have a question?  Yeah.  Go ahead.

 

>> Hi.  I'm from Japan.

 

>> KHALID IBRAHIM: Yeah.

 

>> I want to ask you, both of you, I think the surveillance is ‑‑ has secondary effect on us because after two years, the Pegasus article was published, we are so intimidated, even in ‑‑ even ‑‑ worse than journalists.  We are very afraid to contact you or human rights activists or other year 200journal efforts.  So some journals are ‑‑ or other journalists.  So some journalists we feel very hesitant to cover such activities or organisations.

 

What are the secondary effect after two years the Pegasus was revealed, is there any hesitation or the (?) of activities in your spheres or countries?

 

>> KHALID IBRAHIM: Well, I think always we have to confront perpetrators of our privacy.  The right to privacy is a human right.  And we shouldn't wait.  We shouldn't be afraid from doing all what we could, whether it's human rights litigation or taking a proper actions to stop companies from attacking our rights including the right to privacy.  I agree with you it is not easy now to communicate if you have sensitive information, but that was out there for you to make sure your privacy is respected and not compromised by companies.  And as a journalist, I really encourage you always to find the truth and always to shed the light on activities, illegal activities on companies who are supporting oppressive governments in MENA region, all the regions, as it is very important for us to show solidarity and to cooperate and to work together in order to end this business of surveillance against us, human rights defenders and other citizens.  Yes. 

 

>> MARWA FATFATA: Thank you, Khalid.  I'd like to add two points.  One, thank you very much for raising that point.  This is precisely one of the key impacts of targeted surveillance.  It's not only about the individual that is targeted or infected with a malware or a spyware but also the communities that they live or interact with.

 

So this secondhand trauma or the secondhand impact, journalists being afraid to speak to their contacts and resources confidentially, human rights organisations not being able to corroborate evidence of human rights abuses or speak to local sources on the ground and that's especially true for, let's say, activists or civil society organisations working in exile, these are all concerns the end the day, the ultimate purpose of surveillance to silence dissent and to silence independent media reporting.  However, after the Pegasus project, it had the opposite effect in the sense that people became, at least in the region, people became more aware and ‑‑ about this threat.  And I have to say, as we run this digital security helpline, we have more and more people coming to us including journalists to have their devices checked and scanned.  So ultimately, this awareness led people thinking about their digital security and prioritising that, where that wasn't necessarily the case, especially for journalists that are working under capacity or with limited resources.  Now digital security has become front and centre.

 

So that is a good outcome.  And I said it's a blessing in the midst of this ongoing scandal.  And so, I mean, I hope this leads to more exposing of these spyware companies and also the journalists and others find ways to protect themselves and their resources.

 

>> SAMUEL JONES: If I could just add from the investment ‑‑

 

>> KHALID IBRAHIM: Yes, Sam.  Go ahead.

 

>> SAMUEL JONES: From the investment front as well, in terms of limited positive outcomes, following sort of the Pegasus project and the huge controversies and the implosion of NSO group, definitely in conversations with both public and private equity investors.  There was sort of a stain around anything that had to do with spyware.  And so, when we would talk to asset owners and asset managers, they would go to great lengths to talk about how they are consciously avoiding spyware.

 

The problem, of course, with this is spyware is not typically marketed as spyware.  It's under the rubric of law enforcement or counterterrorism.  So a big challenge for us including over the next year is really educating investors about how spyware shows up in its different forms in their portfolios.

 

>> KHALID IBRAHIM: Thank you, Sam.  And I fully agree with Marwa that difficulty security should be ‑‑ digital security should be focus to not give any opportunity for hackers or companies to get into our accounts and also to protect our colleagues, our companies, our information.

 

Now, we are in the final minutes, so I don't know, do you want to say something the final say for one minute?  Before we conclude?  Yes.

 

>> Thank you all for all the questions and thank you for this session.  Actually, it was great to hear from you about all this threaten and surveillance.  It's actually a happy moment and a sad moment at the same time that you are sharing the same issues.  I hope that all of who's attending this meeting to work together actually to face this huge threaten against us as a human right defenders and activists and journalists.  Thank you all.

 

>> KHALID IBRAHIM: Thank you, Asea.  Sam, your final say.  Are you optimistic in two years, three years we will end this cooperation between companies and democracies and investors that we can hold to account?  Yes, Sam.

 

>> SAMUEL JONES: That's the hope.  I just want to reiterate a critical point and that is for investors that are ‑‑ that tend to be overwhelmed by different environmental social and government issues, it's really human rights defender organisations whether at the international level like Access Now or at the grassroots level that provide the critical information or can provide the critical information that investors use with companies on demonstrating that there are real human beings impacted by their investments and that it's their responsibility to take appropriate action.  So really we depend on those civil society organisations for our own work.

 

>> KHALID IBRAHIM: Thank you, Sam and Marwa, the coordinator of the MENA Coalition to combat surveillance.  Your final say, Marwa.

 

>> MARWA FATFATA: Final say.  We have a huge job do.  I'm not sure if two or three years would be sufficient, but it's definitely a priority fight for us and many of our partners.  And as Sam mentioned, it's also one of our key goals to map surveillance technologies and spyware being used in the MENA region including the companies, their investors, their corporate structures, as well as the human rights abuses facilitated by the use of their technologies.  That for us is important for a number of reasons, for accountability, for investor advocates, for journalists, lawyers, litigators.  We want to make ‑‑ we want to expose that industry to the extent we can, and to help others in this ecosystem hold these companies accountable.  So it is an ongoing fight for those who would like to join our Coalition, it's MENA focus, but it's open to global and ‑‑ local and regional organisations.  Feel free to get in touch with us.  And we're planning to revamp the Coalition, so there will be more advocacy campaigns next year hopefully.

 

>> KHALID IBRAHIM: So with that, I have to thank our distinguished speakers, Samuel, Marwa and Sea.  Thank you for all of you in the room and thank you for people who followed us online.  And with that, I wish you a nice day.  Thank you.

 

(Applause)