Many countries, including some in the Middle East, have worked to restrict their citizen’s free access to the Internet since its inception. They do this both in response to crises and instability, but also as a routine means of protecting their culture and users’ morality. These operations are carried out using advanced technology, usually of Western origin, for monitoring and shadowing Internet users in a way that undermines basic Western values, and often contradicts the declared policy of the companies that developed the software and that of their countries of origin.
There are many different ways to limit users’ use of the Internet. These include, inter alia, restrictive legislation; religious rulings and prohibitions; economic restrictions, setting high prices that prevent citizens from purchasing computers and other equipment or a regular Internet connection from their homes; enforcement and arrest of Internet users; preventing development of human capital by maintaining a low level of literacy in the local language and English; and preventing basic technological training. In addition, there are also a variety of technological methods, including banning the deployment of the requisite technological infrastructure throughout the country, technical limitations on bandwidth and internet speed, blocking the use of various online services, and monitoring the users’ online activity. These limitations are implemented using Western, mostly American, technologies that are also marketed to rival countries such as Iran.
In early March, Citizen Lab, at the University of Toronto in Canada, published a study surveying the activity of Turk Telekom, considered one of the largest telecommunications providers in Turkey.[1] The company holds 80% of Turkey’s optical fiber networks, and owns the largest internet provider in the country, which also provides Internet services to northern Syria. According to the study, the company deliberately directed hundreds of users in Turkey and northern Syria to download spyware onto their computers while trying to download other applications. The researchers claim that they did this, inter alia, in order to spy on users on the Syrian side of the border who belong to “The Kurdish Army in Syria” (YPG), which is fighting Turkish forces for control of the Afrin district in northwestern Syria. The study also mentioned that the Egyptian company Telecom Egypt has taken control of its users’ Internet traffic by routing them to various sites. The research shows that the technology used in both countries was PacketLogic, which was developed by the Canadian company Sandvine, and which was originally designed intended to improve online traffic services, and to detect malicious software (“malware”).
Reports of Turk Telekom’s involvement in monitoring user activity in Turkey began to spread as early as October 2016, following an e-mail sent by a senior engineer at the company to other employees. “I do not wish to spend the rest of my life with the regret of having been a part of Erdoğan’s insanity, so I’m out.”[2] The employee declared, “We sell a solution that can extract usernames and passwords from encrypted traffic,” and the declaration, “I don’t want blood on my code.” His act let to an internal protest in the company during which anonymously leaked documents and internal correspondence revealed that this technological solution allows monitoring a users’ IP addresses, the sites they visit users and how often. The company’s capabilities are essentially similar to those of the National Security Agency (NSA).[3]
Another company named in this context was the Israeli firm NSO. NSO suppliers Pegasus spy and surveillance software, which is activated by clicking on a link and which allows the sender to access all content on the target’s cellular device, as well as to conduct ongoing digital espionage against the target and its environment.[4] The software was sold worldwide, but the name of the company reached the headlines after a previous report released by Citizen Lab in August 2016 claimed that its product was used against Ahmed Mansour,[5] a human rights activist from the United Arab Emirates, who received text messages on his cell phone that included links to malicious software.
NSO and Sandwin were both acquired by the American company Francisco Partners, which invests in various companies, some of which have been involved in selling technologies to countries throughout the Middle East for years. Francisco Partners also invested in the American company Blue Coat Systems,[6] which is known to have supplied the technology to many countries in the Middle East and elsewhere,[7] including to the Syrian authorities before and during the conflict therein.[8] Because of this, the firm’s systems were hacked by activists belonging to Anonymous. [9]
Supplying products to countries that may misuse them against their own citizens often contradicts the policies of the companies or the countries in which they operate, which sometimes finance the companies’ activities. An example of this is Websense, the current name of Forcepoint, whose activity in Yemen was identified as early as August 2009,[10] despite the company’s statement that it would not to sell products to governments or ISPs “involved in any type of government censorship.”[11] Another example is the Canadian company Netsweeper, which is funded by the Canadian government,[12] and which is known to provide technology for restricting and monitoring online activity across the Middle East and the Muslim world.[13]
The online realm offers a wealth of opportunities for direct communication, exposure to unlimited information, a platform for expressing opinions, and a host of other invaluable advantages. However, its nature as a digital space also supports the use of technological tools that limit freedom of use. The way countries employ these technologies for monitoring and spying on internet users poses ethical questions about the need to restrict and control the marketing of products, and may even lead to a broad international effort to address the issue. However, we should not ignore the fact that the American NSA and other government agencies throughout the western world also use similar technologies to monitor their own citizens.
Dr. Tal Pavel researches Internet and cyber issues in the Middle East, is head of the Cyber Studies program at Tel Aviv-Jaffa Academic College and is the editor and owner of MiddleEasternet.com.
[1] Bill Marczak, Jakub Dalek, Sarah McKune, Adam Senft, John Scott-Railton, and Ron Deibert, “BAD TRAFFIC Sandvine’s PacketLogic Devices Used to Deploy Government Spyware in Turkey and Redirect Egyptian Users to Affiliate Ads?”, The Citizen Lab, The Munk School of Global Affairs, University of Toronto, 9 March 2018.
[2] Thomas Fox-Brewster, “Is An American Company's Technology Helping Turkey Spy On Its Citizens?”, Forbes, 25 October 2016.
[3] Su Herring, “Timeline of Internet Censorship and Declining State of Media Freedom in Turkey”, iGmena, 11 November 2016.
[4] Lily Hay Newman, “A HACKING GROUP IS SELLING IPHONE SPYWARE TO GOVERNMENTS”, Wired, 25 August 2016.
[5] Bill Marczak and John Scott-Railton, “THE MILLION DOLLAR DISSIDENT; NSO Group’s iPhone Zero-Days used against a UAE Human Rights Defender”, The Citizen Lab, The Munk School of Global Affairs, University of Toronto, 24 August 2016.
[6] Symantec, “Symantec to Acquire Blue Coat and Define the Future of Cybersecurity”, 12 June 2016.
[7] Morgan Marquis-Boire, Jakub Dalek, Sarah McKune, Matthew Carrieri, Masashi Crete-Nishihata, Ron Deibert, Saad Omar Khan, Helmi Noman, John Scott-Railton, and Greg Wiseman, “PLANET BLUE COAT; Mapping Global Censorship and Surveillance Tools,”, The Citizen Lab, The Munk School of Global Affairs, University of Toronto, 15 January 2013.; u/Kinost, “BlueCoat, a company that specializes in censorship, surveillance and internet infrastructure such as public/corporate wifi, has become a certificate authority, allowing it to initiate man-in-the-middle attacks without warning”, reddit.com, 27 May 2016.
[8] “Bluecoat's role in Syrian censorship and nationwide monitoring system #OpSyria”, reflets.info, 1 September 2011.
[9] Tal Pavel, “Hackers set their sights on Syrian monitoring system,” Ha’aretz, October 7, 2011.
[10] CmdrTaco, “Yemenis Should Be Incensed At Websense”, slashdot.org, 10 August 2009 ;
John Leyden, “Websense yanks censorware from Yemen”, The Register, 11 August 2009.
[12] Jordan Pearson, “The Canadian Government Has Funded a Notorious Censorship Company for a Decade”, Motherboard, 21 September 2016.
[13] Nicki Thomas and Amy Dempsey, “Guelph-based software censors the Internet in the Middle East”, The Star, 13 June 2011; UAE: “Websites blocked in UAE with Netsweeper”, stanford.edu, 2 July 2012. ; Bahrain: “Canadian company’s software may be used to stifle freedom of expression in Bahrain”, Bahrain Watch ; Yemen: Jakub Dalek, Ron Deibert, Sarah McKune, Phillipa Gill, Adam Senft, and Naser Noor, “Information Controls during Military Operations; The case of Yemen during the 2015 political and armed conflict”, The Citizen Lab, The Munk School of Global Affairs, University of Toronto, 21 October 2015 ; Somalia: Masashi Crete-Nishihata, Jakub Dalek, Adam Senft, Saad Omar Khan, Matthew Carrieri, Ron Deibert, and Helmi Noman, “INTERNET FILTERING IN A FAILED STATE; The Case of Netsweeper in Somalia”, The Citizen Lab, The Munk School of Global Affairs, University of Toronto, 20 February 2014. ; Pakistan: Jakub Dalek, Adam Senft, Masashi Crete-Nishihata, Ron Deibert, “O PAKISTAN, WE STAND ON GUARD FOR THEE; An Analysis of Canada-based Netsweeper’s Role in Pakistan’s Censorship Regime”, The Citizen Lab, The Munk School of Global Affairs, University of Toronto, 20 June 2013.