Teksti Hanna Nikkanen
Iran’s government is hot on the heels of its cyber-dissidents, thanks to the spy system it bought last year from Nokia Siemens Networks. Opposition activists are appalled by the deal, but the company sees no reason to worry: ”The system was designed to increase people’s own safety,” explains spokesperson Riitta Mård.
This article was originally published on Fifi in Finnish: Nokia yhdistää Iranissa. This is an abridged English version.
The ”Monitoring Center”, sold until recently by the Finnish-German joint venture Nokia Siemens Networks, is a platform used by law enforcement to tap phones, read e-mails and surveil electronic data. It also includes data-mining tools that extract useful information from the massive quantities of data collected.
The Washington Times wrote about the deal in April: http://www.washingtontimes.com/news/2009/apr/13/europe39s-telecoms-aid-with-spy-tech/.
Now the government’s surveillance tools have become a question of life and death to Iran’s opposition organisers. I talked to NSN’s spokesperson Riitta Mård about this, but she refused to shed more light on what exactly did her company sell to Irantelecom last year. And how is the system being used now? The company doesn’t know.
Nokia Siemens Networks’ product line Intelligence Solutions is a tool for the effective regime. Or, for that matter, anyone with access to massive amounts of surveillance data – for instance, information about phone, e-mail or Internet use, border crossings or bank transactions. The package includes two products, Monitoring Center and Intelligence Platform.
The idea is to first build the haystack and then find the needle: the system gathers information and analyses it, looking for clues about suspicious movements of money, data and people. Careful analysis can break the anonymity of dynamic IP addresses and prepaid mobile plans, the company brags.
According to The Washington Times, Iran has purchased at least the Monitoring Center.
According to promotional literature, the Monitoring Center’s ”modular architecture allows the monitoring and interception of all types of voice and data communication in all networks, i.e. fixed, mobile, Next Generation Network (NGN) and the Internet. The MC’s unified view-concept greatly facilitates investigative work and opens completely new and efficient ways to pursue leads.”
Data mining has several practical uses. An automated analysis can find signs of money laundering from a database of millions of bank transactions or track the movements of human traffickers. However, mining tools that deal with language and communication raise obvious questions about democratic rights – especially when they’re used by a totalitarian government.
Despite this, there are no regulations over the sale of telesurveillance and data mining systems. When the government of Iran asked Nokia Siemens Networks to look for needles in their haystack, the only thing standing on the way of a deal was the company’s own sense of responsibility.
Nokia Siemens Networks’ spokesperson Riitta Mård, how did this happen?
”With the Siemens deal we got this small business, a sort of a little add-on that increases the existing possibilities of lawful interception of data. The idea is to boost security. It was a small business and didn’t fit our portfolio, the clients are quite different from what we typically deal with. This spring it was sold to [German holding company] Perusa.”
So last year Nokia Siemens Networks sold a telesurveillance system to the government of Iran, a regime that is widely considered totalitarian.
”These systems are legal and they can be sold to any legal operator.”
Who defines a legal operator?
”International organisations do. A company cannot act as the world police.”
According to Iranian opposition activists and lawyers interviewed by The Washington Times in April, there have already been signs of intensified electronic surveillance. ”They have facilitated the regime with a high technology that allows them to monitor every student activist, every women’s rights activist, every labor activist and every ordinary person,” says Mohsen Sazegara, a democracy advocate who lives in the United States.
What are these systems used for?
”They’re designed to prevent criminal activity.”
But we’re talking about a channel that can be used for a number of things, including silencing dissent. If Nokia Siemens Networks finds out that the buyer is using the system for something else than its original purpose, can you shut down the service?
”We can’t do the international community’s work.”
But you have information about what you sold to Iran and how they may be using it. The international community doesn’t. It’s you who could react.
”The system is under the owner’s control now, we have no access. And we can’t act in the place of the international community.”
What exactly did you sell to Iran?
”We do not release this information about our clients.”
How did you take Iran’s political situation into consideration when negotiating this deal?
”Extraordinary circumstances like the ones in Iran right now cannot be predicted – it can happen anywhere.”
But it hasn’t exactly been a surprise. The fact that the government keeps a close watch on the opposition has been well known for years.
”We don’t set conditions like this to our clients. Companies can’t act like that, alone. And after all we’re talking about a system that was designed to increase people’s own safety.”
Nokia Siemens Networks’ corporate responsibility policy underlines that the company’s business partners must ”comply with all applicable laws and regulations, and [are encouraged to go] beyond compliance to improve their management of ethical, environmental and social issues.”
How was this policy reflected in the deal with Iran?
”We do indeed have a strict ethical code for our business partners, and we’ve been very actively making sure that your suppliers don’t use, for example, child labour. We use this code to choose who we buy from.”
But not who you sell to?
”In Iran’s case, there was no such impediment.”
Riitta Mård keeps using the concept of lawful interception, just like her colleague Ben Roome does in The Washington Times. This refers to wireless networks’ loopholes that have been purposefully created to allow surveillance. The industry’s own standards require that they exist. NSN’s surveillance systems gather and analyse data from these intentional loopholes.
Of course, ”lawful interception” is an euphemism: these inbuilt surveillance channels can be used for both legal and illegal purposes. Criminals can use them to access confidential information – as happened in the Athens Olympic Games – and authorities can abuse their access to citizens’ private data.
Eavesdropping is nothing new, of course, but the volume of information monitored is. Spying used to be a one-on-one business: at least one person was needed to eavesdrop on one conversation. Tools like Monitoring Center delegate that work to state-of-the art algorithms. Now a government can eavesdrop on an entire population: the technology will deliver the answers.
”We cannot become the police,” Riitta Mård repeats. ”Telecommunication business is already quite heavily regulated. International organisations hold the key here, and we merely act in the framework that they set.”
Tom Malinowski, Washington advocacy director for Human Rights Watch, does not agree. In The Washington Times he says that the problem lies in the lack of regulation. The Monitoring Center is similar to a ”dual-use technology” – it can have both military and civilian applications.
”There are a lot of export controls in place in Western countries on technology that might have a dual military purpose,” Malinowski says in the interview. ”But there are virtually no restrictions on the export of high-tech equipment that can be used to monitor or control free expression.”