A Zimbabwean email service is taking UK security services to court following the revelations about government spying from whistleblower Edward Snowden, and the June publication of Vodafone’s first mobile industry transparency report.
Mango Email is one of six companies, all from different countries, which have applied to the UK’s Investigatory Powers Tribunal to look into reports that worker at the Government Communications Headquarters (GCHQ) – the main listening post for UK spies – over alleged spying, saying they used “malicious software” to penetrate their respective networks.
“Lodged today in the Investigatory Powers Tribunal, the claimants assert that GCHQ’s attacks on providers are not only illegal, but are destructive, undermine the goodwill the organisations rely on, and damage the trust in security and privacy that makes the internet such a crucial tool of communication and empowerment,” explained Privacy International.
Mango Email is a free email provider in Zimbabwe, billed as a non-profit entity for supporting local businesses, and while the website is currently “undergoing updates”, it is unclear if it related to the complaints lodged to IPT.
Together with Mango Email, the other complainants are Riseup (US), GreenNet (UK), Greenhost (Netherlands), Jinbonet (Korea), May First/People Link (US), and the Chaos Computer Club in Germany.
The collective is demanding that the GCQH cease and desist from the misuse of the internet.
“The claimants are demanding an end to such exploitation of internet and communication services, the targeting of their systems administrators and protections for their users whose rights may have been infringed,” Privacy International added.
This won’t be the first of such complaints lodge to the IPT, as it has already been asked by several human rights groups to investigate how GCHQ has been using social networks to extract data and surveillance.
The nature of the attacks were brought to light in a Der Spiegel article co-authored by Jacob Appelbaum, an independent computer security researcher and hacker, which involved Belgian mobile service provider Belgacom.
At a recently security summit in Johannesburg, Applebaum said that Belgacom was completely infiltrated by the NSA and GCHQ.
“The NSA and GCHQ compromised them completely – backdoored their routers and basically had access to the entire Belgacom network. And I have heard that they are actually still in today, that they have pieces of hardware that they can’t replace, that they are locked out of because of service contracts. I don’t know if that is public knowledge, but who cares… you should know about it. It’s a really serious problem. And this is because those people were useful,” he said at the time.
Eric King, deputy director of Privacy International echoed the same sentiments, saying that the attacks unacceptable.
“These widespread attacks on providers and collectives undermine the trust we all place on the internet and greatly endangers the world’s most powerful tool for democracy and free expression. It completely cripples our confidence in the internet economy and threatens the rights of all those who use it. These unlawful activities, run jointly by GCHQ and the NSA, must come to an end immediately.”