Turkish police can surveil cell phones with a few clicks, thanks to FinSpy software "made in Germany." This is the claim of the Gesellschaft für Freiheitsrechte (GFF), Reporter ohne Grenzen (RSF Germany), the blog netzpolitik.org and ECCHR in their July 2019 criminal complaints. The prosecutor's office in Munich has opened investigations into the case.
The Munich-based companies FinFisher GmbH, FinFisher Labs GmbH and Elaman GmbH are accused of selling FinSpy software to Turkey without the German government's permission. When repressive states such as Syria or Bahrain use surveillance technology, the result has all too often been such as imprisonment and torture. But software companies refuse to take any responsibility for their role in human rights violations. This is why ECCHR and its partner organizations filed criminal complaints against FinFisher CEOs.
When FinSpy malware is installed on a cell phone, it gains complete access to the phone's data, location, calls and chats. FinSpy first appeared in Turkey in summer 2017 as a recommended download on a fake version of an oppositional website.
The allegedly illegal export of monitoring software to the Turkish government is particularly contentious because of the repression of journalists and oppositional voices. After an attempted coup by part of the Turkish military failed in June 2016, more than 50,000 people were arrested, nearly 140,000 people were fired from their jobs, and hundreds of media organizations were closed.
In order to prevent the selling of surveillance technology to repressive regimes like Turkey, Syria and Bahrain, licensing requirements were enacted Europe-wide in 2015 for exports to countries outside the EU.
Violating these licensing requirements is a prosecutable crime. However, in reality, firms can operate almost unhindered globally, since the current legal situation in Germany and Europe makes efficient criminal prosecution nearly impossible. We urgently need changes in the law.