Mexican Government Under Attack for Electronic Spying

By Fulton Armstrong

34318983244_1716737126_k

Mexican President Enrique Peña Nieto. / Presidencia de la Republica Mexicana / Flickr / Creative Commons

Revelations of Mexico’s use of state-of-the-art software to spy on domestic critics and OAS human rights experts have dealt another devastating blow to the credibility of President Enrique Peña Nieto and the Mexican government.  Targeted in the cyberattacks were dozens of individuals and nongovernmental groups from various backgrounds, including leaders of the opposition PAN party investigating corruption allegations; anti-obesity activists lobbying for a tax on sweet carbonated soft drinks that the government opposed; and the Interdisciplinary Group of Independent Experts (GIEI) sent by the Inter-American Commission on Human Rights (IACHR) to investigate the disappearance of the 43 students in Iguala in 2014.

  • The software – known as Pegasus and estimated to cost between $32 million and $80 million – sent the targets personalized text messages with links that, when pressed, led to the total compromise of their smart phones. The messages falsely alerted victims to family emergencies, for example, and said further information was available at a link in the text.  Some purported to be from the U.S. Embassy, providing a link for updates on visa applications.  The link downloaded spyware that allowed the perpetrators full access to all voice and data communications and allowed remote control over the microphone and camera on the affected device.

Confronted with evidence developed by University of Toronto-based Citizen Lab and corroborated by the New York Times, Peña Nieto admitted in late June that his government purchased Pegasus but denied that it was used to target opponents and investigators.  He said that all of the government’s efforts have been “to maintain the internal security of the nation, fight organized crime, to generate security for all Mexicans.”  The Israeli company NSO Group, producer of Pegasus, claims it sells the software only to governments and only for specific anti-terrorism, anti-crime purposes.  The President threatened to investigate those who “have raised false accusations” – a statement his spokesman retracted several hours later – but he did acknowledge the need for an investigation.  The office of the Attorney General (PGR), which was involved in the Pegasus program, was charged with looking into the matter, drawing cries of foul from critics.

  • Officials at the UN Office of the High Commissioner on Human Rights have called on Mexico to allow a full investigation by independent experts. For the same agency that bought Pegasus to investigate its use, they said, was not credible.  An OAS official has stated publicly that the allegations “should be investigated.”

The internal spying scandal is yet another blow to the credibility of the Mexican government on human rights – whether the spying and harassment was approved by Peña Nieto or was the work of rogue agencies.  The President’s credibility has been battered by scandals involving his family and administration, and corruption by state governors from his ruling Institutional Revolutionary Party (PRI) has deepened perceptions of impunity at all levels.  Violence is also creeping back to levels experienced during the term of Peña Nieto’s predecessor, Felipe Calderón.  Among his most corrosive failures, however, has been the lack any progress investigating the brutal killing of the Iguala students.  The government’s claims that it was unable to bring anyone to justice for Iguala – while spending tens of millions of dollars to spy on and harass international experts investigating the incident – has deepened popular cynicism about the President.  Even if he accedes to an independent inquiry, the damage has been done, and he seems likely to limp, at best, toward general elections scheduled for mid-2018.  InSight Crime (a CLALS-sponsored foundation) has also called the scandal “a massive self-inflicted wound in [Mexico’s] fight against organized crime” because it compromised anti-crime operations and undermined the government’s credibility.

July 24, 2017

Post-Snowden Challenges for U.S. Information and Communication Technology Firms

By Robert Albro

infocux Technologies / Flickr / CC BY

infocux Technologies / Flickr / CC BY

A year after Edward Snowden’s dramatic disclosures about NSA surveillance in Latin America, U.S. companies hoping to make inroads into the region’s fast-growing information and communication technology market are running into increasing obstacles.  If the political costs were immediately forthcoming, especially in Brazil, the fallout for Silicon Valley’s tech giants has taken longer to assess. The biggest problem is the lingering lack of trust resulting from the revelation that the U.S. companies enabled the NSA’s eavesdropping by giving it direct access to their servers.  A 2014 NTT Communications survey found that, in response to the Snowden affair, 88 percent of information and communication technology decision-makers around the world, including Latin America, have changed their buying behavior around large-scale data storage.  In Brazil, Argentina, Mexico and Chile, “data sovereignty” has become a major issue, in the form of new data privacy and disclosure laws now shaping the direction of the region’s developing market.

According to the Information Technology & Innovation Foundation, U.S. software firms are expected to lose $35 billion in sales overseas through 2016. Forrester Research, an independent technology and market research company, puts potential losses as high as $180 billion.  Latin American investors have been questioning the wisdom of using US data storage companies, and established U.S. dominance in the cloud computing sector has already taken a hit. Cisco’s last quarterly earnings, for example, were down 7 percent – 27 percent in Brazil – even as the cloud computing market in Latin America is predicted to grow at a 26 percent clip through 2018.  The emergence of Miami as a major global tech hub and gateway to Latin America’s fast-growing information technology markets is threatened by a proposed EU-Brazil trans-Atlantic cable to circumvent the city as a key node for Latin American access to the global internet.  As investor e-news service 4-Traders has reported, Chinese tech giants like Baidu, Alibaba and Tencent are establishing and expanding beachheads in Latin America, while China’s government pursues cooperative partnerships with Latin American counterparts to accelerate the development of the region’s information infrastructure.  Meanwhile, US-based data mining and analytics firms like Choicepoint Inc., currently major players in the region’s business intelligence and online security markets, have become the subject of investigation by skeptical governments and privacy advocates in the region.

The U.S.-centric view of the internet as “free and open,” a basic feature of the business model of U.S. tech firms, is being challenged in Latin America, where the regulatory balance between free expression and privacy is increasingly tilting toward the latter.  Despite the fact that the region’s online population is the world’s fastest growing and that it boasts a dynamic tech start-up movement, U.S. internet technology firms should expect more such challenges.  Regional trends in internet governance are largely anti-American, focused on displacing U.S. commercial dominance of the internet, and promoting open-source software as alternatives to U.S. products and services.  As Latin America builds out its cloud computing market, it is doing so in ways poised to compete and not collaborate with U.S. companies.  Privacy controls and requirements to conform to local laws already create new and costly disincentives for U.S. companies, which might opt to pull up stakes.  Meanwhile, business models for Latin American start-ups are not copycatting U.S. models as frequently as in the past.  If Latin American entrepreneurs have maintained close ties with U.S. centers of innovation and investors, they are now more focused on developing their own intellectual property, instead of technology transfer, to meet specific demands of their local and regional markets.  What just yesterday seemed wildly improbable – that U.S. tech giants might lose their edge in Latin America – has become a credible scenario.

October 23, 2014