Written question to the High Representative on the use of spyware by UAE authorities

Marietje

Today Marietje Schaake asked the following question to High Representative of the European Union for Foreign Affairs and Security Policy Federica Mogherini:

A new report by Citizen Lab, an interdisciplinary laboratory based at the Munk School of Global Affairs at the University of Toronto, describes a campaign of targeted spyware attacks from 2012 until the present, against Emirati journalists, activists, and dissidents. Circumstantial evidence suggests that the United Arab Emirates is responsible for this series of attacks, dubbed ‘Stealth Falcon’ by the researchers

1. How does the VP/HR asses the report by Citizen Lab ?

2. Is the VP/HR aware of which EU based companies may be involved in exporting systems designed, marketed and sold for the purpose of violating human rights and does she agree that updating the EU’s dual-use regulation or taking specific measures to tackle this problem should be a matter of extreme urgency?

3. Does the VP/HR consider using other policy instruments to ensure technology is used to advance not violate human rights globally?

Answer given by Vice-President Mogherini on behalf of the Commission on the 9th of August 2016

The High Representative/Vice-President is concerned by the information presented in the report. There are steps taken by the EEAS and Commission to expand the definition of dual use items to cyber-surveillance technologies and goods. ‘Dual-use items’ such as cyber-surveillance technology can be used for serious violations of human rights. The updated regulation (meant to replace the current dual use Regulation n°428/2009 adopted in 2009) is to:

ensure that cyber-surveillance technologies are identified as of dual-use in order to avoid technology exported from the EU are used in violation of human rights and international law in third countries;
keep up with new threats and rapid technological change, including enhanced controls on emerging technologies with military end-uses; and
ensure effective control of the export of ‘cyber-surveillance technologies’ that could be used against security interests of the EU.