/ 17 December 2015

Say nothing – the spooks are listening

The State Security Agency has the ability to monitor a wide range of communications
The State Security Agency has the ability to monitor a wide range of communications

The technology exists to make continuous recordings and store every form of tele­communication of every South African citizen. And there are strong indications that the government uses it illegally.

The Mail & Guardian spoke to three independent sources who confirmed that illegal bulk interception, or mass surveillance, is occurring in South Africa.

One source is a former military intelligence operative, another has close connections to the private sector producing this technology locally, and the third was previously involved with diverse aspects of state security and has intimate ties with a technician involved in equipping the government with this capacity. 

With mass interception, thousands, if not millions, of people’s tele­communications can be simultaneously captured and stored for years. This includes phone and cellphone calls, SMSes, emails, services such as WhatsApp or Blackberry Messenger, and social media activity.

This data, calculated in zettabytes (each about a billion terabytes), can be intercepted and analysed to find out detailed information about the lives of any person without the knowledge of the individual or the telecommunications service provider concerned.

The stored data can be analysed to map associations between individuals, for example to identify criminal or terrorist networks. But it can also be used to monitor political and civil-society networks, and even business competitors.

With a voice sample, an individual’s phone conversations can be found in a mass of other recorded voices, and the person’s history can be scrutinised. A keyword search can also be used to sniff out targets and their activity.

The exact capabilities of South Africa’s mass interception facilities are not known. But it is known that such facilities are controlled by the State Security Agency (SSA), from the National Communications Centre (NCC) in Pretoria.

Legally, the NCC can intercept cross-border communications between suspects in South Africa and other countries. 

But the Regulation of Interception of Communications and Provision of Communication-related Information Act (Rica) ­prohibits interception of communications between people in South Africa without the approval of a judge.

But sources say illegal bulk interception is common.

The source who was involved with diverse aspects of state security claimed that the state has been intercepting all citizens’ communications for at least the past five years.  

“The public is completely unprotected. Every call of every cellphone, every call from every landline is channelled electronically.

“In the past, this was only done with calls that went out to foreign countries. Now it is every call. Millions per day. It is channelled and stored in Pretoria.”

The source added that phone conversations were not the only communications being recorded en masse. Call-related information – such as who called whom, when and how long the call lasted – was also being held. In addition, all data communications, including messenger service, emails and internet traffic, were being intercepted. “It sounds like a fairy tale: unbelievable. And that is the problem in this terrain.”

A former military intelligence operative said that, in 2011, the NCC’s bulk communications facilities had been used to intercept the conversations of members of the Hawks investigative unit, Agriforum members and South African bank and government officials.

The National Communications Centre in Pretoria. (Madelene Cronjé)

The source with close connections to the local producers of mass surveillance equipment said the mass interception net was much wider than this, and that South Africa has been mass recording and storing the private conversations of citizens for almost a decade.

“If they want to, they can look up all the conversations you have had in past years.”

Murray Hunter, the national co-ordinator of advocacy group Right to Know, said: “These capabilities violate ordinary people’s constitutional right to privacy. South Africa’s laws don’t acknowledge the existence of the government’s mass surveillance capabilities.

“So, of course, there is no protection against these practices – except whatever secret and unchecked internal regulations may exist within the intelligence agencies.

“We can only hope that the spooks actually obey whatever rule book they have written for themselves on this,” Hunter said.

The bulk interception facilities at the NCC are known to have been used to spy on some citizens illegally. In 2005, it was found that at least 13 people’s phone conversations had been intercepted illegally using the NCC’s mass interception facilities.

These included senior ANC members, opposition party members, public officials and people in business. A formal investigation into the interception at the NCC was initiated after Saki Macozoma, then a member of the ANC’s national executive committee, lodged a complaint with Ronnie Kasrils, the minister of ­intelligence at the time.

The M&G asked the parliamentary watchdog for intelligence services, the joint standing committee on intelligence, whether a review of the current laws governing interception would be considered.

The chairperson of the committee, Cornelia September, replied: “As legislators, we constantly review the implementation of legislation and will consider any changes if and when required.”

The M&G sent a list of detailed questions to the SSA but, in order to prevent compromising their operations, spokesperson Brian Dube could only supply a limited response:

He said: “As a matter of policy we do not disclose operational matters that reveal our capabilities to conduct the constitutional work we are expected to do. We have a number of oversight structures and mechanisms in place to safeguard the rights of citizens and those who have concerns about some aspect of our work are encouraged to present such before these structures.”

Master and merchant of communication interception

One South African company looms large in the international arena of mass surveillance: VASTech.

With offices in Stellenbosch, Pretoria, Dubai and Switzerland, the company primarily supplies mass surveillance equipment to Africa, Asia and the Middle East.

VASTech, which had a turnover of at least R30-million by 2006, was founded in 1999 by Frans Dreyer, who died in a plane crash in Libya in 2010. It rented premises at the government’s Council for Scientific and Industrial Research (CSIR) Scientia campus from as far back as February 2005.

CSIR spokes­person Tendani Tsedu said the relationship between the CSIR and VASTech was limited to office rental.

By 2006, VASTech had successfully graduated from the Gauteng government’s Innovation Hub “incubation” programme for new businesses. The incubator fast-tracks start-ups by providing resources such as office space, legal services and marketing.

Hub spokesperson Linah Nema­tandani said VASTech was only offered space to operate and business mentorship. The Hub was aware of the product and services that VASTech was developing, but its activities and clients were legal.

The department of trade and industry funded VASTech twice. In the 2007-2008 financial year, it approved a grant of R1.3-million for developing VASTech’s Zebra product and, in 2010, it approved R2.69-million for “Project Next”, the details of which are unknown to the M&G.

The Wall Street Journal reported in 2011 that the VASTech Zebra was found in a surveillance centre used by the Muammar Gaddafi regime in Libya. At the time, VASTech said it sold its equipment to governments not subject to international sanctions.

The trade and ­industry department said it funded VASTech’s ­development of the Zebra on the understanding that the device would be used for monitoring ­borders and stadiums.

VASTech’s relationship with the government also features in the so-called “spy cables” – top-secret government intelligence reports published by Al Jazeera in February.

In one cable, a 2010 report from the South African National Intelligence Agency (NIA) describes an Iranian government delegation visiting VASTech in 2005, where they received ­information about “active ­lawful interception” and “passive unrestricted monitoring”. In the report, the NIA expresses concerns that Iranian spy services could target VASTech and entities such as Denel, the National Communications Centre and the South African Secret Service.

Local technology website ITWeb stated in a 2006 interview with Dreyer that the company had signed a three-year contract with the state to provide a “recording solution”.

To gain an understanding of VASTech’s international standing, the Mail & Guardian sought the opinion of Sam Vaknin, a seasoned reporter on the Middle East and the Balkans, with sources linked to Israeli and other intelligence agencies. Vaknin was clear: the Zebra did not fit South Africa’s intelligence profile because the country’s spy services preferred surveilling individuals: “It would be journalists, liberal activists, academics, enemies of intelligence services.” This made the Zebra unnecessary, he said.

But Vaknin said there were rumours in global intelligence circles that the government initially collaborated with Russian intelligence agencies to fund VASTech.

“Each government pledged to purchase at least one system as a form of financial support. The South African services are using the Zebra only spottily and sporadically. The Russians ordered two or three additional systems over the years and gave them to allies,” he said.

Vaknin said that, after Dreyer died in 2010, VASTech’s ties with the South African government strengthened. “VASTech was in panic, and everyone thought it was about to die. Then they hopped into bed with the government much more forwardly. ”

The department of trade and industry did not respond to the M&G’s questions, VASTech would not comment, citing client confidentiality, and the State Security Agency declined to comment, citing internal policy restrictions.

WikiLeaks lifts the lid – a little

In 2013, WikiLeaks released brochures from South African mass surveillance equipment producer VASTech – a company well acquainted with government.

The brochures advertise three products: the Zebra, the Badger and the Satellite Signal Analyser.

According to the brochures, the Zebra monitors and records all voice calls, SMSs, MMSs, emails and faxes in the mobile and landline networks to which it is connected.? It also captures the metadata of these communications: when the communication took place, its duration, the parties involved. The Zebra stores this online for “extended periods of time”, although the available brochures do not specify exactly how much information can be stored or for how long.

Yet because information is stored in an online database and not on a local hard drive, storage space can more easily be scaled up as required.

The Zebra also allows information to be analysed, so that law enforcement can “go back in time” to “identify targets and discern relationships which may have their origins years into the past”.

The Badger is used to monitor internet activity, including social media and web-based email services. The Zebra and the Badger can be used in conjunction with the Satellite Signal Analyser to intercept, store and analyse satellite communications.

VASTech would not comment on its products on the grounds of client confidentiality.

This story was commissioned by the Media Policy and Democracy Project, an initiative of the University of Johnnesburg’s department of journalism, film and TV and Unisa’s department of communication science.