7 September 2017

South Africa: Leaked Emails - Ramaphosa's Hypocrisy On Spying By the South African State

Photo: GCIS
Deputy President Cyril Ramaphosa.

In the run up to the election of the next president of South Africa's governing ANC in December, unknown entities are clearly working hard to discredit candidates who have spoken out against state capture.

The latest dirty tricks have targeted Deputy President Cyril Ramaphosa, who recently condemned the capture of the South African state, allegedly by business interests linked to President Jacob Zuma. Someone has leaked Ramaphosa's emails from his private Gmail accounts, suggesting that he was having multiple affairs, despite being married.

Ramaphosa has claimed that the fingerprints of the state intelligence services are all over the leaks. He has also located the smear attempt within

... a broader campaign that has targeted several political leaders' trade unionists' journalists and civil society activists.

How much credibility do his claims have? Those responsible could be private actors with no links to the spy agencies. But, no one should be surprised if his allegations of state spying turn out to be correct.

After all, in 2005, state spy agencies were abused in the bruising succession battle between then President Thabo Mbeki and his rival for the ANC presidency, Jacob Zuma. That behaviour seems to have been sustained.

There are systemic weaknesses in how the state intelligence services are regulated that predispose them to abuse. As a senior member of government, Ramaphosa must take political responsibility for keeping silent about these problems until now.

Eavesdropping in South Africa

It's quite possible that Ramaphosa's Gmail accounts were hacked. An intrusive piece of hacking software like Finfisher could do the trick. Finfisher is a weapons grade intrusion tool sold exclusively to governments. It is particularly useful for monitoring security conscious and mobile targets who make extensive use of encryption.

The tool allows its operator to take control of a target's computer as soon as it is connected to the internet. Once the operator does so, it can turn on web cameras and microphones for surveillance purposes, and exfiltrate -withdraw- data from the target's computer, such as emails.

By 2014, South Africa was the third largest named user of Finfisher, after Slovakia and Estonia.

In 2015, the University of Toronto's Citizenlab detected a Finfisher command-and-control server in South Africa. The discovery strongly suggested that the South African government continued to be a Finfisher user.

Leaked emails from Finfisher's competitor, the Italian-based Hacking Team, also provided evidence that South African government departments were in the market for hacking tools. And South Africa has a reputation in international intelligence circles for targeting individuals (like journalists, activists and academics) through hacking, rather than engaging in mass surveillance of the kind practised by the US and the UK. Tools like Finfisher come in handy.

Safeguards against abuse

In spite of their invasiveness, hacking tools are under regulated in South Africa.

There are two communication interception centres in the State Security Agency that the general public knows about. The first is the Office for Interception Centres, which handles targeted interceptions approved by a special judge. It is inwardly focused, and provides services to national crime fighting agencies.

The second is the National Communications Centres, which monitors the electronic communication. This centre is externally focused. It collects foreign signals intelligence.

While the Office for Interception Centres is established in terms of the Regulation of Interception of Communications and Provision of Communication Related Information Act (Rica), the National Communications Centres has no explicit founding legislation, and no known rules that govern its activities. This is why the current court challenge is significant.

In 2008, the European Court of Human Rights identified six safeguards for strategic intelligence gathering, to limit the potential for abuses.

It says the law needs to:

Spell out the nature of the offences which may give rise to an interception order.

Provide a definition of the categories of people liable to have their telephones tapped.

Limit on the duration of tapping.

Set out the procedure to be followed for examining, using and storing the data obtained

List precautions to be taken when communicating the data to other parties.

Spell out the circumstances in which recordings may or must be erased or the tapes destroyed.

South Africa's laws fail these tests dismally.

There are also no known rules governing the State Security Agency's use of selectors - the search terms used to process raw communications data - for analysing mass communication. This could lead to abuse.

Spying on political dissent

The problem of under regulation does not end with the National Communications Centre. As the country's civilian intelligence agency, the State Security Agency is meant to develop high level strategic intelligence to inform the Cabinet in deciding on the nation's most urgent national intelligence priorities.

But, a State Security Agency organogram leaked to Al Jazeera points to the existence of an operational entity in the domestic intelligence section called the Special Operations Unit. Little is known about its exact mandate.

The Sunday newspaper, City Press has linked this unit to a number of dirty tricks. These include smearing top civil servants, and forming a rival trade union to the Association for Mineworkers and Construction Union in the platinum belt, as well as spying.

And, a recent investigation by Privacy International exposed a revolving door between the intelligence agencies, the mining industry, and private security companies in the communications surveillance sector. In other words, not only are the state spy agencies underregulated; private sector ones are too.

So the available evidence points to the State Security Agency's political and economic intelligence focus being used to legitimise government spying on perceived political critics, and protect the exploitative business practices of mining companies.

Ramaphosa double standards

In 2013, Parliament narrowed the definition of what constitutes a national security threat to exclude legitimate political activities. Be that as it may, it has not done enough to address the weaknesses that created space for the 2005 spying abuses to occur.

Complaints from journalists and activists about illegitimate spying by the state have been piling up for several years. As the Deputy President, Ramaphosa would have been aware of these complaints. Yet, as a shareholder and non-executive director of Lonmin, Ramaphosa would have benefited from the spy agencies' interference in labour struggles in the platinum belt.

He has not spoken out about the under regulation of the spy agencies until now. Ramaphosa must take political responsibility for the utter mess that grips the state spy agencies.

Undoubtedly, spying on political elites threatens democracy, but it is self-serving of Ramaphosa to complain only when he himself becomes the target. Political leaders who are vying for the highest office in the land really need to be more principled.

The author is completing a book manuscript entitled 'Stopping the spies: constructing and resisting the surveillance state in South Africa' (forthcoming with Wits University Press in 2018).

Disclosure statement

Jane Duncan receives funding from the Open Society Foundation for South Africa. She is a member of the secrecy and securitisation sub-committee of the Right 2 Know Campaign, and a project leader of the Media Policy and Democracy Project.

South Africa

Former South African Colonel Sentenced to Death - Report

A former South African colonel, William John Endley, has reportedly been sentenced to death by a court in South Sudan on… Read more »

Copyright © 2017 The Conversation. All rights reserved. Distributed by AllAfrica Global Media (allAfrica.com). To contact the copyright holder directly for corrections — or for permission to republish or make other authorized use of this material, click here.

AllAfrica publishes around 800 reports a day from more than 140 news organizations and over 500 other institutions and individuals, representing a diversity of positions on every topic. We publish news and views ranging from vigorous opponents of governments to government publications and spokespersons. Publishers named above each report are responsible for their own content, which AllAfrica does not have the legal right to edit or correct.

Articles and commentaries that identify allAfrica.com as the publisher are produced or commissioned by AllAfrica. To address comments or complaints, please Contact us.