• Buro Jansen & Janssen is een onderzoeksburo dat politie, justitie, inlichtingendiensten, de overheid in Nederland en Europa kritisch volgt. Een grond-rechten kollektief dat al 30 jaar publiceert over uitbreiding van repressieve wetgeving, publiek-private samenwerking, bevoegdheden, overheids-optreden en andere staatsaangelegenheden.
    Buro Jansen & Janssen Postbus 10591, 1001EN Amsterdam, 020-6123202, 06-34339533, signal +31684065516, info@burojansen.nl (pgp)
    Steun Buro Jansen & Janssen. Word donateur, NL43 ASNB 0856 9868 52 of NL56 INGB 0000 6039 04 ten name van Stichting Res Publica, Postbus 11556, 1001 GN Amsterdam.
  • Publicaties

  • Europa

  • Politieklachten

  • Dutch IT company worked for dictatorial regimes, Fox-IT in the Middle East (research) (translation)

    From 2006 to 2012 Dutch IT security company Fox-IT was very active in the surveillance industry market in the Middle East. The Gulf region was a significant market for the company from Delft. Fox-IT also provided several closed workshops in, among others, Syria, Egypt, Saudi Arabia and the UAE. In these countries the company tried to sell its products to government agencies, the military and intelligence services.

    In 2007 Fox-IT advised its partner company and intermediary AGT (Advanced German Technology) on how to evade the American trade embargo against Syria. In 2008 the company organised a training for the National Defence Council in Egypt, and in 2011 Fox-IT was involved in the establishment of the Forensic Lab, a surveillance project for Saudi Arabia’s Ministry of Home Affairs.

    This has become clear from research by Buro Jansen & Janssen, based on a large amount of internal company documents and emails the research organisation received about the relationship between Fox-IT and the German company AGT in the period from 2006 to 2012.

     

    The Netherlands as customer

    Computer and security company Fox-IT was established in 1999. Soon after, the Dutch government became a significant customer. Fox-IT provides security for Dutch state secrets, for example the minutes of the Council of Ministers. Besides the government, the company acquired many financial institutions as customers, after which it also ventured into the international market.

    Fox-IT co-founder and director (until 2017) is Ronald Prins. He became the cyber security expert of The Netherlands and appeared as a guest in talk shows and topical programmes on television. In 2018 Prins was appointed a member of the Review Board for the Use of Powerss (TIB, for its acronym in Dutch), the committee that oversees the Dutch intelligence services.

    In recent years, several western companies have been called into question due to their support of repressive regimes and their contribution to the establishment of the surveillance state in different countries in the Middle East in the run up to the Arab Spring in 2011.

    Until now, Fox-IT was left untouched. The documents Buro Jansen & Janssen received shed a different light on the activities of the company and its contacts with repressive regimes in the region.

     

    ISS World in Dubai

    In 2011 Fox-IT was called into question. The Dutch publication Vrij Nederland (Secrets of a super tapper 13-08-2011) revealed that the company was present at the ISS World Conference in Dubai (United Arab Emirates) from 21 to 23 February, 2011. ISS (Intelligence Support Systems) World is a trade fair for listening and surveillance equipment.  In addition to companies, there was the attendance of military, police and intelligence personnel from different countries in the Middle East.

    Fox-IT’s presence in Dubai stood out. The Arab Spring was at its peak at that time. After Tunisia in December 2010 massive protests followed against dictators in other Arab countries like Egypt, Libya, Syria, Yemen and Bahrain. At the same time it was revealed how democratisation movements in the Middle East were being repressed with the assistance of technology provided by western companies.

    Vrij Nederland published: ‘The ISS meeting was held at the peak of the Arab Spring. In Egypt Mubarak had already switched off the internet, the regime in Tunisia had hacked Facebook accounts and Syrians were only able to safely communicate via networks in neighbouring Turkey. This is happening with the help of the West. At least nine countries in the region, among which Tunisia and Yemen, have bought filtering technology from western companies like McAfee and Websense.’

    Not unexpectedly, the presence of Fox-IT at ISS World raised some eyebrows. Did the company also sell its technology to repressive regimes in the region? And how did this sit with the image of the company? Fox-IT purports to be a company of certain standards.

    When asked, then director Ronald Prins stated to Vrij Nederland: ‘Fox-IT exists to make society safer, not to protect the powerful from their own people. It has happened, however, that countries where trouble is brewing suddenly call up wanting to buy our stuff. In which case I’m very clear: we don’t do that’.

    The same article also revealed that Fox-IT was present at the International Police, Safety & Security Equipment Exhibition in Iran in 2003 to drum up business. A salient fact, seeing as it had been revealed in 2009 that the Finnish Nokia and the German Siemens sold surveillance equipment to the investigative forces of Iran,technology the regime used to strike down the rebellion a couple of months later. Prins denied to Vrij Nederland that Fox-IT had sold products to Iran. He did mention that the company had been ‘rather naive’ back then  [..] we’re miles further now’, according to Prins.

     

    Spy Files

    Late 2011 Fox-IT was called into question once again after Wikileaks published the so-called Spy Files. In these documents concerning the surveillance industry three Dutch companies appear: Group 2000, Pine Digital Security and Fox-IT. In an article in Webwereld (Biggest supplier not in Wikileaks Spy Files, 02-12-2011) the companies were asked for a response.

    The companies (including Fox-IT) admitted they had received requests for their products ‘from countries like Iran, Syria and Zimbabwe’, but that they ‘never did business with dictatorial regimes’. Fox-IT’s Prins added to Webwereld (Fox-IT unimpressed about Wikileaks): “We did receive requests, but we have always refused them. We believe in a safe society and such countries do not fit that view.”

    Even though Fox-IT was called into question, the storm very quickly subsided. Responding to questions in parliament the minister said he would discuss it with technology companies, including Fox-IT, to point out the ‘possible abuses of filtering technology for anti-democratic and repressive purposes’.

    That’s where it ended, stones were very much left unturned. Fox-IT doesn’t reveal to which countries they supply because it supposedly concerns trade secrets. Fox-IT would never have done business with dictatorial regimes, though Ronald Prins did tell Vrij Nederland his company supplied to countries ‘with whose policies they didn’t completely agree’. He failed to specify which countries he meant and with which countries the company does do business.

    The documents Buro Jansen & Janssen received shed a new light on the activities of Fox-IT in the Middle East. From 2006 onwards, the region became an increasingly important market for the company. Fox-IT established contacts in countries like Syria, Egypt, Saudi Arabia and the UAE, and tried to sell their products there.

     

    Important market

    Until 2006 Fox-IT was mainly active in The Netherlands, where they attended the Dutch Infosecurity fair in the Jaarbeurs in Utrecht every year. After 2006 the company becomes increasingly active internationally. The Middle East becomes an important growth market for the company.

    In 2006 Matthijs van der Wel is appointed as Manager Business Development EMEA (Europe, Middle East and Africa). In December 2006 Fox-IT announces in the 11th number of their newsletter Fox that ‘an international sales force has been established intended mainly to offer products of law enforcement to organisations. Specifically with the data diode, the tap analyses software FoxReplay and our cryptographic products in mind’.

    Fox-IT focuses mainly on the sale of the FoxReplay and the Fox DataDiode in the Middle East. The FoxReplay has been on the market since 2006 and concerns interception equipment with the ability to analyse internet traffic in real time. The Fox DataDiode is a sort of one way firewall between a public and private network, with which access to confidential material can be regulated.

    As part of the marketing strategy they’re present at fairs for computer and network security, listening and surveillance equipment. When asked about it in 2011 Ronald Prins admitted to the presence of Fox-IT at two fairs: in Iran in 2003 and the UAE in 2011.

     

    Surveillance fairs

    These aren’t the only two fairs, however, the company attended in the Middle East. From research by Buro Jansen & Janssen it appears that Fox-IT was present at thirteen fairs in the Middle East in the period from 2006 to 2012.  During this period Fox-IT attended just as many fairs in Europe. It’s an indication of how important the Middle East was for the company as a market.

    For example, from 2007 to 2011 Fox-IT was present at the ISS World MEA (Middle East and Africa) in Dubai (UAE) each year. In 2007 it even sponsored (co-financed) that particular fair. Apart from that, Fox-IT attended the Milipol fair in Qatar in 2006 (May 15-17) and 2008 (November 17-19). The 2008 fair was promoted by the organisers as the fair for internal state security. Milipol is organized by the Home Office of Qatar.

    In 2007 Fox-IT attended the IDEX (International Defence Exhibition & Conference) fair in Abu Dhabi (UAE) and the GITEX (Gulf Information Technology Exhibition) in Dubai; in 2008 the ITNS (Information Technology & National Security Conference) in Riyad (Saudi Arabia) and the ISNR (International Exhibition for National security and Resilience) fair in Dubai; in 2009 again the IDEX fair in Abu Dhabi and in 2011 the Info Security Conference & Exhibition in Kuwait and the Istanbul Euroforensics in Turkey.

     

    Team expansion

    In 2007 the company expands its team of salespeople. In January 2007 Fox-IT hires Jack Grossat as International Sales Manager. On his LinkedIn page he writes that he’ll be responsible for the establishment of the ‘International Sales & Marketing organization’ of the company. According to LinkedIn he’s mainly occupied with the sale of the ‘Data diode one way data flow, Replay Internet real-time monitoring software’.

    During these years Fox-IT barely publicizes its activities in the Middle East. On the different websites of the company (fox-it.nl, datadiode.eu, foxreplay.eu) it’s mentioned the company operates in the Middle East and the fact of Fox-IT’s presence at fairs is also noted.

    The company also mentions certain other of its activities on its websites, like a tour of the region. On certain matters Fox-IT doesn’t provide any transparency. For example, the company fails to mention in its publicity channels which countries in the Gulf region it visits and to which countries and clients it sells its products.

    The choice for the Middle East as a selling market is remarkable. In 2011 Ronald Prins claimed in Vrij Nederland that the company does not do business with dictatorships. It raises the question why the company would decide to focus on the Middle East. According to the yearly index of Freedom House, the Middle East only knows a few parliamentary democracies, most countries are listed as authoritarian regimes.

     

    AGT

    Since the start of their trade with the Middle East Fox-It cooperated with the German company AGT. During the IDEX 2007 fair held February 18-22, 2007 in Abu Dhabi, Fox-IT and AGT struck a partnership deal, a confidential agreement. The agreement of February 20th, 2007, was made between Fox-IT Forensic IT Experts, represented by Ronald Prins, and Anas Chbib of AGT FZ LLC.

    This partnership agreement reveals that while AGT shields its clientele, it does make them available to Fox-IT. The Delft company can trade with the clients, resellers and consultants of AGT as long as the German company gives the green light.

    Article 20 of the agreement reads: ‘All the clients/accounts, resellers or consultants introduced by the partner to Fox-IT are protected accounts for the Partner and Fox-IT is not allowed to work directly with them, or provide any commercial information or prices without a written approval from the Partner, a list of those accounts is annex A.

    AGT, with branches in Dubai (UAE) and later also in Syria, Egypt and Saudi Arabia, was established in 2002. The German company is an intermediary that is mostly occupied with the sale of European technology and knowledge to mainly Middle Eastern countries.

    In a company profile from 2006 AGT describes its mission as: ‘To provide and enable the transfer of advanced German and European security technology and know-how to various international markets through our partners.‘ AGT is mainly active in the Middle East: ‘AGT brings the advanced security of tomorrow to its international customers with the Middle East countries being of prime focus.

     

    The brothers Chbib

    AGT is led by brothers Anas and Aghiath Chbib. German and Syrian national Anas Chbib is the businessman of the company who travels the Middle East and tries to convince government officials to purchase products primarily from European companies. Anas studied at the universities of Dortmund and Cologne, after which he worked for Deutsche Bank, Dresdner Bank, Lufthansa Consulting, Medisana AG and Deutsche Bahn AG from 1998 to2001, before founding AGT in 2002.

    Aghiath Chbib is the IT specialist of AGT who concerns himself with the technical details of the agreements. Aghiath is also a German and Syrian national. Both men move seamlessly between Europe and the Middle East. Anas Chbib is still involved with AGT, Aghiath Chbib meanwhile has left the company and started a new one, Seecra.

    Since 2002 AGT has presented itself at all kinds of security fairs and conferences in the Middle East and occasionally in Europe (like at the CeBIT in Hannover and the IT security Summit in Berlin). Between 2002 and 2006 AGT was present in Bahrain (MEFTEC – Middle East Financial Technology Exhibition & Conference), Dubai (IT security Summit and Intersec – International trade fair for safety and security), Cairo (IT security Summit), Riyad and Jeddah in Saudi Arabia (IT security Summit), and Damascus (IT & Communication). After the Milipol Qatar, AGT can be found at the same fairs as Fox-IT from 2006 to 2011, but also at Syrian fairs, for example the 2nd IT Security Conference.

     

    Controversial partner

    AGT is an intermediary with knowledge of both manufacturers in Europe and the market in the Middle East. Intermediaries operate in all kinds of markets, including the market for listening and surveillance equipment.  Manufacturers depend on these traders to provide the contacts to offer their products to institutions or companies.

    With regards to the Arab-German company’s portfolio, Fox-IT’s choice can be said to be remarkable. AGT’s clientele is known to Dutch people.  For these names can simply be found on the company’s website, because in the early years AGT was reasonably transparent about its contacts and projects in the Middle East. AGT has clients in countries with repressive regimes, including governing bodies, and it has offices in Egypt, Syria, Saudi Arabia and the UAE.

    Nothing shows that Fox-IT has any qualms about AGT’s contacts and trading partners. Even with the information available back then, trading with countries like Syria and Egypt should have raised some questions in 2007. Amnesty International and Human Rights Watch have both written extensively about human rights violations in both countries and since 2006 they’ve been added to the list of Enemies of the Internet of the organisation Reporters without Borders.

    In 2006 dictator Mubarak of Egypt starts vehemently aiming for control, surveillance and persecution of any oppositional voices of the internet. Reporters without Borders writes: ‘President Hosni Mubarak displays an extremely disturbing authoritarianism as regards the Internet. Three bloggers were arrested in June 2006 and were held for two to three months for calling for democratic reforms.’

    The Egyptian government also obtains more possibilities to close websites due to possible threats to the ‘national security’. ‘This could open the way to extensive online censorship’, according to Reporters without Borders. Egypt’s Ministry for Communication and Technology is a client of AGT.

    In Syria, internet freedom is also seriously at risk. Reporters without Borders describes Syria as ‘Middle East’s biggest prison for cyber-dissidents, with three people currently detained for criticising the authorities online. They are systematically tortured and subjected to inhumane conditions.‘ Among AGT’s clients mentioned on its website are the Office of Prime Minister and STE (Syria Telecommunication Establishment). STE is a state company that controls telecommunications in Syria.

    However, Fox-IT doesn’t question the desirability of trading with countries like Egypt and Syria, or cooperating with AGT. On the contrary, the company looks forward to cooperating with AGT in the region.  International Sales Manager Jack Grossat informs Anas Chbib in an email on May 4th, 2007: ‘Think it is clear we like to move together in the ME (Middle East).’

     

    Fox-IT and AGT on tour

    An important part of the methods of AGT is the organizing of tours for European companies round government institutions in the Middle East with the goal of acquiring customers. On its website and in emails the company speaks of a ‘Telecom roadshow through the Middle East’. In 2006 AGT organizes no less than three tours: in January, September and October. Fox-IT isn’t involved in these tours yet.

    In May and December 2007 AGT organizes two more tours. Fox-IT takes part both times. At the ISS World fairs, the companies have a booth or they give lectures meant to pique the curiosity of (potential) clients and close deals where possible. The closed workshops (which AGT calls AGT Security Workshops) in the capitals of the Middle East during the tours, partly draw from the connections made at the fairs. Potential and new clients are further persuaded to place orders with European companies.

    Fox-IT’s ambitions in the Middle East are clear: to sell the FoxReplay and the FoxDataDiode. The company states these ambitions on its websites. The sale of the FoxReplay and Fox DataDiode is the goal of the company for the tours. This is apparent from several emails that Matthijs van der Wel (Manager Business Development EMEA) sent to AGT in preparation for the tour.

    For example, on April 12th, 2007, he writes to AGT: ‘For now we are focussing on selling our Datadiode and FoxReplay products internationally’. One month later, in May, he expresses a wish to sell both products during the tour: ‘I would very much like to promote our DataDiode and FoxReplay product.

    In May 2007 Fox-IT forms part of a delegation of companies that visits the capitals of the UAE, Egypt, Saudi Arabia and Syria. Besides Fox-IT, the party consists of employees of the Italian companies Area SpA and RCS SpA, the German companies Genua GmbH, LastMile AG and T-Systems International GmbH, Signal Guard International Ltd. from New-Zealand, and the Hungarian Kurt Security Group.

     

    Closed workshops

    The tour starts off in Abu Dhabi, where Fox-IT gives a workshop for a large number of officials of the army and navy of the UAE, in order to build up interest in their products. Also present at the workshop are representatives of the government, police, customs and some companies, but the twenty military men make up the majority.  Similar to other destinations during the tour, the company representatives stay a couple of days in Abu Dhabi in order to establish contacts with potential clients or strengthen their ties.

    After two days in Abu Dhabi the company leaves for Cairo. On May 15th Fox-IT gives a workshop at the Four Seasons Hotel Nile Plaza.  Conspicuous participants are some Egyptian government departments, like the Egyptian domestic security service SSIS (State Security Investigations Service) and the Foreign Office. Besides the government departments, three intermediaries are also present: the Egyptian companies Tea computer, JRM and MIS EGYPT.

    The Fox-IT workshop in Saudi Arabia on May 19th is once again mainly attended by military personnel. The army unit attending the workshop is the SANG (Saudi Arabia National Guard), otherwise known as White Army, the bodyguards of the Saudi royal family. Apart from the government departments, intermediary ICS (Integrated Computer Systems) is also present.

    Last stop of the tour is Syria. On May 21st, 2007 Fox-IT gives a workshop at the Four Seasons Hotel in Damascus. This is mainly attended by representatives of the Syrian government and intelligence services. According to the list of participants, two persons of the military intelligence services were present, three persons of the air force intelligence and two persons of the state security services. Furthermore, six people of the Home Office and the Ministry of Telecommunications took part. The list of participants also mentions an intermediary (Syrian company Kanaan) and even two private persons.

     

    Evading Syrian trade embargo

    In response to the Wikileaks’ Spy Files from 2011 about supplies by the Western surveillance industry to repressive regimes, Fox-IT explicitly denied having done business with Syria. According to Fox-IT, the company did receive requests for their products from Syria, but they didn’t confirm and they didn’t do business with the country. Considering the documents Buro Jansen & Janssen received, the statements of the company are not very credible to say the least.

    By claiming Fox-IT ‘did on occasion receive requests for their products from Syria’, the company downplays their contacts with the country. Fox-IT did specifically target the Syrian market. The company even provided a workshop on May 21st, 2007 in Damascus to representatives of Syrian public services and the Syrian intelligence services, which was aimed at selling the FoxReplay and the Fox DataDiode. Apart from which, the partner and reseller of Fox-IT, AGT, had a branch in Syria and multiple customers in the country, including the Syrian state company STE (Syrian Telecommunication Establishment).

    The documents Buro Jansen & Janssen received don’t contain details about any Fox-IT deliveries to Syria, but they do contain other salient information. Email correspondence between Fox-IT and AGT shows that Fox-IT advised their partner and reseller AGT in the summer of 2007 about evading the American trade embargo against Syria. In 2004 the United States imposed an embargo on American exports of all products to Syria, with the exception of food and medicine.  According to the American embargo the manufacturer is always liable for the final destination, even if trade goes through intermediaries.

    Email correspondence shows AGT needed servers for an order in Syria. Though the emails don’t contain any details about the contents of the order, they do show it concerns an order on which AGT and Fox-IT work together. On July 24th, 2007 Matthijs van der Wel (Manager Business Development EMEA of Fox-IT) writes in an email to AGT: ‘We cannot export USA Dell servers to Syria, so we need AGT to order them locally.

    The remark ‘we cannot export’ shows Fox-IT was aware of the possible legal consequences of evading the American trade embargo. With ‘so we need AGT to order them locally’ Van der Wel refers to AGT’s option of ordering the servers locally through the AGT branch in the United Arab Emirates. Using this construction, Fox-IT avoids the risk of being prosecuted for violating the American embargo. It pawns off the responsibility of purchasing the servers to AGT.

    In his email Van der Wel also points out another possibility to AGT, namely that AGT doesn’t order DELL servers but different ones. He writes: ‘So we need AGT to order them locally, or order non DELL-servers as described in the document. By using the specifications in this document, AGT can order the servers directly themselves from DELL and might be able to negotiate a good margin with DELL.

    It remains to be seen if ordering different servers than DELL is a solution for possible legal issues regarding the evasion of the American embargo, since most types of servers originate in the US. Finally, Van der Wel also shares his knowledge with AGT about the installation of the necessary software for the servers. He concludes his email with: ‘The proxy server software will come with an easy installation so that should not be difficult to install for the AGT engineers.

     

    AGT, reseller of Fox-IT

    During 2007 the cooperation between Fox-IT and AGT develops quickly. After signing the partner agreement in February and taking part in the tour organized by AGT, Fox-IT signs a reseller agreement with AGT in the summer of 2007. Thus making AGT an intermediary for Fox-IT’s products. The reseller agreement has some advantages for Fox-IT. AGT will draw attention to the products of the Dutch computer and security company among their clients and contacts, and will try to sell them.

    Van der Wel of Fox-IT writes the following in a fax on June 29th, 2007 to AGT concerning some fairs and workshops: ‘I’ve received your e-mail message on the requested training before the GITEX and the workshop. Training is mentioned in the reseller agreement, and we can do the sales training (short training) as well. Also for the exhibition in KSA (Kingdom of Saudi Arabia red.), we don’t need to have our own exhibition space, we can be present in your booth as sales support. We will also supply you with marketing material (and the mentioned case) that you can use in y our booth!

    AGT also benefits from the reseller agreement. AGT expands their portfolio, while Fox-IT provides the means for marketing (leaflets, posters, brochures, etc.). On June 29th Matthijs van der Wel writes: ‘Please understand that it is up to AGT to determine these prices and the pricing model. […] It’s also up to you how you offer the products to your clients.’

     […] Please find attached our demo model, as we like to offer to our partners the options to make use of our demo equipment in a flexible way and at minimum costs. I think we have succeeded in this by offering you to make use of our pool of demo equipment at only the return sending costs. … We will also provide you at no costs, for marketing (exhibition) purposes, a medium weight case with a data diode (empty one), display with LEDs and space for brochures etc.

    In the fax from June 29th Fox-IT makes clear it’s in a hurry to sign the agreement. ‘We need to have an agreement on the reseller agreement fast‘, according to Van der Wel. Signing the reseller agreement matters to Fox-IT, because the company has already made contact with some potential clients in the Gulf region.

    Under the header ‘business opportunity’ Van der Wel forwards a message from a potential client from the United Arab Emirates who has shown interest in Fox-IT’s products. It concerns the company Hemaya Information System Services. Van der Wel puts the two companies in touch and writes to Hemaya on June 28th, 2007: ‘I hope it’s fine with you but I’ve given your contact details to our local partner AGT.’

    On August 27th, 2007 Anas Chbib signs the agreement on behalf of AGT. On top of being partners, AGT now also acts as reseller for Fox-IT. By signing the reseller agreement Fox-IT becomes partly dependent on AGT, which as intermediary for Fox-IT’s products can offer and sell them to their clients. This involves the risk that Fox-IT might lose sight of the customers to which AGT sells their products. On top of that – considering AGT’s clientele – it involves a real risk the products of Fox-IT end up in countries with repressive regimes, like Syria, Egypt and Saudi Arabia.

    However, Fox-IT doesn’t pay any attention to this issue. In the internal email correspondence regarding the signing of the reseller agreement there isn’t any mention of countries and clients to which AGT is allowed to sell Fox-IT’s products. The reseller agreement itself doesn’t contain any conditions and neither has the agreement an MVO (Socially Responsible Entrepreneurship) paragraph.

     

    Trainings/workshops for intermediaries 

    AGT has many contacts with other companies that focus on the resale of technologies of western companies to countries in the Middle East. Early September 2007 AGT organizes, prior to the GITEX fair in Dubai, a ‘sale and pre-sale oriented’ workshop, especially for these intermediaries.

    During this workshop (designated by AGT as world security leader workshop) from September 2 to 6, 2007 Signal Guard International Ltd., Genua GmbH, LastMile AG, Kobil, PackAlarm, Ipoque and Fox-IT highlight their products.  On September 6th, 2007 Fox-IT gives a workshop in which it presents the FoxReplay and the Fox DataDiode. ‘I would like to present FoxReplay Analyst and the Data Diode only‘, writes Matthijs van der Wel on July 18th, 2007 in an email to Anas Chbib during the preparation for the workshop.

    The workshops are specifically aimed at intermediaries from the region. Fox-IT was aware of this. In its invitation to the company, AGT had written on July 8th, 2007: ‘We are looking forward to give a training for your resellers’. The list of participants for the workshop shows that some of the companies present are closely associated with governments. Also present are some officials of Ministries of Defence and Foreign Affairs of several countries.

    Amongst others, ABC (Associated Business Company Ltd.) and SETCO (Syrian Equipment & Trading Company) from Syria are present at the workshop. Both companies are closely linked to the Syrian regime. ABC mentions a number of projects on its website in 2008, like the construction of the network for internet connections of the Syrian prime minister. Among the invited is SDS (Syrian Data Systems), a Syrian company that works for the STE (Syrian Telecommunication Establishment), the Syrian Presidential Palace and the Ministry of Defence and Home Office.

    Also present are intermediaries from Egypt, like Giza Systems. This company from Cairo, with branches in Bahrain, Libya, Saudi Arabia and Syria, in 2007 lists on its website the Ministry of Military, the NDC (National Defene Council) and the NTRA (National Telecommunications Regulatory Authority) as its customers. Other Egyptian invitees are UAS (Universal Advanced Solutions) that works for the Egyptian army, and the GNSE Group, part of the Mansour family imperium; Mohamed Mansour was Minister for Transport during Mubarak’s regime.

    From Saudi Arabia SSBS (Systems of Strategic Business Solutions) is present. SSBS is part of the Al Othman holding, which has an extended network of companies in the kingdom and many Saudi government departments as clients.

    The week in Dubai finishes with a meeting for government departments and companies from the United Arab Emirates. Similar to the tour in May 2007 representatives of the army, the Home Office, the police and customs authorities are present. Apart from which several of the country’s commercial banks and intermediaries join them.

    The visit to Dubai matters to Fox-IT. From internal emails it is clear the company already had many contacts with potential clients in the region. The visit to Dubai offers a good opportunity to sustain and expand these contacts. Matthijs Van der Wel mails AGT on July 18th, 2007: ‘I would very much appreciate it if AGT can set up a number of meetings while I’m in the UAE. When I’m there, I would like to take the opportunity to meet as much potential customers or just say hi to some of the people I’ve met before.

    In his mail Van der Wel stresses the importance of the Middle East for his company: ‘I know it’s important to show our commitment to the middle east market so let’s try to make good use of the time that I’ll be in the UAE.

     

    New visit to the Gulf region

    In November/December 2007 Fox-IT again takes part in an AGT organized tour of the region. The tour stopped by Riyad (Saudi Arabia) on November 30th, and Amman (Jordan) on December 6th.  AGT had planned a visit to Cairo as well, but that doesn’t take place.

    During the trip Matthijs van der Wel is accompanied by two other employees of Fox-IT: Paul Bakker, manager of Fox Crypto, the Fox-IT department that secures state secrets, and Rens de Wolf, who takes over from Van der Wel as Manager Business Development EMEA. It is the last tour for both Fox-IT and Matthijs van der Wel, he’s leaving the Delft company to work at the American telecommunications company Verizon. Fox-IT doesn’t participate in the following and last AGT roadshow in the region visiting Bahrain, Qatar and Syria in 2008.

    The Dutch have been invited by the Saudi PCS (Paramount Computer Systems). Paramount claims on its website to be the regional market leader in cybersecurity since 1999. Among its customers are the Saudi and UAE Ministries of Defence, state telecom company STC (Saudi Telecom) and the Saudi Ministry of Information. Apart from Fox-IT, also taking part in the tour are Signal Guard International Ltd., LastMile AG, Genua GmbH, RCSlab SpA, Area SpA, Sirrix and P3-group.

    In Amman fifteen banks, three telecom providers and three government departments have signed up for the workshop. Anas Chbib also has invited some representatives of the Iraqi government. ‘We already got 15 banks confirmation, 3 telecom companies and three agencies, beside the top officials from IRQ government‘, he writes in an email to western companies on November 6th, 2007.

     

    ‘One on one client meeting’

    The AGT tour in December 2007 is the last one in which Fox-IT participates. The company does keep attending fairs in 2008 (like in 2006 and 2007). Fox-IT can be found at the ISS World EMEA in February, and a month later at the ISNR fair, both in Dubai. Later in the year, from November 17-19, Fox-IT attends the Milipol in Qatar.

    At the ISS World EMEA from February 26 to 28, 2008, Fox-IT presents its FoxReplay. A presentation by Bert Hubert, CTO (Chief Technology Officer) of FoxReplay, is announced in the fair brochure. The FoxReplay website states: ‘One of the core FoxReplay programmers, Gertjan Schoenmaker, will give a presentation.‘ Fox-IT also announces it will be represented at the fair by multiple people and clients can also expect a demonstration of the FoxReplay: ‘Not only will visitors to ISS World have the opportunity to meet some of the FoxReplay staff, a live demo will also be given to selected visitors.

    Besides Bert Hubert and Gertjan Schoenmaker, also present is Rens de Wolf, since November 2007 responsible for the Middle East. De Wolf has been invited by AGT to a pre ISS security workshop (from February 17 to 21), in which some companies like Regify, Utimaco, Phion and Funkwerk will present their products to a select group.  However, Fox-IT doesn’t participate in the workshop programme. The company does have ‘one on one client meetings’. This becomes clear from a bill from AGT to Fox-IT, dated February 5th, 2008.

    The documents Buro Jansen & Janssen received don’t provide a conclusive answer about with which parties Fox-IT has had ‘one on one client meetings’. It is, however, safe to assume the computer and security company had meetings with other participants of the AGT organized pre ISS Security Workshop and with visitors of ISS World.

    For the pre ISS security workshop AGT has invited several government agencies from the region, like the Syrian Telecommunication Establishment (STE) and the Bahraini intelligence service NSA (National Security Agency). Also present during the ISS World EMEA are the Egyptian intelligence agency SSIS (State Security Investigations Service), the Egyptian intermediary Giza Systems, the army of the UAE and the Saudi Home Office.

    The ‘one to one client meetings’ illustrate that Fox-IT has managed to build a reputation in the region. This also shows when Rens de Wolf is invited to a meeting at the Home Office in Saudi Arabia two months later. Fox-IT is there with the Italian RCS SpA, the South African VasTech and the Australian Senetas Corporation Ltd. The meeting lasts four days, from April 26th to April 30th, 2008.

     

    National Defence Council Egypt

    In 2007 and 2008 Fox-IT gave workshops for military and intelligence agencies of different countries in the Middle East, among which Egypt. For example, the Dutch company gave a presentation at the Nile Plaza Hotel in Cairo on May 15th, 2007. Among those present were five people of the Home Office and a representative of the Egyptian intelligence agency SSIS.

    In 2011 then Fox-IT director Ronald Prins said to Vrij Nederland that Fox-IT “theoretically had gone into bed with the secret service of Egypt before all the kerfuffle started”.  By ‘the kerfuffle’ he meant the uprising against dictator Mubarak in 2011. In doing so Prins gives the impression Fox-IT never did business with Egypt. Turns out, they did do business.

    From internal documents received by Buro Jansen & Janssen it becomes clear that Fox-IT gave a forensic IT training from June 24 to 26, 2008 to members of the NDC (National Defence Council) in Egypt. Fox-IT describes the training in a budgeted offer and in a bill to AGT of May 21st, 2008, as follows ‘Forensic/EnCase training/consultancy for one of their clients in Cairo, Egypt.’ Encase is software for forensic IT research by American company Guidance Software, which is also an AGT partner.

    The client to whom the training/consultancy is given is the NDC. This becomes clear from email traffic between AGT and the Egyptian client. AGT acts as intermediary and approaches Fox-IT to provide the training. AGT keeps in contact with the NDC via Sherif Emara, then employed by the NDC, and communicates with Emara about the training/consultancy data.

    The National Defence Council is an advisory body to the Egyptian government. Apart from the prime minister, the chairman of the parliament and the Foreign, Home, Finance and Defence secretary, its members mainly consist of generals in the Egyptian army and the heads of the different intelligence services, among which the SSIS.

    The SSIS was an infamous secret service that perpetrated torture on a massive scale. The SSIS was decommissioned in 2011, one of the demands of the Egyptian democratisation movement during the Arab Spring.

     

    Success in the Middle East

    Fox-IT entered the the Middle East market  in 2006. Through their presence at cyber security fairs and conferences, their partnership with AGT and their participation in the tours, they became a major player in the regional trade. In 2008 it becomes clear Fox-IT’s sales strategy in the Middle East is beginning to bear fruit.

    Fox-IT sells the FoxReplay to intelligence services in the Middle East. The company puts that on its own websites. In June 2008 the company writes: ‘Fox-IT has expanded internationally, with branch offices opening in the Netherlands Antilles and the UK to complement our headquarters in the Netherlands. In other parts of the world, including the Middle East and the USA, Fox-IT is represented by partners offering selected Fox-IT solutions.’

    The company explicitly mentions the FoxReplay as an important product for intelligence services: ‘In 2006 the foundation of FoxReplay took place. This business unit develops solutions for the analysis of intercepted internet traffic for police and intelligence organisations all over the world.‘ […] ‘Nowadays is Fox-IT one of the most specialised, innovative organisations in Europe, both in the area of security as in the area of digital investigation. Her market has expanded to big parts of Europe, the Middle East, the Caribbean and America.’

    Fox-IT expands its network in the region. In early 2010 the company states it has found another partner in the Middle East besides AGT: GSN (Global Security Network), a French company based in the UAE. According to its website, GSN is ‘serving government defence and intelligence organizations. As such GSN has achieved the status of being a ‘trusted’ security vendor for these organizations.’

     

    Surveillance Lab in Saudi Arabia

    2011 is the year of the Arab Spring. After Tunisia in December 2010 large protests ensue against dictators in other Arabian countries, like Egypt, Libya, Syria, Yemen and Bahrain. Not much changes for Fox-IT. The company remains active in the Middle East and in 2011 they’re involved in setting up a security project in Saudi Arabia.

    This seems a remarkable choice. Even in Saudi Arabia protests against the regime have taken place since 2011, albeit on a smaller scale than other countries. The country has been featured in the Reporters without Borders’ overview of ‘Enemies of the Internet’ since 2006.

    In 2011 the Saudi government introduces new laws on the internet that severely restrict freedom of speech. All online newspapers and bloggers, for instance, are obligated to request a special permit from the Ministry of Information. Bloggers and human rights activists are being monitored on social media and risk persecution.

    In this context Fox-IT takes part in a project of its partner AGT: ‘Forensic Lab’. The goal of the project is establishing a nationwide network of telephone and internet surveillance. AGT is project leader in cooperation with the Saudi company TCC (Technology Control Company).

    From June 20 to 22, 2011 a meeting takes place at the Home Office in Riyad on setting up a ‘Forensic Lab’. Apart from the police, this ministry is also responsible for special units, intelligence services, border control, interrogation centres and prisons.

    Besides Fox-IT and project leaders AGT and TCC, also present are the companies AccessData, DELL Inc., Guidance Software Inc., Teel Technologies and Tracip. On behalf of Fox-IT Valentijn van der Meijden (Sales Manager EMEA since February 2011), Hans Henseler (Managing Partner Business Unit Director Forensics) and Christian Prickaerts (Principal Forensic IT investigator) take part.

    Fox-IT prepares a PowerPoint presentation, in which they put forward a proposal for setting up and outfitting of the Lab. They refer to the Dutch NFI (National Forensic Institute), an independent governing body separate from the Ministry of Justice and Security. Fox-IT also anticipates the participation of a number of other companies in the Lab, namely AccessData, Guidance Software Inc., Dell Inc. and BlueArc.

    During the presentation Fox-IT also alludes to the joint ‘forensic’ history with AGT in the shape of the development of a network of intermediaries in 2007, a joint training in Egypt in 2008 and a visit to the Dutch NFI.

    Project leader AGT describes the goal of the Lab in their PowerPoint presentation as ‘the prevention of terrorism’. The rest of the presentation shows what they mean by this: the establishment of ‘monitoring centres’ that make surveillance of all internet and telephone traffic available to the Saudi government.

    AGT claims during the presentation to have experience with the development of ‘Digital Forensic Labs’, like the first Lab in the Middle East in 2005 (the presentation doesn’t mention which country this concerns) and a second Lab in 2007 in the GCC (Gulf Cooperation Council) region (United Arab Emirates, Qatar, Saudi Arabia, Oman, Kuwait and Bahrain).

    From July 23 to 29, 2011 a follow-up meeting about the Lab takes place, once again at the Home Office in Riyad. On behalf of Fox-IT once again present are Valentijn van der Meijden, Hans Henseler and Christian Prickaerts. Besides the companies that attended the previous meeting in June, there are some representatives of other companies, like AB & Burns, Agnitio, Radio Tactics, SAIC and Sirrix present.

    AGT organizes the next meeting about the Forensic Lab on September 5-7, 2011. This one takes place in the Ritz hotel in Berlin and features the same companies that were present during the meetings in Riyad. Representing Fox-IT are Christian Prickaerts and Hans Henseler. On Tuesday September 6th, 2011 Fox-IT gives a presentation in which it discusses part of the design of the Lab. AccessData, Guidance Software Inc., Dell Inc. and BlueArc give similar presentations.

    On November 15th and 16th 2011 the inauguration of the Forensic Lab steering group, ‘KSA-MOI project Steering Committee’, takes place in Riyad. Fox-IT has been invited to participate, but declines.

     

    Surveillance Boot camp

    From 2010, the beginning of the Arab Spring, the trade in the surveillance industry in the Middle East is subjected to close scrutiny. This doesn’t stop western companies from doing business in the region. Including Fox-IT, as shown from their involvement with the Forensic Lab in Saudi Arabia and their presence at fairs and conferences in the region.

    At the ISS World MEA from February 21 to 23, 2011 in Dubai Principal Forensic IT investigator Christian Prickaerts presents the FoxReplay. The company posts an announcement of the presentation on its FoxReplay website: ‘At ISS World MEA, Fox-IT will demonstrate the powerful features of Fox Replay Analyst, the perfect software tool for visualization and analysis of intercepted internet data. … open API allow you to effortlessly integrate Fox Replay Analyst with your existing intelligence applications and interception infrastructure.’

    One month later, from March 24 to 26, 2011, Fox-IT appears at the Istanbul Euroforensics fair, where the company is to be found next to AccessData, Guidance Software, MH service GmbH and Gamma International, known for their Finfisher product. After the tours and the security workshops in the Middle East in 2006, 2007 and 2008 AGT, Fox-IT’s German partner, develops a new concept: the surveillance boot camp. In 2011 AGT organizes two boot camps.

    The first AGT boot camp takes place in Berlin on October 13th and 14th, 2011. The surveillance boot camps have the character of the workshops AGT organized in the Middle East. On behalf of Fox-IT Hans Henseler, Dirk Peeters, vice president Business Development, and Valentijn van der Meijden are present. During the boot camps the companies, including Fox-IT, present their products.

    AGT has invited officials of the Jordan army top, the Home Office of Qatar, Kuwait and the United Arab Emirates, as well as representatives of the Sudanese, Ugandan and Ethiopian governments. In November 2011 AGT organizes a second boot camp, the Atlantic Forensics Summit. This surveillance boot camp was originally planned for November 29-30, 2011 in the United Arab Emirates, but it’s postponed until January 2012.

     

    Called into question

    During the Arab Spring in 2011 reports increasingly surface about the complicity of European companies with the development of the surveillance state in different Middle Eastern countries. In several national parliaments and the European Parliament, questions are being asked about this and the need for a stricter export policy is formulated. Some companies are called into question for supplying to repressive regimes, like Libya.

    This also happens in The Netherlands. Fox-IT is called into question in 2011 after parliamentary questions were asked in October 2011 and because of the Spy Files (leaked documents about the surveillance industry) published by Wikileaks. In these files Fox-IT is mentioned, together with two other companies, Group 2000 and Pine Digital, as supplier of technology to repressive regimes in the Middle East. The three companies respond on the website Webwereld (Grootste leverancier niet in Wikileaks Spy Files, 02-12-2011) and claim that all of the accused companies are being wrongly tarred with the same brush by Wikileaks.

    The companies concerned particularly point to the French Amesys as the company that would support dictators. ‘The Dutch parties reject the practices of the French company Amesys’, according to Webwereld. According to Wikileaks, Amesys supplied spying software to the Libyan regime that was used to listen to dissidents and threaten them.

    From the point of view of image control, Fox-IT understandably distances itself from the trade of Amesys with Libya. It does, however, show selective outrage. Not just because Fox-IT is very active in the Middle East themselves, but also because in 2011 it becomes known that – besides Amesys – a number of other companies have supplied technology to repressive regimes. Among these we also find some companies that are very familiar to Fox-IT.

    In 2011 it emerges that not just Amesys, but also the South African company VASTech SA (Pty) contributed to the establishment of the surveillance state in Libya. The company supplied the Libyan regime with equipment for the surveillance of internet and telephone traffic. VASTech is very familiar to Fox-IT. Among other things, both companies were present at a meeting at the Saudi Home Office in April 2008.

     

    Prosecution of companies

    Though several western companies are called into question in 2011, at first this has no legal consequences for them. From around 2014 this starts to change. In several countries companies are being sued for supplying to repressive regimes in the Middle East. Among these, we also find some companies with which Fox-IT has collaborated.

    On September 17th, 2014 the American Department of Commerce’s Bureau of Industry and Security (BIS) announces it has reached a USD $100,000 settlement  with the Italian company Area SpA regarding the evasion of the American embargo against Syria. Area SpA is fined for supplying monitoring technology to Syria. According to BIS, Area SpA ‘knowingly sold U.S.-origin network monitoring equipment to the Syrian Telecommunications Establishment (STE) without the required U.S. Government authorization‘.

    Area SpA is also being prosecuted in Italy. On December 1st, 2016 the Italian police raids the offices of the company on the grounds of suspicion to supply telephone and internet interception equipment to Syria. This is a violation of the 2012 European embargo against the Assad regime.

    Area SpA and Fox-IT know each other well.  Both companies participated in the AGT tours of the Middle East in 2007 and 2008, and gave workshops in Syria, Egypt, Saudi Arabia and the United Arab Emirates.

    In 2012 an investigation is started into the dealings of the French company Qosmos SA. The investigation follows the accusation of two human rights organisations, International Federation for Human Rights (FIDH) and the Ligue des droits de l’Homme (LDH). The company is suspected of supplying surveillance technology to the Assad regime. The investigation into Qosmos SA doesn’t pertain to the violation of the trade embargo but concerns the prosecution with regards to complicity to war crimes and crimes against humanity. Qosmos was present at the same surveillance fairs in the Middle East as Fox-IT.

     

    Questionable connections

    In 2018 Germany launches an investigation into Utimaco, a German IT security company. Already in 2011 reports emerged that Utimaco might have supplied equipment and technology to the Italian Area SpA, which developed a system for monitoring telephone and internet traffic for the Syrian regime.

    In January 2018 accusations of war crimes are made against top officials of the Syrian military intelligence, the Syrian Telecom and Utimaco by two Syrians, supported by the European Centre for Constitutional and Human Rights. The German prosecution added this accusation to their investigation into crimes in Syria. Utimaco and Fox-IT reached a partner agreement at the end of 2006, which made Fox-IT a reseller of Utimaco and its products (specifically their mobile security solutions).

    Fox-IT’s main partner, AGT, has also been called into question in recent years. According to an investigation of late 2016 by Privacy International (Open Season; Building Syria’s Surveillance State), AGT played a major part in the construction of the surveillance state in Syria.

    Research shows AGT was involved in supplying technology, which was used by the Syrian authorities to set up a system to monitor the internet. In Syria AGT collaborated with a number of other companies that are now being prosecuted, like Area SpA and Qosmos SA.

     

    Further investigation…?

     The truth about the involvement of western companies in the construction of the surveillance states of several Middle Eastern countries has been increasingly brought to light in recent years. Some companies are still facing prosecution, years after the fact, for supplying to repressive regimes, mainly Syria.

    Fox-IT was called into question in 2011, after the company had been linked to supplying repressive regimes in the Middle East. Then director Ronald Prins stated to Vrij Nederland in 2011 that Fox-IT had been ‘quite naive’ in its early years. The company was present at a surveillance fair in Iran in 2003 and the ISS World fair in Dubai in 2011, but Fox-IT didn‘t do any business with dictatorial regimes.

    Internal documents and research by Buro Jansen & Janssen shed new light on the activities of Fox-IT in the Gulf region. From 2006 onwards, the Middle East was an important market for the sale of the FoxReplay and the Fox DataDiode particularly. The Delft company gave workshops in the region during which it tried to sell its products to government bodies, the military and intelligence services of, for example, Syria, Egypt, Saudi Arabia and the United Arab Emirates.

    The company made a reseller agreement with the controversial company AGT. Fox-IT didn’t set any conditions as to which countries and clients its products would be allowed to be sold. In 2007 Fox-IT advised its partner company and intermediary AGT about evading the American trade embargo against Syria. In 2008 the company provided a training to the National Defence Council in Egypt during the dictatorship of Mubarak.  And in 2011 Fox-IT was involved in the establishment of the Forensic Lab, a surveillance project of the Saudi Home Office.

    So, it’s a bit of an understatement to call Fox-IT naive. In doing so Ronald Prins downplayed the company’s role in the Middle East. It wasn’t until 2015 that Fox-IT drafted an MVO (Socially Responsible Entrepreneurship) policy. The controversy surrounding the company apparently hadn’t been reason enough to directly draft an MVO policy. For a company with lots of pretentions, which is an important partner of the Dutch government, it’s remarkably late with implementing an MVO policy. It’s more than naive, it speaks of a lack of accountability.

    Former director Ronald Prins admits as much in an interview with House of Einstein. In this he says that Fox-IT “has made quite some progress”. According to Prins the company now has “lists of countries with which we do or don’t want to cooperate”. His remarks call into question past activities of Fox-IT in the Middle East.

    Meanwhile, in several countries companies are being sued for supplying to repressive regimes in the region. Further inquiry into the possible illegal trading of Fox-IT in the region is warranted.

     

    Buro Jansen & Janssen

     

     

    Justification

     

    This research is based on a large quantity of internal company documents and emails relating to the relationship between Fox-IT and its partner, the German company AGT (Advanced German Technology) in the period 2006-2012, which Buro Jansen & Janssen has received. The documents shed a new light on the involvement of western companies, among them Fox-IT, in the development of the surveillance state in several countries in the Middle East.  

    Previously, a report about Syria from Privacy International and articles by Netzpolitik were published based on this material. This research is part of a larger investigation by Buro Jansen & Janssen into the surveillance industry in the Middle East, among others, and the role of western companies like Hacking Team, Gamma Group, Kailax, Fox-IT and Coosto.

    In doing so we also looked at the relationship of these companies with the Dutch government, the use of equipment and programmes by government bodies and the legal consequences of this use and the relationship with these companies.

     

    AIVD Supervisor conducted business with Mubarak and Assad.

    (Summary)

    AIVD-toezichthouder deed zaken met Moebarak en Assad

    (Summary in Dutch)

    Fox-IT in het Midden-Oosten (Dutch original research)

    Documenten bij  het onderzoek Fox-IT in het Midden-Oosten

     

    AIVD-toezichthouder deed zaken met Moebarak en Assad

    (Dutch summary) (pdf)

    Fox-IT in het Midden-Oosten (Dutch)(pdf)

    Documenten bij het onderzoek Fox-IT in het Midden-Oosten (pdf)

    Het onderzoek Fox-IT in het Midden-Oosten (Dutch) (pdf)