LONDON (Reuters) - Rows over whether several emerging countries can effectively intercept BlackBerry smartphone messaging have turned attention to how state spy agencies access electronic communications.
For business users, the main question is not whether messages can be read but whether that information will then be used for commercial ends.
Unsurprisingly, nations almost invariably refuse to comment on how intelligence information is used.
Reuters has spoken to a range of industry analysts and former intelligence officers. Below is a summary of some of their views on how key states use electronic surveillance.
From the days of the Tsarist secret police, Russian security agencies have had a reputation for closely monitoring foreigners and their communications. Security experts say many hotel rooms are rigged with bugs and outside corporates should be extremely wary about what information they take into the country.
The Russian rollout of BlackBerry smartphone was delayed for two years while the FSB negotiated security access.
“In Russia, journalists are well aware that their e-mail is intercepted,” says Ian Bremmer, president of political risk consultancy Eurasia Group. “Given the amount of money involved, there will always be someone spying on foreign corporates. The (security service) FSB has the resources and it might as well use them. There’s not much that can be done other than to write e-mails knowing they could be stolen.”
Some oligarchs are seen as having particularly close security service links, and Russia has made it clear it sees some economic sectors -- particularly energy -- as strategic.
China heavily restricts use of some communications technologies and controls access to the Internet behind its “great firewall” in what analysts say is in part an attempt to stifle dissent and the spread of words, ideas and images anathema to the ruling Communist Party. China blocks multiple websites and some communications tools such as Skype.
In part due to its relative conventional military imbalance compared to the United States, China is seen as having put particular effort into building its cyber warfare capacity.
It has also been repeatedly suspected of cyber attacks on U.S. companies -- a factor in Google’s decision to withdraw from mainland China earlier this year.
Google did not say whether it believed China’s government was behind the hacker attacks that prompted its move. But a U.S. congressional advisory panel said in November 2009 China’s government appeared increasingly to be piercing U.S. government and defence industry networks to gather data for its military.
China has repeatedly denied the government sponsors hacking.
“The Chinese have the resources to put maybe 100 agents or resources on to a problem that MI6 or the CIA could only devote five or six to,” said former U.S. counterterrorism agent Fred Burton, now vice president for consultancy Stratfor. “They are particularly interested in targeting firms with emerging defence technologies, going after intellectual property. They will be looking to get projects at a very early stage of development.”
Many firms are closely tied to the state, but that closeness may not always translate to access to commercial intelligence.
“In China, I don’t think corporates should assume that everything they write is handed directly to their commercial rivals,” says Eurasia’s Bremmer.
“Not every Chinese company has the connections to the security officials who have that kind of electronic access.”
India last month became the latest country to prompt Canadian firm Research in Motion to give its security agencies access to encrypted BlackBerry smartphones. The move, part of a broader Indian electronic security crackdown, was triggered by the country’s concerns that highly-secure unmonitored and data communication could help militants in planning attacks.
Most analysts see the risks to Western corporates that commercially sensitive material could leak to their rivals as being much lower than in some other countries.
“I see India as fairly strongly tilting in the free market direction,” said Eurasia’s Bremmer. “It’s very hard to have state capitalism in a system that is already so diffuse and decentralized, even if it may be a temptation for Delhi as they start competing more directly with China.”
Saudi Arabia and the United Arab Emirates have their own disputes with Research in Motion over BlackBerry messaging, but have rolled back on threats to shut the service altogether.
In general, analysts say, the main priority of the Middle East and Gulf states when it comes to electronic surveillance is tackling militancy, political dissent and “immoral behaviour” rather than commercial espionage.
Gulf-based information security expert Ali Jahangeri says he believes one potential solution could involve having two separate BlackBerry systems, one for local users that could be easily monitored and a more secure system for high end international clients who value confidentiality.” In effect, they will set up multilayered security,” he said.
African security services are seen as relatively low-tech compared to their counterparts elsewhere, although Stratfor’s Burton warns Western corporates could face spying from other foreign intelligence services with good African partnerships.
That could put Western firms at a disadvantage compared to foreign rivals from countries such as China. Nigeria has so far said it has no plans to seek access to BlackBerry devices.
Experts say African countries spying on foreign companies tend to use more traditional methods such as tailing managers or buying information from drivers, cleaners and local staff.
Press freedom campaigners in South Africa have accused China of selling electronic surveillance equipment to several authoritarian African governments including Zimbabwe where they say it is used to target the press and human rights activists.
Most Western states have powerful spy agencies that can read most domestic traffic, and sometimes overseas messages as well. How this functions is controlled by legislation, although this varies and it is impossible to tell how tightly it is followed.
Intercept intelligence appears to be heavily exchanged between the main Anglo-Saxon powers -- Britain and the United States, and also Australia, Canada and New Zealand.
A 2010 book “The Secret State” by academic Peter Hennessy says 50 to 80 percent of intelligence discussed at Britain’s weekly joint intelligence committee briefing is of U.S. origin.
Continental European states often suspect Anglo-Saxon powers of spying for business ends. All European BlackBerry traffic goes through UK or Canadian servers and partly as a result many European governments are reluctant to use the system.
Most security experts believe Western powers occasionally use spy services for commercial ends but their main focus is on tackling militant threats and fighting economic crime.
Some security experts say they believe the greatest state threat Western corporates face even in their host countries is electronic infiltration from powers such as Russia and China.
“America’s real crown jewels are not our government secrets but our intellectual property,” writes former White House cyber security adviser Richard Clarke in a 2010 book “Cyber War.”
“China steals results for pennies... and then takes the results to market. The only real economic edge that the U.S. enjoyed ... is disappearing as a result of cyber espionage.”
Editing by William Maclean
Our Standards: The Thomson Reuters Trust Principles.