NCA Bahrain Hacking
Privacy International filed a complaint urging the National Crime Agency to investigate the facilitation of surveillance of Bahraini activists by Gamma International UK
On 13 October 2014, Privacy International made a criminal complaint to the National Cyber Crime Unit of the National Crime Agency, urging the immediate investigation of the unlawful surveillance of three Bahraini activists living in the UK by Bahraini authorities using the intrusive malware FinFisher supplied by British company Gamma International UK.
Moosa Abd-Ali Ali, Jaafar Al Hasabi and Saeed Al-Shehabi, three pro-democracy Bahraini activists who were granted asylum in the UK, withstood years of harassment and imprisonment, and were subjected to torture at the hands of the Bahraini government.
Investigation and analysis by human rights group Bahrain Watch showed that while Moosa, Jaafar, and Saeed were residing in the UK, Bahraini authorities targeted the activists and had their computers infected with the surveillance Trojan FinFisher. These findings were published after a number of internal Gamma documents were leaked revealing that Gamma was both aware of, and actively facilitating, the Bahraini regime’s surveillance of targets located outside Bahrain through the provision of intrusion technology called FinFisher to the Bahraini authorities.
The complaint argued that the actions of the Bahraini authorities qualified as an unlawful interception of communications under section 1 of the UK’s Regulation of Investigatory Powers Act 2000. By selling and assisting Bahraini authorities, the complaint argued that Gamma was liable as an accessory under the Accessories and Abettors Act 1861 and/or encouraged and assisted the offence under the Serious Crime Act 2007.