An Ethiopian-born American citizen sued the Ethiopian government on Tuesday for installing secret spyware on his personal computer within U.S. borders.
The plaintiff -- referred to in the lawsuit by the pseudonym “Mr. Kidane” -- claimed that the spyware wiretapped his private Skype calls and monitored his family’s every use of the computer for several months. Kidane said the spying violates the U.S. Wiretap Act and state privacy laws, and he is seeking a jury trial and damages.
“We have clear evidence of a foreign government secretly infiltrating an American’s computer in America, listening to his calls, and obtaining access to a wide swath of his private life,” said Nate Cardozo, a staff attorney for the Electronic Frontier Foundation (a nonprofit that is representing Kidane), on the EFF’s website. Cardozo also referred to Ethiopia’s “well-documented history of human rights violations” and hinted that Kidane had been, in some capacity, critical of Ethiopia’s government.
“U.S. laws protect Americans from this type of unauthorized electronic spying, regardless of who is responsible,” Cardozo said.
In a motion to proceed with the case using a pseudonym, Kidane revealed that he provides technical and administrative support to other Ethiopians, some of whom protest the government in Ethiopia. In his work, he uses the name Kidane as well, and apparently not even the closest members of his immediate family know about his work. Kidane believes that his family in the U.S. and abroad “would face the threat of harmful retaliation from members of the Ethiopian government” if his identity was revealed.
Kidane believes that the malware was hidden in a Microsoft Word document that was attached to an email sent by agents of the Ethiopian government.
The malware was FinSpy, a spy program developed by Gamma International and sold almost exclusively to governments. FinSpy is capable of taking screenshots, recording chat conversations, logging keystrokes and even hijacking a computer’s webcam and microphone.
A May report found that 36 governments used FinSpy to monitors citizens, often by tricking users into thinking it was the Mozilla Firefox Web browser (Mozilla even sent a cease-and-desist letter to Gamma for illegally using the Mozilla brand).
FinSpy was remotely uninstalled from Kidane’s computer, but left traces of the software behind. An analysis of these traces revealed that information such as recording of Skype calls were secretly transmitted to a control server in Ethiopia that the Ethiopian government controls.
In the lawsuit, the EFF also claimed that the Ethiopian government recorded emails and Internet search history, including research done by Kidane’s son for a ninth-grade history class assignment on the history of sports medicine. FinSpy operated on Kidane’s computer for at least four and half months.
The EFF claimed that the malware infection is part of a systemic program by the Ethiopian government to spy on political opponents. The most prominent opposition party in Ethiopia claims that they are regularly harassed and abused by the government.
Cardozo told the International Business Times that Ethiopia has malware to spy on U.S. citizens many times before, but this is the first time they have been caught red-handed.
“This lawsuit sets out to prove that illegal spying is illegal, no matter who does it,” Cardozo told IBTimes.”If it’s illegal for your next-door neighbor, it’s illegal for the Ethiopian government to do it as well.”
The Ethiopian Embassy in Washington, D.C., has received a copy of the lawsuit, but told IBTimes that no one was available to comment on the lawsuit at this time. This story will be updated with more information when it becomes available.