What is Blue Coat?
Who Else is in the Club?
In 2012, the Pakistani government kicked a cyber hornet’s nest when it put out the following RFP:
Pakistani ISPs and backbone providers have expressed their inability to block millions of undesirable websites using current manual blocking systems, [and as a result] a national URL filtering and blocking system is therefore required to be deployed at national IP backbone [sic] of the country.
The request revealed the role of US companies in assisting cyber censorship. The Global Network Initiative, an internet freedom organization that counts Microsoft, Google, and Yahoo as members called for a boycott of the project and major vendors Sandvine, Cisco, Verizon, Websense, McAfee and BlueCoat complied and the Pakistani government abandoned the project.
See ‘Dark trade’ in Web-censoring tools exposed by Pakistan plan CNet; Pakistan backs away from proposed censorship system, Ars Technica.
The Citizen Lab Study
- Blue Coat Devices capable of filtering, censorship, and surveillance are being used around the world. During several weeks of scanning and validation that ended in January 2013, we uncovered 61 Blue Coat ProxySG devices and 316 Blue Coat PacketShaper appliances, devices with specific functionality permitting filtering, censorship, and surveillance.
- 61 of these Blue Coat appliances are on public or government networks in countries with a history of concerns over human rights, surveillance, and censorship (11 ProxySG and 50 PacketShaper appliances). We found these appliances in the following locations:
Blue Coat ProxySG: Egypt, Kuwait, Qatar, Saudi Arabia, the UAE.
PacketShaper: Afghanistan, Bahrain, China, India, Indonesia, Iraq, Kenya, Kuwait, Lebanon, Malaysia, Nigeria, Qatar, Russia, Saudi Arabia, South Korea, Singapore, Thailand, Turkey, and Venezuela.
Our findings support the need for national and international scrutiny of Blue Coat implementations in the countries we have identified, and a closer look at the global proliferation of “dual-use” information and communication technologies. Internet service providers responsible for these deployments should consider publicly clarifying their function, and we hope Blue Coat will take this report as an opportunity to explain their due diligence process to ensure that their devices are not used in ways that violate human rights.
In September 2011, the European Parliament passed a resolution to prohibit authorization of the export of telecommunications technologies to certain specified countries if they are used “in connection with a violation of human rights, democratic principles or freedom of speech (…) by using interception technologies and digital data transfer devices for monitoring mobile phones and text messages and targeted surveillance of Internet use.”
In October 2012, the European Parliament expanded upon its earlier effort, approving proposals put forward by Dutch Member of Parliament Marietje Schaake that would require authorization for any sale of dual-use technologies designated by European authorities as violative of human rights, democratic principles, or freedom of speech.
Finally, the European Parliament passed a resolution in December 2012 on a “Digital Freedom Strategy,” which, inter alia, called for “a ban on exports of repressive technologies and services to authoritarian regimes” and establishment of a list of countries to which exports of “single-use” technologies (those that inherently threaten human rights) should be banned.