How an American Sued the Ethiopian Government for Spyware Infection

An American citizen living in Maryland sued the Ethiopian government today for infecting his computer with secret spyware, wiretapping his private Skype calls, and monitoring his entire family's every use of the computer for a period of months. The Electronic Frontier Foundation (EFF) is representing the plaintiff in this case, who has asked the court to allow him to use the pseudonym Mr. Kidane – which he uses within the Ethiopian community – in order to protect the safety and wellbeing of his family both in the United States and in Ethiopia.

"We have clear evidence of a foreign government secretly infiltrating an American's computer in America, listening to his calls, and obtaining access to a wide swath of his private life," said EFF Staff Attorney Nate Cardozo. "The current Ethiopian government has a well-documented history of human rights violations against anyone it sees as political opponents. Here, it wiretapped a United States citizen on United States soil in an apparent attempt to obtain information about members of the Ethiopian diaspora who have been critical of their former government. U.S. laws protect Americans from this type of unauthorized electronic spying, regardless of who is responsible."

A forensic examination of Mr. Kidane's computer showed that the device had been infected when he opened a Microsoft Word document that contained hidden malware. The document had been an attachment to an email message sent by agents of the Ethiopian government and forwarded to Mr. Kidane. The spyware contained in the attachment was a program called FinSpy, a suite of surveillance software marketed exclusively to governments by the Gamma Group of Companies. In the several months FinSpy was on Mr. Kidane's computer, it recorded a vast array of activities conducted by users of the machine. Traces of the spyware inadvertently left on his computer show that information – including recordings of dozens of Skype phone calls – was surreptitiously sent to a secret control server located in Ethiopia and controlled by the Ethiopian government.

The infection appears to be part of a systematic program by the Ethiopian government to spy on perceived political opponents in the Ethiopian diaspora around the world. Reports from human rights agencies and news outlets have detailed Ethiopia's campaign of international espionage, aimed at jailing opposition and undermining dissent. But Ethiopia is not alone. CitizenLab – a group of researchers based at the University of Toronto, Canada – has found evidence that governments around the world use FinSpy and other technologies to spy on human rights and democracy advocates across the globe.

"The problem of governments violating the privacy of their political opponents through digital surveillance is not isolated – it's already big and growing bigger," said EFF Legal Director Cindy Cohn. "Yet despite the international intrigue and genuine danger involved in this lawsuit, at bottom it's a straightforward case. An American citizen was wiretapped at his home in Maryland, and he's asking for his day in court under longstanding American laws."

In the complaint filed in U.S. District Court in Washington, D.C., today, Mr. Kidane asks for a jury trial as well as damages for violations of the U.S. Wiretap Act and state privacy law. The Ethiopian Embassy in Washington received a courtesy copy of the lawsuit, and the District Court will formally serve the Ethiopian Foreign Ministry in Addis Ababa with copies of the papers in both English and Amharic.

Richard M. Martinez, Mahesha P. Subbaraman, and Samuel L. Walling of Robins, Kaplan, Miller & Ciresi L.L.P. are assisting EFF as co-counsel on this case.

Read the full complaint in Kidane v. Ethiopia here or read more about this case generally.

This post is reproduced under Creative Commons license from the Electronic Frontier Foundation.