As senators and U.S. tech companies scream their fears of Chinese spyware (TikTok) and state-funded telecoms (Huawei) from the rooftops, the U.S. is being called to face up to its own penchant for planetary surveillance. Announced Sunday, a Swiss government agency has filed a criminal complaint against U.S. and German intelligence entities for pushing spyware on over 120 other countries. This follows a joint investigation by the Washington Post, German public broadcaster ZDF, and Swiss broadcaster SRF, which revealed that the CIA and the German intelligence agency BDN had been selling encryption devices through a Swiss company Crypto AG for half a century, with “rigged systems” for less friendly countries.
Based on the outlets’ review of classified documents which describe the operation without remorse (even, glee at its success), the Crypto AG story goes back to a deal struck in the 1950s between U.S. intelligence and a Switzerland-based inventor who’d lived in the U.S. and made simple code-typing boxes for the U.S. military during World War II. The CIA bolstered the growing company with cash investments to ensure that it secured contracts with other countries. In the sixties, the NSA swooped in with electronic technology, and eventually, U.S. intelligence commandeered the company’s encryption algorithms, which some employees found easy to crack. The West German intelligence agency BDN caught wind of the arrangement, and in 1970, the CIA and the BND bought the company outright with the help of a law firm to hide the transaction. The mission was cemented as “Operation Thesaurus,” and then, “Rubicon.” Crypto AG would finally cede to the widespread availability of encryption software in the aughts; the company dissolved in 2018, and two new companies split its assets. (Which were purchased, likely, for up to $70 million from the CIA.)
Over the years, the investigation found, the company (aided by Siemens and Motorola) “always made at least two versions of its products — secure models that would be sold to friendly governments, and rigged systems for the rest of the world.” In the 1980s, Crypto AG’s biggest customers were reportedly Saudi Arabia, Iran, Italy, Indonesia, Iraq, Libya, Jordan and South Korea. Just a handful of instances listed include the CIA spying on Egyptian President Anwar Sadat during peace negotiations with Jimmy Carter, sharing communications from Argentina to Britain during the war over the Falkland Islands, and intercepting Iranian communications during their war with Iraq in the 1980s. The CIA’s fervor for surveilling even its allies appears to have repelled the Germans, who sold their shares to the CIA in 1993. The report notes that it’s likely that the U.S. shared intelligence with the other “Five Eyes” member nations–the UK, Canada, Australia, and New Zealand.
Reuters reports that Swiss Attorney General’s office announced on Sunday that the State Secretariat for Economic Affairs (SECO) filed the criminal complaint against “persons unknown” for potentially violating export control law. The statement adds that the AG’s office has yet to decide whether to open criminal proceedings. Reuters reports that an investigation has been assigned to a former Swiss Supreme Court justice, who is expected to produce the findings in June. The Swiss have reportedly been clamoring for a parliamentary probe into their own officials’ involvement.
As for Operation Rubicon, it’s called “AT&T” now.