Several human rights groups in Uganda have asked the Defense Ministry to stop selling a phone hacking tool made by an Israeli company, Cellebrite. They noted it could be used for rights abuses.
According to a report by Haaretz, the company Cellebrite has sold its tool, known as the UFED, to the police and security agencies in Uganda. It allows them to access a phone’s password-protected data.
The human rights groups sent a letter to the Defense Ministry asking it to stop selling the tool. Among the letter’s signatories was Eitay Mack, an Israeli lawyer known for fighting against human rights violations.
The groups noted that the sale of the tool to Uganda must not be allowed due to the country’s long history of human rights violations. The rights group also addressed the Defense Export Control Agency of the Ministry of Defense, which reviews and approves the sale of security technology.
Uganda accounts for the second youngest populous in the world. Eitay Mack noted that the Museveni regime has taken control of every aspect of its citizens and went even as far as infiltrating human rights, chipping the residents out of the International human rights law (IHRL).
In this impoverished land, selling UFED by Cellebrite has been something that human rights groups have frowned upon. Though Uganda has been deprived of any fundamental human rights by police, even the human rights prescribed by the United Nations General Assembly, Cellebrite denied the technology’s misuse. It said that the technology has been handled with deliberation and only supported its products’ ethical use, while Mack’s investigation contradicted the security company’s statements.
How is UFED being misused in Uganda?
According to Eitay Mack, Cellebrite’s flagship product, “UFED,” enables users to hack into “password-protected devices” and fetches and stores the data.
In one of his investigations, Mack claimed that the Uganda Police Force has been using UFED to hack into smartphones since 2017, and a local Ugandan company backed the claim that it supplies the UFED system to police. It has been being used to extort information from smartphones.
In the letter sent by Eitay Mack to Israel’s Defense Ministry and Cellebrite, Mack mentioned that local human rights activists call for ceasing Cellebrite and its services in the nation.
Within the same letter, the local supplier also revealed how Uganda Police Force uses Cellebrite products to extract information from the detainee cloud services. It said that the police use FED-Cloud Analyzer, which fetches the users’ data on cloud storage services like Google Drive, Dropbox, Apple iCloud, and more. Moreover, the technology can retrieve the information using remote access without typing any password.
However, Cellebrite publications also denied the use of remote access unless the suspect provided a phone password.
Criminals are now using UFED in Uganda
Contrary to Cellebrite statements about the technology used by police to fight crime and terrorism, journalists have pointed out that the company’s clients have previously included repressive regimes in countries like Russia, China, Bangladesh, and more.
Additionally, Eitay Mack denoted that the technology was not limited to police and authorities because hacktivists have been using it to repress human rights activists, LGBTQ communities, and minority groups in Uganda.
The letter also listed conspired murders, illegal abduction by the police, and torture reports of these groups.
Additionally, international workers have also experienced hacking instances while working in Uganda. According to a report by 9to5Mac, the Israel-based NSO Group’s Pegasus spyware targeted nine smartphones for the US Department of State workers serving in Uganda.
A Human Rights Watch also noted that over 400 cases of “snatching,” arbitrary arrests, and abduction had been performed by Uganda Police Force.
While interviewing the victims of atrocities, the NGO noted that their smartphones were also confiscated during the arrest. However, arrested individuals, such as lawyers and students, refused to open their smartphones on the grounds of illegal arrests. Following this, the law enforcement officers hacked and unlocked smartphones using Cellebrite’s UFED to steal crucial data.
However, despite the evidence, Cellebrite has responded against the use of UFED in criminal activities and stated that its only mission is “creating a safer world through providing solutions to law enforcement organizations,” adding that they have developed to ensure the “proper use of our technology in the context of investigations carried out under the law.”
