The Trusted Internet: Who governs who gets to buy spyware from surveillance software companies?

https://www.f-secure.com/weblog/archives/00002818.html

The Trusted Internet: Who governs who gets to buy spyware from
surveillance software companies? Posted by FSLabs @ 02:31 GMT

When hackers get hacked, that's when secrets are uncovered. On July 5th,
Italian-based surveillance technology company Hacking Team was hacked.
The hackers released a 400GB torrent file with internal documents,
source code, and emails to the public - including the company's client
list of close to 60 customers.

The list included countries such as Sudan, Kazakhstan and Saudi Arabia -
despite official company denials of doing business with oppressive
regimes. The leaked documents strongly implied that in the South-East
Asian region, government agencies from Singapore, Thailand and Malaysia
had purchased their most advanced spyware, referred to as a Remote
Control System (RCS).

According to security researchers Citizen Lab, this spyware is
extraordinarily intrusive, with the ability to turn on microphone and
cameras on mobile devices, intercept Skype and instant messages, and use
an anonymizer network of proxy servers to prevent harvested information
from being traced back to the command and control servers.

Based on images of the client list posted to pastebin the software was
purchased in Malaysia by the Malaysia Anti-Corruption Commission (MACC),
Malaysia Intelligence (MI) and the Prime Minister's Office (PMO):