A Swedish firm that supplies law enforcement and government agencies with technology to extract data from mobile phones said it has pulled its business from Hong Kong.
The decision by Stockholm-based Micro Systemation AB came after a White House executive order on July 14 stripped Hong Kong of its special trading status, said Mike Dickinson, deputy executive officer. That status had granted Hong Kong more favorable treatment than China.
Dickinson said in an email that his company, known as MSAB, would no longer “supply solutions” to the Cyber Security and Technology Crime Bureau of the Hong Kong Police Force, nor any other government agencies in the territory. He said the executive order “impacts our U.S. legal entity and presence in the U.S.A.”
MSAB had pulled its business from China earlier in 2020 due to changes in “regulatory regimes and restrictions” related to export control laws, Dickinson said. “Having reviewed how this could impact our business operations in the region, we have decided to make the strategic decision to cease all business operations in Hong Kong and China,” he said.
The company’s website shows that it opened a new office in China in 2013, which yielded a “huge order” for its data extraction product from the Chinese government. In addition, its technology was used by Hong Kong authorities to examine the phone contents of pro-democracy activist Joshua Wong after he was arrested in October last year, according to a police report submitted to Wong during court proceedings earlier this year.
MSAB was in line for additional business from the Hong Kong government, according to a leaked proposal from July, as a new national security law took effect. The legislation led to a tightening of personal liberties, a wave of arrests and continued protests over the crackdown. The U.S. imposed sanctions against 11 Chinese officials and their allies in Hong Kong, including Chief Executive Carrie Lam, for their alleged roles in curtailing political freedoms.
The police declined to comment on MSAB’s decision to cease doing business with Hong Kong.
Law enforcement and the technology companies said technology to hack into mobile phones is necessary to track the communications of potentially dangerous criminals and thwart drug, sex or child traffickers. But similar technology has also been used by authoritarian regimes against political dissidents, journalists and other potential adversaries — a growing worry in Hong Kong as Beijing expands its presence and lays down markers for behavior it will no longer tolerate from protesters.
“While surveillance technology may originally be designed and deployed to catch legitimate threats, the risk to private citizens comes into effect when these technologies are used to fulfill political agendas and personal grudges,” said Alexander Heid, the chief research and development officer at cybersecurity rating company SecurityScorecard.
Another firm whose technology was identified in the Joshua Wong case as being used by Hong Kong authorities, Israel-based Cellebrite, is facing its own kind of pressure.
Eitay Mack, an Israeli human rights lawyer, filed a court petition with an Israeli district court to halt the company’s exports to Hong Kong. “Because of the change in 2020, especially the new national security law, we cannot talk anymore about an independent court or law enforcement in Hong Kong,” Mack said. “Unfortunately,” he wrote in an appeal to Israeli government ministries, “the services that Cellebrite has previously provided to the Hong Kong police are no longer legitimate and legal.”
Cellebrite didn’t comment on whether it supplies Hong Kong police with its technology, nor would it comment directly on Mack’s legal petition.
“Cellebrite has strong licensing policies in place that govern how our technology may be utilized,” said Olga Shmuklyer, a spokesperson for the firm. “Additionally, we leverage leading compliance solutions to safeguard from transacting with restricted and denied parties worldwide.”
MSAB and Cellebrite were among eight firms identified in the recently leaked proposal whose technology was sought by the Cyber Security and Technology Crime Bureau. The proposal was dated July 15, two weeks after sweeping national security legislation was enacted that has vastly increased Beijing’s control of its semi-autonomous territory.
News of the proposal was reported by Hong Kong media outlets. HK01, an online news portal, reported on July 25 that the cyber bureau sought to purchase technology to search for evidence on mobile phones and other electronic devices. Besides MSAB and Cellebrite, the tender also sought technology from Germany-based X-Ways Software Technology AG, U.S.-based Agile Risk Management LLC, which is known as F-Response, U.K.-based Blackrainbow Ltd., Canada-based Magnet Forensics Inc. and the Chinese firm XLY Salvationdata Technology Inc., according to the report.
All of the firms declined to comment on the proposal. Only MSAB and Salvationdata said they have worked with Hong Kong authorities.
A spokesperson for the police department declined to comment on the proposal. The government agency procured technology according to established procedures and wouldn’t provide details “due to operational considerations,” the spokesperson said.
The national security law, which was enacted on June 30, gives police the kinds of powers that are the norm in China but have deeply unsettled citizens in Hong Kong who are used to the types of freedoms normally associated with Western democracies.
Already, more than 20 people have been arrested under the new legislation, including Tony Chung, a 19-year-old activist accused of posting a pro-independence message on Facebook, and media tycoon Jimmy Lai. His Apple Daily newsroom was searched by dozens of police officers who confiscated documents and other materials.
— With assistance by Ina Zhou, and Blake Schmidt