Court blocks American from suing Ethiopia for infecting his computer
Security

Court blocks American from suing Ethiopia for infecting his computer

An appeals court has barred an Ethiopian-born U.S. citizen from filing a civil suit against the African country, which allegedly infected his computer with spyware and monitored his communications.

The U.S. Court of Appeals for the District of Columbia Circuit ruled Tuesday that foreign states are immune from suit in a U.S. court unless an exception to the Foreign Sovereign Immunities Act (FSIA) applies.

The person, who is referred to in court documents by the pseudonym Kidane, was born in Ethiopia and lived there for 30 years before seeking asylum in the U.S. He lives in Maryland.

The court declined the exception claimed by Kidane, stating that it would abrogate Ethiopia's immunity only if the “tort” or wrongful act occurred entirely in the U.S. "Kidane, by contrast, alleges a transnational tort," the court said. Ethiopia's placement of the spyware on Kidane's computer, although completed in the U.S. when he opened an infected email attachment, began outside the U.S., it added.

The ruling could have far-reaching consequences as it would in effect deprive U.S. citizens of legal remedy if foreign states decide to hack their devices remotely, as long as the condition that most of the tort was done abroad is met.

The Electronic Frontier Foundation, which is representing Kidane in the case, said Tuesday that the appeals court had held “that foreign governments are free to spy on, injure, or even kill Americans in their own homes--so long as they do so by remote control.”

In late 2012 or early 2013 Kidane's family home computer was allegedly infected by sophisticated spyware, called FinSpy, that was delivered through an attachment to an email that was forwarded to him.

Once his computer had been attacked by the spyware his keystrokes and Skype calls was allegedly captured and then sent to a server controlled by the Ethiopian government, according to the EFF.

The role of FinSpy as a surveillance tool for intelligence and law enforcement agencies has been documented by researchers at the Citizen Lab at the University of Toronto's Munk School of Global Affairs, who listed a number of command and control servers linked to FinSpy, including one in Ethiopia.

The Federal Democratic Republic of Ethiopia had asked the appeals court to uphold a previous order of the District Court for the District of Columbia, stating that U.S. courts lack subject-matter jurisdiction in the case, as the exception to the FSIA did not apply because all of the tort did not occur in the U.S.

“Here, the tortious intent was allegedly formulated in Ethiopia and the tortious acts allegedly took place in Ethiopia," according to a filing by a lawyer for the country.

"The actors who committed the alleged tort, according to Appellant, were operating in Ethiopia, the computer servers were located in Ethiopia, the spyware was maintained in Ethiopia, the commands came from Ethiopia, and, while there is no allegation that Ethiopia ever viewed Appellant’s materials, that viewing would have occurred, if ever, in Ethiopia,” it added.

EFF said it is evaluating its options to challenge the ruling.

IDG Insider

PREVIOUS ARTICLE

«Spy agency, DOE, see China nearing supercomputing leadership

NEXT ARTICLE

Wind River uses virtualization to turn M2M into IoT»

Add Your Comment

Most Recent Comments

Our Case Studies

IDG Connect delivers full creative solutions to meet all your demand generatlon needs. These cover the full scope of options, from customized content and lead delivery through to fully integrated campaigns.

images

Our Marketing Research

Our in-house analyst and editorial team create a range of insights for the global marketing community. These look at IT buying preferences, the latest soclal media trends and other zeitgeist topics.

images

Poll

Should we donate our health data the same way we donate organs?