Hacking Team, a company based in Milan has been making headlines lately due to its product: RCS (Remote Control System). RCS is a piece of software which is capable of logging passwords, recording internet communication (e-mail, VOIP, and instant messaging), using a PC’s webcam to take pictures, and transmitting locally stored files. RCS is, by even the most conservative definitions, spyware. What makes RCS particularly interesting is that it is sold in the open, rather than on the black market like most malware. Additionally, it is marketed specifically to governments around the world – specifically governments known for suppressing free speech. There isn’t a whole lot of information available on what RCS users are specifically using the software for, but The Citizen Lab recently linked RCS to an incident where it was being used to spy on Ethiopian journalists.
This raises some obvious ethical questions about Hacking Team’s business model. Is it ethical to sell intrusive software like this? Hacking Team defends itself by claiming that the tool is made to be used for crime-fighting and anti-terrorism. The company also notes that it only sells directly to clients, and that all clients are reviewed by a board of engineers and lawyers who can veto a sale if it appears it will be used in human rights abuses.