Think tank presses Blue Coat over censorship concerns

Blue Coat, which makes software and appliances that monitor and restrict web traffic, has been criticized before
  • Jeremy Kirk (IDG News Service)
  • — 16 January, 2013 06:09

A Canadian think tank called on Tuesday for continued scrutiny of U.S. security vendor Blue Coat Systems after a new technical analysis showed wide use of its products in countries with human rights and censorship concerns.

The Citizen Lab, based at the Munk School of Global Affairs at the University of Toronto, published a report that showed Blue Coat technology widely deployed at key choke points in telecommunication systems.

The report was the result of several weeks of technical analysis that ended earlier this month and focused on two Blue Coat products: ProxySG and PacketShaper. Citizen Lab said those products have specific functions for surveillance, filtering, and censorship.

It found ProxySG in use by Egypt, Kuwait, Qatar, Saudi Arabia and the UAE. Blue Coat's PacketShaper product is used in Afghanistan, Bahrain, China, India, Indonesia, Iraq, Kenya, Kuwait, Lebanon, Malaysia, Nigeria, Qatar, Russia, Saudi Arabia, South Korea, Singapore, Thailand, Turkey, and Venezuela, the report said.

"We hope Blue Coat will take this report as an opportunity to explain their due diligence process to ensure that their devices are not used in ways that violate human rights," the Citizen Lab said in its report.

Blue Coat officials could not immediately be reached. The company admitted in late 2011 that some of its web-filtering products ended up in Syria despite a U.S. embargo. After an investigation, Blue Coat said the shipment of products in question was destined for Dubai and then onto Iraq.

Blue Coat is just one of a handful of companies who make similar software, including McAfee, Cisco, Websense, and Zscaler, the report said. Those companies' products have a "dual-use" nature that demands oversight to ensure against human rights abuses, Citizen Lab said.

"Such an approach requires an understanding of the likely end use of the technology in any given scenario, as well as carefully crafted legal and regulatory language," the report said.

Citizen Lab also advocated that companies could do their own human rights impact assessments into how their products may potentially be used.

The report said Blue Coat included in its marketing materials a case study involving King Abdulaziz City for Science and Technology (KACST), Saudi Arabia's science agency which is also responsible for filtering web sites deemed offensive.

"It appears Blue Coat Systems may not have fully appreciated or addressed the ramifications of such deployment of its technology, given its inclusion in marketing materials of KACST as a client 'success story,''' the report said.

In contrast, Citizen Lab said that one of Blue Coat's competitors, Websense, joined the Global Network Initiative, a group the encourages ethical decision-making amongst IT companies.

"The more companies take proactive measures to prevent complicity in human rights abuses, the more normalization of corporate social responsibility will take place within the industry," the report said.

Send news tips and comments to jeremy_kirk@idg.com. Follow me on Twitter: @jeremy_kirk

Tags: Citizen Lab, security, blue coat, Munk School of Global Affairs

Review: File Recovery Tools

READ THIS ARTICLE
DO NOT SHOW THIS BOX AGAIN [ x ]
Comments are now closed.
CSO Corporate Partners
  • Webroot
  • Trend Micro
  • NetIQ
rhs_login_lockGet exclusive access to CSO, invitation only events, reports & analysis.
CSO Directory

Endpoint Management Solutions

Endpoint Security Management

Latest Jobs
Security Awareness Tip

Incident handling is a vast topic, but here are a few tips for you to consider in your incident response. I hope you never have to use them, but the odds are at some point you will and I hope being ready saves you pain (or your job!).


  1. Have an incident response plan.

  2. Pre-define your incident response team 

  3. Define your approach: watch and learn or contain and recover.

  4. Pre-distribute call cards.

  5. Forensic and incident response data capture.

  6. Get your users on-side.

  7. Know how to report crimes and engage law enforcement. 

  8. Practice makes perfect.

For the full breakdown on this article

Security ABC Guides

Warning: Tips for secure mobile holiday shopping

I’m dating myself, but I remember when holiday shopping involved pouring through ads in the Sunday paper, placing actual phone calls from tethered land lines to research product stock and availability, and actually driving places to pick things up. Now, holiday shoppers can do all of that from a smartphone or tablet in a few seconds, but there are some security pitfalls to be aware of.