Inaction of Erdoğan’s political rival on hacking scandal unmasks cowed opposition in Turkey

Abdullah Bozkurt/Stockholm

The mysterious inaction of the main opposition party in Turkey in the face of scandalous revelations that the government used spy software bought from Germany to hack into opposition communications suggests it may very well have been cowed into silence over fears of an embarrassing exposé by the Turkish intelligence agency.

In March 2022 German-based tech company FinFisher GmbH, part of the Gamma Group, was dissolved after it became the subject of a criminal investigation by German authorities for illegally selling hacking software to oppressive regimes abroad including Turkey.

Although the scandal concerning the company’s illicit activities with respect to surveillance of the opposition in Turkey broke in 2018, to the surprise of many the main opposition Republican People’s Party (CHP) shied away from raising the issue publicly and decided to ignore the Turkish intelligence agency’s illegal penetration of the phones of party members and supporters.

Perhaps a legal challenge and litigation in Turkish courts against a government entity would be mission impossible and doomed to failure from the start, given the fact that the judiciary is under the control of the government of President Recep Tayyip Erdoğan.

Nevertheless, a lawsuit could have helped push the issue into the public eye. What is more, the CHP can utilize other channels available to the opposition in to raise the scandal in public debate. But, interestingly enough, it did not.

The scandal was never brought to parliament’s agenda either on the floor, where the opposition lawmakers have the platform to speak freely, or in the committees or with the Speaker’s Office, where they can submit written and oral questions. Under Turkish law, the government is obligated to respond to parliamentary questions within two weeks.

Instead, CHP leader Kemal Kılıçdaroğlu decided to touch on the issue only briefly in his party group’s meeting on May 15, 2018, asking Erdoğan for an explanation and threatening the German, not Turkish, government with a lawsuit. He said he had nothing to hide. However, no action followed the CHP leader’s remarks and the opposition quickly let the issue fade away from public debate.

For some observers of Turkish politics, the inaction on the part of the CHP can only be explained by the enormous leverage the Erdoğan government has over the opposition. Perhaps the CHP is worried that the government may leak embarrassing exposés of its members’ personal and private affairs and did not want to pursue the hacking case.

Company brochure promoting Finspy hacking software:

The spying on the opposition with the help of Finfisher software, known as Finspy, was well documented in a detailed investigative report prepared by digital rights advocacy group Access Now in May 2018. The report explained how Turkish authorities exploited the hacking software to obtain information from the opposition during the March for Justice organized by the CHP in the summer of 2017.

The march from Ankara to Istanbul was a protest by the opposition to raise awareness of the massive human rights violations that landed tens of thousands in jail including CHP lawmakers on fabricated charges brought by the government. The tipping point for the CHP was the imprisonment of Enis Berberoğlu, a lawmaker who was sentenced to 25 years in prison on June 14, 2017 for leaking information for a report on National Intelligence Organization (MIT) trucks transporting illegal weapons to jihadists in Syria.

According to the Access Now report, Turkish authorities planted Finspy software on the smartphones of unsuspecting opponents who were directed to visit a website purportedly set up to inform participants and followers of the march. A number of fake Twitter accounts, made to appear to be those of genuine CHP members and supporters, were used to encourage visitors to go the website and inadvertently download the hacking app on their phones.

The app allowed Turkish officials to gain real-time access to the smartphone owners’ contacts, photos and videos. It was aggressively advertised during the march, which took place between June 15 and July 9, 2018 and drew thousands of people.

It appears the spy software was illegally sold to Turkey in 2016 as the German government confirmed it had not issued any export licenses for the firm since October 2014. Although the now-dissolved company previously claimed it only sold to government entities for investigating terrorism and crime-related surveillance, the use of the app by oppressive governments like the one in Turkey shows it targeted the legitimate opposition and peaceful activity.

The fake and malicious website planted with hacking software was apparently created by MIT, which resorts to such tactics to collect information on unsuspecting people in Turkey and abroad. It fits the modus operandi of MIT, not law enforcement. Nordic Monitor previously published confidential documents showing how MIT created a fake news media company and set up a website to lure people and spy on Turks and foreigners using purportedly journalistic activity.

It had not yet been revealed to which government entity or private contractor in Turkey the FinFisher app was sold and at what price. One operative named Cihan Ekşioğlu, who is close to the Erdoğan government and works with MIT, emerged as the person who could deliver spyware to the intelligence agency. Ekşioğlu publicly said he was involved in the business of dealing in surveillance and hacking software and sold such capabilities to government entities in Turkey.

It is certainly no coincidence that the son of MIT chief Hakan Fidan works for Ekşioğlu or that the two were making millions of dollars by selling technology they imported from abroad to Turkish intelligence at exorbitantly high prices. In fact mobster Sedat Peker, a former ally of President Erdoğan and close friend of  Ekşioğlu, claimed in a YouTube video that Ekşioğlu sold a social media spyware program he bought from Israel for $3 million to the Turkish government for $50 million.

In fact Ekşioğlu himself admitted to selling spy software to Turkish intelligence in an interview he gave to the Klass magazine on June 30, 2017, confirming that the software helped Turkish authorities to monitor WhatsApp communications and users of social media accounts such as on Twitter and to analyze the data. The government combines the software with its access to the communications infrastructure in Turkey to track people, he said.

Excerpts from Cihan Ekşioğlu’s 2017 interview:

Although he denied using the spy software for his business interests in the interview, there are credible allegations that Ekşioğlu used hacking software for his personal gain as well. He reportedly hacked into social media accounts of Turkish businesswoman Songül Bayram, his ex-girlfriend whom he blackmailed with a threat to leak intimate photos and videos, turning her life into hell, to take over two companies, which ultimately he succeeded in doing. Bayram filed lawsuits to challenge the takeovers she had initially agreed to under threat and blackmail.

It is not yet known how much Turkish authorities paid for the FinFisher spyware. Leaked company documents from 2014 indicated Finfisher billed the client for a complete package for a little over 3 million euros with a mark-up price for a reseller. Peker’s allegations are corroborated if it was Ekşioğlu who purchased the spyware and turned around and sold it to MIT for a huge profit.

FinFisher’s Price list according to leaked 2014 documents: 

There is also another angle to the use of spyware in Turkey. The Access Now report profiled a Twitter user who promoted the malware and malicious website and found it was created three months before the justice march and catered to a different clientele before the march took place. The user was reaching out to sex workers who offer escort services in Turkey and asking them to use direct messaging for a chat. That behavior fits MIT’s methods in luring sex workers to spy on their clients and pass information to the agency.

MIT had used sex tapes to help change the leadership in the main opposition before and to help Erdoğan batter the opposition. A video clip of Deniz Baykal, the then-chairman of the CHP, in flagrante delicto, posted online on May 10, 2010, sent shockwaves across the Turkish left, ahead of the CHP’s convention slated for May 22. The leak of the video took place after Fidan was appointed by Erdoğan as head of the spy agency.

At the time the CHP leader Baykal was hoping to go to the next party congress without any rivals. The video had, however, spoiled Baykal’s plans as he had to resign immediately, calling it a conspiracy and a political plot by the government and putting the blame for the emergence of the scandalous video clip on Erdoğan’s ruling party.

Kılıçdaroğlu succeeded Baykal as party leader. Under normal circumstances, it would be nearly impossible for Kılıçdaroğlu to successfully challenge Baykal’s leadership because of a strict leader-controlled party structure in most political parties in Turkey. He owes his current leadership to the video leak and perhaps feels gratitude to Erdoğan. Kılıçdaroğlu had lost all elections after taking over the CHP chairmanship in 2010 but no in-party challenge has managed to oust him from party leadership.

Baykal’s lawyers tried to get the video banned and access to it on the Internet blocked but said they had received little to no help from the Erdoğan government. The video was accessible online for days before the government stepped in to cut access. The video were first uploaded on to metacafe.com and after a short period of time, the pro-Erdoğan Islamist Akit daily announced the existence of the video on its website

What is more, the Sabah daily, owned by Erdoğan’s family and known to be publishing stories passed by MIT, ran a headline story revealing the details of the apartment used by Baykal for the extramarital affair that was secretly recorded. The exclusive story, oddly lacking a byline, was apparently leaked by Erdoğan’s office and provided hitherto unknown details of the venue, how the secret camera was installed in an electrical outlet and how the affair was conducted. The publication of the story further implicated Erdoğan and his associates. The story was mysteriously deleted from Sabah’s online archive few years later in a move that was interpreted as a bid on the part of Erdoğan to cover his tracks.

Perhaps more evidence will emerge when the criminal investigation launched by the German prosecutors into managers of companies that sold FinFisher software to Turkey and other clients turns into a public trial. Years of civil advocacy by several organizations including Access Now against the company and criminal complaints filed by Gesellschaft für Freiheitsrechte (GFF), Reporter ohne Grenzen (RSF Germany), the netzpolitik.org blog and the European Center for Constitutional and Human Rights( ECCHR) in Germany helped the collapse of the Munich-based FinFisher and two related firms – FinFisher Labs GmbH and raedarius m8 GmbH.

It is not clear what will happen to FinFisher’s affiliated companies in the UK, where the spyware was marketed by Lench IT Solutions plc, whose owner is reportedly William Louthean Nelson, a British businessman who lives in Lebanon and controls the business through a shell company set up in the British Virgin Islands. The company has UK-based Gamma International Ltd and Gamma International GmbH in Munich.

Access Now report on spyware: