While refusing to provide any evidence, NIS continues to insist there was no illegal surveillance

Posted on : 2015-07-28 18:23 KST Modified on : 2019-10-19 20:29 KST
Before suicide, one agent deleted reams of data, raising questions over what had been collected
 July 27. (pool photo)
July 27. (pool photo)

A total of 51 records were deleted by a National Intelligence Service (NIS) agent who committed suicide on July 18, the agency said in a report to the National Assembly Intelligence Committee on July 27.

The records deleted by the 45-year-old agent, identified by the surname Lim, include ten related to successful anti-North Korea and anti-terrorism hacks, 31 involving domestic test hacks, and ten involving failed operations, the NIS report added.

The inclusion of 31 “test hacks” on domestic targets would conflict with NIS Director Lee Byung-ho’s claims that the hacking software was used only overseas, while raising questions about why Lim would delete information that was only for test use. Questions are also swirling over why the ten anti-North Korea and anti-terrorism records and ten records of unsuccessful hacking attempts were deleted and who the targets were.

The NIS did not disclose the specific subjects of the records.

During the Intelligence Committee meeting on July 27, the ruling Saenuri Party’s committee secretary Lee Cheol-woo said Lim had “deleted 51 records, including ten involving anti-North Korea and anti-terrorism purposes, ten involving unsuccessful planting [of hacking programs], and 31 involving test use domestically.”

The NIS provided committee members from different parties with only a reconstructed list of data, sources reported.

“The NIS just showed us a list of the 51 records without any names or details, so we had no way of knowing what kind of data it was specifically,” said one opposition committee member.

Members who attended the meeting also reported that NIS director Lee Byung-ho declared that he would “stake his job” on the absence of any illegal monitoring, without disclosing 36 records requested by the opposition or releasing evidence to answer the allegations. The meeting was organized by bipartisan agreement to investigate allegations that the NIS used a remote control system (RCS) hacking program purchased from Italian company Hacking Team to monitor South Korean civilians.

Lee was also reported as saying the RCS “cannot be used to observe conversations on Kakao Talk.”

“He went on about how there was ‘no domestic monitoring’ and how it’s ’impossible to look in on Kakao Talk,‘ and he just insisted that we trust,” said an opposition member.

“It felt like a church in there,” the member added, shaking their head.

Shin Kyoung-min, a New Politics Alliance for Democracy (NPAD) lawmaker and the committee’s opposition secretary, said the opposition had “requested 36 records, but we were shown nothing apart from a few responses saying [the conditions for submission] ‘did not apply.’”

“The NIS did not stick to the agreement reached between the ruling and opposition party floor leaders on July 23 to investigate the matter,” Shin insisted.

The NIS also maintained that a usage log requested by the opposition could not be presented, adding it planned to explain the matter during an on-site examination at the agency, sources said.

NPAD citizen information protection committee chair Ahn Cheol-soo held a press conference afterwards to announce that he would participate as an Intelligence Committee member - and place his own AhnLab shares in blind trust if necessary - if three conditions were met. The conditions included submission of log file data, participation is in a log file analysis with five or more experts and the establishment of an examination area within the National Assembly, and at least one month for analysis.

Meanwhile, Minister of Science, ICT and Future Planning Choi Yang-hee responded to opposition questions on the legality of NIS introducing the RCS without prior approval from his ministry - as required by the Protection of Communications Secrets act - while attending a plenary session the same day for the National Assembly Science, ICT, Future Planning, Broadcasting and Communications Committee.

“The general opinion is that it does not correspond to ‘monitoring equipment,’” Choi said.

“There have been no cases of requesting approval for software as monitoring equipment,” he added.

Choi’s claim was disputed by experts, who said software should be subject to constraints as monitoring equipment, as hacking programs constitute physical devices that allow for monitoring when placed on computers and other devices.

“A typical computer isn’t a monitoring device, but it becomes one when you put a monitoring program on it,” said Yim Kang-bin, a professor of information security at Soonchunhyang University. “That means software can be monitoring equipment, depending on the interface.”

“The idea that software can’t be monitoring equipment because it’s not a physical device makes no sense,” Yim argued.

 

By Lee Seung-joon and Kim Kyung-wook, staff reporters

 

Please direct questions or comments to [english@hani.co.kr]

button that move to original korean article (클릭시 원문으로 이동하는 버튼)

Related stories