Several cybersecurity experts who examined the app have determined that the Egyptian government could use it to track and crack down on critics. The COP27 summit kicked off on Sunday, Nov. 6. It brings together diplomats, climate activists, journalists, business executives, and others to discuss ways to combat climate change. The conference will end on Friday, Nov. 18. Egypt’s Ministry of Communications and Information released the COP27 app on Oct. 24. While authorities say the app’s purpose is to “enhance the experience” of attendees, critics fear there may be a more sinister motive behind it.
App Requires Loads of Permissions
With thousands of people attending the climate summit in Sharm el-Sheikh, Egypt, cybersecurity experts are concerned that the mobile app could be used for widespread surveillance of attendees and local dissidents. The COP27 app has been downloaded more than 10,000 times already on Google’s Play Store. According to cybersecurity analysts, upon installation, the app requires permission to access users’ GPS location, photos, emails, contacts, and other data. The app’s listing on the Play Store says it may share some of this personal information with third parties for account management and app functionality. “This is a cartoon super-villain of an app,” Gennie Gebhart, the Electronic Frontier Foundation’s advocacy director, told the Guardian earlier this week. “The biggest red flag is the number of permissions required, which is unnecessary for the operation of the app and suggests they are trying to surveil attendees.” Hossam Baghat, the head of the Egyptian Initiative for Personal Rights, also noted that installing the app requires giving up some sensitive information. “You can now download the official #Cop27 mobile app but you must give your full name, email address, mobile number, nationality and passport number. Also you must enable location tracking,” Baghat tweeted. Amnesty International told the Guardian that the COP27 app could access a user’s camera, microphone, Bluetooth, and location data. POLITICO also reported that the app has “so-called backdoor privileges, or the ability to scan people’s devices.”
Not All Analysts Agree
While many researchers and experts agree the app is potentially spyware, others have an alternative view. Paul Shunk, a security intelligence engineer at cybersecurity firm Lookout, told POLITICO that there’s no evidence the app can access users’ emails or private messages. He also said it can’t record audio while running in the background, making it “almost completely unsuitable for spying on users.” WithSecure cybersecurity researcher Elias Koivula also said there’s no evidence the app had accessed any users’ emails. Some permissions required by the app could be used to provide travel information and for other harmless purposes, he explained. The COP27 app is available on Google’s Play Store and Apple’s App Store. Both Apple and Google approved the app for their stores, citing no violations of existing rules.
Egypt’s Crack Down on Protests Ahead of Summit
There has been a strict restriction on public protests in Egypt since the 2013 coup that saw then-military chief and now-president Abdel Fattah al-Sisi overthrow Muslim Brotherhood leader Mohamed Mursi. Earlier this month, nearly 70 people calling for protests during the climate summit were arrested. According to Egypt’s Mada news outlet, hundreds of people have been detained since October in the buildup to COP27. Indian activist Ajit Rajagopal was one of the people arrested late last month as he attempted a planned protest march from Cairo to Sharm el-Sheikh. Egyptian authorities released him shortly afterward in the face of mounting international pressure. According to Human Rights Watch, in the days running up to the summit, authorities implemented several surveillance measures, including installing cameras in all the taxis in Sharm el-Sheikh to track drivers and passengers across the city. “As participants are arriving for COP27, it is becoming clear that Egypt’s government has no intention of easing its abusive security measures and allowing for free speech and assembly,” Adam Coogle, the deputy director of Human Rights Watch’s Middle East and North Africa arm, said earlier this week. “Egyptian authorities should not be extending its human rights crackdown into the summit space.” Human Rights Watch also said Egyptian authorities had imposed “an unduly complicated” registration process for the “Green Zone” outside the COP27 venue — an area available to the public to protest climate issues and interact with summit participants.
