The internationally blacklisted firm TigerIT played a role in developing a controversial solution for the National Telecommunication Monitoring Centre (NTMC) to tap into citizens’ devices, allegedly to suppress opposition during the Awami League regime.

Ziaur Rahman, chairman of TigerIT, provided core technical solutions for this contentious initiative under the Awami League, and remains untouched despite the controversy surrounding NTMC officials.

Some top NTMC officials have already faced legal action for leaking citizens’ personal data, according to a media investigation.

The investigation also revealed that Ziaur Rahman secured the NTMC contract by leveraging his connection with Major General Tarique Ahmed Siddique, former security adviser to former prime minister Sheikh Hasina and brother-in-law of Sheikh Rehana.

Due to this backdoor connection with Hasina’s security adviser, TigerIT faced no issues importing illegal devices from various European countries over the last decade.

The investigation further disclosed that Shahnaj Siddique, the wife of Tarique Ahmed Siddique, is involved with the USAKA Group, an umbrella platform of NovoTel, NovoAir, NovoCom, Penta Global, and IBCS-Primex.

With the support of the USAKA Group, TigerIT and CSL became involved in the controversial NTMC project to record phone calls.

Despite being blacklisted in the World Bank’s project for the development of the Election Commission’s smart card, TigerIT is involved in sensitive projects like NTMC.

Important information about citizens is also stored with NTMC, and sources indicate that this data was used for political purposes during the ousted Awami League government.

NTMC operates under a special intelligence agency of the government and has the capability to intercept mobile phone voice and text, telephone voice, and social media communications. Among the social media, NTMC can interfere with apps such as Facebook, Twitter (now X), Telegram, Viber, IMO, and Skype. The organisation can also take full control over any online media, including websites, blogs, and emails for content filtering.

The media investigation also revealed that NTMC has set up firewalls on the backends of four telecom operators – Grameenphone, Banglalink, Robi and Teletalk – to control the voice and data services of these mobile network operators.

TigerIT Chairman Ziaur Rahman, a US passport holder, is currently residing in Dubai. The correspondent attempted to reach him for comment several times regarding the controversy over NTMC services, but he could not be contacted.

Internationally acclaimed tech expert Sumon Ahmed Sabir said, “There is an ethical question here. If monitoring is done for the safety of the country’s citizens, it is good. But we know the controversial role of NTMC. There is a risk of information leakage when a software company like TigerIT is working on accountability.”

He also mentioned that there have been instances where information has been smuggled and sold from the Election Commission’s server.

“Given these concerns, why was citizens’ information handed over to a private organisation without any tender process? These issues need to be re-evaluated for a secure future.”

Sabir, a member of the executive committee of the international organisation EPNIC, added that in any civilised country, phone tapping is considered interference with personal freedom and a violation of personal privacy. However, in Bangladesh, this human right has been violated by law.

NTMC uses surveillance devices like Vehicle Mounted Data Interceptors and Vehicle Mounted Mobile Interceptors to help stop militancy and control the expression of “undesirable” views.

The Pegasus spyware was also purchased from the Israeli cyber intelligence company NSO Group for the agency. Mobile phones can be hacked through this software. Once the app is installed on someone’s mobile phone, surveillance agencies can intercept messages, photos, or emails from that phone.

Rezwanur Rahman, an engineer at tech company Microsoft, emphasised that the responsibility for the country’s important data or servers should be given to contractors who have top-level cybersecurity experts and hackers.

“When dealing with sensitive data through phone tapping, the surveillance solutions should be assigned through an open tender instead of based on personal relationships. We have seen that TigerIT failed to manage the Election Commission’s database amid repeated data breaches. Their poor performance at BRTA over the years raises new questions about their involvement at NTMC,” he said.

The tech expert noted that the agency should employ modern security technologies and regularly collaborate with cybersecurity experts to prevent such incidents from recurring.

BDST: 1150 HRS, SEPT 15, 2024