A recent report from the University of Toronto's Citizen Lab traces the use of surveillance malware developed by the Italian company Hacking Team and deployed in Ethiopia, Morocco, Nigeria, Sudan and Somalia. Last year, a German-English company's malware was detected in South Africa and Nigeria . These findings have generated new interest in the issue in sub-saharan Africa.
Detection of malware and other “cheap” surveillance technologies — relatively affordable “off-the-shelf” products made by private companies — in Africa's largest countries seems to be of ongoing interest to researchers. But what about the countries which through a western lens are seen as “less important”, either for their population, language or geopolitical sway?
Angola  is an interesting case: The oil-rich nation has a relatively small population and a powerful ruling party  with a president that has been in control for 34 years. Investigative journalists, youth protesters, and social mobilizations – mostly around issues like housing and political corruption – seem to irk the regime, but the broader impact of these activities can be hard to track.
Last December, security researcher Jacob Appelbaum spoke at the Chaos Communication Congress  about Angolan investigative journalist Rafael Marques  and his laptop. Marques, a widely acclaimed journalist known for his investigations of abuses of power at the highest level, approached Appelbaum with an all too common query: “there seems to be something wrong with my laptop, it's running slow.” Appelbaum found what he described as the “lamest backdoor” he'd ever seen, a spyware program that was surreptitiously taking screenshots of Marques’ activities and attempting to send them to another machine.
In the video below, Appelbaum shows Marques how even though he used TOR to protect himself, his machine had been compromised by a very crude form of spyware:
Marques, who edits the independent website Maka Angola  was arrested  and beaten  months after discovering his laptop had been compromised. He is currently facing civil suits in both Angola and Portugal for his research which includes unmasking an international money laundering scheme for diamonds mined in Angola’s troubled Lunda region.
Appelbaum suggests that even the least tech-savvy regimes can find new ways of exerting control using simple digital surveillance products and techniques. Yet there is little public discussion about data security, surveillance and the law in Angola.
One reason may be that real-world, physical surveillance and infiltration – with some of the intelligence agents trained in the ex-Soviet Bloc – is so pervasive that activists and journalists do not feel any particular urgency about protecting their online activities.
Marques is now actively tracking the issue of surveillance in Angola. In October he described proposed legislation that would allow the state vast powers for warrantless search  and prohibit certain forms of online communication. These provisions, he noted, were added to a 2010 draft Internet Governance bill released shortly after popular uprisings in Tunisia and Egypt.
Although these forms of surveillance are relatively new, threats to press freedom are hardly new in Angola. Local independent newspapers and news outlets, have been criminalized  or had their ability to expand restricted by onerous, seemingly politically motivated licensing requirements. Marques himself often lives and works in other countries. He is currently facing a defamation suit in Portugal , filed by Angolan members of the regime [pt].
Much like in Ethiopia, many Angolan activists and independent media workers are closely linked to the country's diaspora. An Ethiopian journalist residing in Washington, DC recently filed a legal challenge  against the Ethiopian government over surveillance via malware on his computers. This development, at the very least, should help to raise awareness among Ethiopian exiles and activists. The case, which has been filed in the US, will hinge on careful research and tracing of malware.
For individuals like Marques in countries around the world, the Ethiopian case may suggest an interesting, international way of reversing a power imbalance — a way of striking back against threats to open investigation and expression. What remains to be seen in “less important” countries like Angola is whether civil society activists, researchers, and lawyers can find the resources and rally together internationally to trace and challenge increasing digital surveillance.