Sandvine, the maker of surveillance software that allows authoritarian states to censor the internet and monitor their citizens, has announced it will withdraw from dozens of “undemocratic” countries as part of a major shakeup of the company.
The Canadian-founded company released a statement on Thursday, claiming that it now wants to be “the leader in technology solutions for democracies.” As part of this new strategy, Sandvine said it has already withdrawn from 32 countries and is in the process of withdrawing from another 24.
Sandvine committed to withdrawing from 56 countries, except Egypt, by the end of March 2025, but did not name the countries. For the remaining countries, including non-government customers in Egypt, the “end of service” date will be the end of 2025.
The company's change of policy comes after a multi-year investigation by Bloomberg that found Sandvine had sold internet surveillance products to authoritarian regimes in countries including Belarus, Egypt, Eritrea, the United Arab Emirates and Uzbekistan.
Sandvine said its decision to withdraw from dozens of countries was based on a review of its operations based on the Economist Intelligence Unit's 2023 Democracy Index, which classifies countries based on “regime type.” The company also said the decision was made “in consultation with the U.S. Department of Commerce, the U.S. Department of State, and other key members of the U.S. government.”
Sandvine did not respond to requests for comment, asking for a full list of countries the company has already withdrawn from and those it plans to withdraw from.
Contact Us Have more information about Sandvine or other surveillance tech manufacturers? You can securely contact Lorenzo Franceschi-Bicchierai from a non-work device on Signal (+1 917 257 1382), Telegram, Keybase @lorenzofb, or email. You can also contact TechCrunch via SecureDrop.
Earlier this year, the US Department of Commerce placed Sandvine on its blocklist (officially known as the Entity List), accusing the company of selling products to the Egyptian government which “used Sandvine to conduct mass web surveillance and censorship to block news and target political figures and human rights activists.”
In recent years, digital rights research group Citizen Lab has published reports on Sandvine, including exposing the company's technology being used in Turkey and Syria, where Sandvine equipment was allegedly used to redirect hundreds of users to spyware.
Sandvine's reforms appear to suggest that U.S. government pressure on the company has been effective, experts say.
“For a long time, we've known about the harms but haven't known how to effectively put the brakes on the uncontrollable proliferation of surveillance technologies,” John Scott-Railton, a senior research fellow at Citizen Lab, told TechCrunch. “Sandvine's rapid fall shows that the U.S. model, which includes sanctions, can have a direct positive impact.”
Citizen Lab director Ron Deibert agreed, telling TechCrunch that the Sandvine case “shows what can happen when you combine rigorous evidence-based research, investigative journalism and public interest advocacy with targeted, meaningful government regulation.”
In the past few years, the U.S. government has targeted other companies that sell surveillance technology. In 2021, the U.S. Department of Commerce placed NSO Group on a Commerce blocklist, effectively banning U.S. companies from doing business with the Israeli spyware maker that sells the mobile spyware Pegasus. In 2023, the U.S. government placed Intelexa, the consortium that makes the spyware Predator, on the same economic blocklist.
Earlier this year, the U.S. Treasury Department imposed sanctions on Intellexa founder Tal Dilian and one of his business associates. The sanctions specifically targeted Dilian, rather than his company, leaving other spyware manufacturers worried that they too could become targets of the U.S. government.