Poland's Central Anti-Corruption Bureau (CBA) has refused a request by the Helsinki Foundation for Human Rights to disclose information on whether the CBA uses software called Remote Control System (RCS), which is capable of monitoring computers and phones and retrieving data from such devices.
The Central Anti-Corruption Bureau justified its decision by indicating that the requested information is classified. According to the Protection of Classified Information Act, information is classified if its disclosure hampers the performance of a service's tasks, including the execution of operational activities. The CBA also pointed out that the requested information constitutes "other secrets protected by law" under the Central Anti-corruption Bureau Act. It argued that any information about its technical capabilities, such as monitoring computers and phones and the tracking of correspondence on the Internet, is privileged information that was gathered within the scope of activities pursuant to the law under which the bureau works.
The Helsinki Foundation for Human Rights asked the Internal Security Agency (ABW) the same question about the use of RCS. In March, the ABW announced that they do not use this software. The Helsinki Foundation has now brought a claim before a provincial administrative court, asking it to review the legality of the CBA's decision against disclosing the information.
Remote Control System software is capable of monitoring computers and phones and could retrieve data stored on such devices even if a user is offline. The system can also be used to track online correspondences. RCS software can also copy files from a computer's hard drive, record Skype calls, intercept passwords entered in a browser and remotely turn on a web camera or a computer's microphone.
In February, the scientists affiliated with The Citizen Lab, an interdisciplinary group based at the University of Toronto (Canada), published a report Mapping Hacking Team's "Untraceable" Spyware, which analyzed the use of RCS. The report says that the system is offered for sale to governments by Hacking Team, a Milan-based company. The document names twenty-one governments, including those of Azerbaijan, Columbia, Egypt, Ethiopia, Hungary, Turkey, Morocco and also Poland.