Fortinet for who?

ONI reports that Burma is now using Fortinet (they were previously using DansGuardian) to censor the Internet. Fortinet claims:

Fortinet employs a two-tier sales model, in which we sell 100 percent of our products to resellers, who then sell to end-users. We do not directly sell, deploy or configure our products for end-users. Additionally, we have no record in our databases of Myanmar Millennium Group being a Fortinet reseller.

But DerekB discovered that Burma actually had a ceremony to commemorate the installation of Fortinet and that Ben Teh, Forntinet Sales Director for South Asia and Country Manager for Australia and New Zealand, had attended the ceremony, given a audio/visual presentation on Fortinet and presented a gift to the Burmese Prime Minister.

When asked by Irrawaddy:

Teh today denied that Fortinet has any involvement in Burma and refused to confirm or deny whether he visited Rangoon last year. “We don’t have any direct resellers and we don’t have any direct partners in Myanmar [Burma],” he said, refusing to comment further.

Here is a picure from Burmese TV of Ben Teh presenting his gift to the Burmese Prime Minister. See, there is a the little problem of the Burmese Freedom and Democracy Act of 2003 which the New York Times suggests Fortinet may be in violation of. I am not a lawyer, but this Act only seems to affect imports from Burma, not exports. In fact the U.S. Department of Treasury states that exports to Burma are (there are exceptions for financial services and about who you can export to, but not exports themselves) are not prohibited. So unless Fortinet sold their filtering product to a prohibited person — which appears to be persons who hold senior positions in the State Peace and Development Council or the Union Solidarity Development Association.

It’s all somewhat odd. Section three of the Burmese Freedom and Democracy Act is titled “BAN AGAINST TRADE THAT SUPPORTS THE MILITARY REGIME OF BURMA” but it does not seem to prevent U.S. companies from selling censorship and surveillance equipment to Burma, it only affects imports.

The ironly of all this is that we are continually seeing U.S.-made filtering products being used by authoritarian regimes to implement Internet censorship worldwide.


  1. The Problems of Filtering

    Yesterday, we at the OpenNet Initiative (a collaboration of Berkman/HLS with the Advanced Network Research Group of the Cambridge Security Programme at University of Cambridge and the Citizen Lab at University of Toronto) released a report on Internet fil

  2. […] A final amusing note: when ONI was researching Burma’s filtering, we detected what appeared to be the American software firm Fortinet’s Web filtering product. The company claimed to have no idea what we were talking about. I was about to delete this from the study – after all, would a major corporation be less than up front with us about aiding an authoritarian state? – until I found a photo of Fortinet’s Sales Director for the region presenting a gift to Burma’s Prime Minister in commemoration of the country adopting Fortinet’s filtering product. (Scroll down, look for the guys shaking hands.) We have a legal term for this: “oops!” (The Sales guy in question, Benjamin Teh, refused to confirm he’d even been in Rangoon. Apparently the junta is also excellent at faking photos of random software company bureaucrats. Or is there a simpler explanation?) […]

  3. LOL…”oops”, I love it they even made a division of the repressive Burmese government a reseller! Fortinet is also the company that got busted for using GPL freeware as sourcecode, encrypting it and passing it off as their own code and let’s not forget the Trend Micro lawsuit….These guys are slimy.

  4. From what i’ve been able to find, somehow Burma got one Fortinet unit and then did a splash campaign making it look like that one box could service millions of computers.

    Where did you get that “busted for GPL” info… from wiki? Their article of Fortinet almost reads like Fortinet takes candy from babies!
    And does Trend Micro make more of its money from stupid patent lawsuits (like Mosaid) than from actually making products? Personally I’m in favor of companies that make things rather than make profits from suing others.

    I’ve used their products and they are really good. The level of control over how you protect your network is really good.

    If Fortinet is slimy, i’d love to see your description of some other big business companies in the states.

  5. […] use of Fortinet technology in Burma. See Villeneuve, N., “Fortinet for who?”, October 13, 2005, 24 Human Rights Watch, “Burma’s continuing human rights challenges,” November 3, 2011, […]

  6. […] in this trade are Netsweeper (the Middle East), Bluecoat (Syria and Burma), Websense (Yemen), Fortinet (Burma), and Finfisher (Egypt and Bahrain). All these companies claim that they are not involved in […]

Post a comment.