Autocratic UN agency head broke rules with sensitive cybersecurity contract award, report shows

EXCLUSIVE: “The head of a low profile but important United Nations agency based in Geneva bent the organization’s rules and steered an ultrasensitive cybersecurity contract to a company headed by a business acquaintance, according to a heavily redacted UN report obtained by Fox News.

The report says that the autocratic Francis Gurry, controversial head of the U.N.’s World Intellectual Property Organization, or WIPO, defended his actions to rewrite normal procurement procedures by pointing out that WIPO “manages the world’s leading public databases of patent disclosures, brands, and designs, as well as a variety of IT [information technology] platforms linking the Intellectual Property Offices of the world.”

The U.S. and a number of other countries  that are part of WIPO’s 189-nation membership  have been waging a behind-the-scenes struggle for months to get even a glimpse of the redacted, 51-page report by the U.N.’s watchdog Office of Internal Oversight Services, which was finally distributed to WIPO member states this week, but is still marked “Strictly Confidential.”

Along with alleged corruption of WIPO procurement procedures in 2014, Gurry had been accused of ordering the illegal break-in of offices of his staffers in 2008 to get DNA evidence that some of them had written anonymous letters against him, and then scheming to cover up the action, as well as retaliating against some of the internal whistleblowers against him.   At the time, Gurry was running for WIPO’s top job as Director General.

The report also says, among other things, that there is an acquaintanceship dating back to 2002 between Gurry and the principal of a firm that he championed in a bidding process he halted and then restarted; that Gurry suggested overriding WIPO rules that weighted the cost of that firm’s proposal—nearly twice that of its next competitor—against it; and ignored staff objections to the process.

The cost of the winning bid, the report says,  was subsequently bargained down to meet the original cap of the request for bidding proposals.

The document, the result of an 11-month probe, was written last March, and examines alleged Gurry wrongdoings dating back to 2008. It will likely be discussed at a meeting of WIPO’s 189-member General Assembly meeting next week.


If so, it could finally provide a culmination to long-running battles involving Gurry, an aloof, Australian-born bureaucrat,  with member states including the U.S. that have been rocked by Gurry’s spectacularly high-handed maneuvers, and a bevy of whistle-blowing WIPO employees who charge they have suffered retaliation and abuse for questioning Gurry’s actions.

(In 2015 and again this year, the U.S. State Department sanctioned WIPO for failing to uphold best practices in whistleblower protection by cutting of 15 per cent of its donations to the agency—the first time any U.N. agency had incurred such a sanction.. That did virtually nothing, since WIPO, uniquely among U.N. agencies, makes hundreds of millions of dollars through its management of international patents.)

Along with alleged corruption of WIPO procurement procedures in 2014, Gurry had been accused of ordering the illegal break-in of offices of his staffers in 2008 to get DNA evidence that some of them had written anonymous letters against him, and then scheming to cover up the action, as well as retaliating against some of the internal whistleblowers against him.   At the time, Gurry was running for WIPO’s top job as Director General.

The break-in and cover-up charges were aired by Miranda Brown, a former “strategic advisor” to Gurry, in a complaint filed in February, 2014 before a U.N. labor dispute tribunal.

They boiled up two months later  into a broader series of accusations, including the procurement charges,  from the top U.S. official at WIPO at the time, James Pooley, who has since left the organization.

Pooley’s accusations that Gurry had been involved in “serious misconduct” and “violations of national and international law,”  in turn, led to the OIOS probe.

While the investigation has long ago concluded, elaborate maneuvering at WIPO has kept the full report under wraps ever since.

“The investigation report should have been delivered to the U.S. and other countries as soon as it was done,” Pooley, who had not seen the redacted report, told Fox News. “I don't understand why there has been such a delay. The member states of WIPO own the organization. They need to have access to all the facts, so they can decide what to do.”

A two-page version of the report’s conclusions was made public in May—stripping away the context, and according to whistleblowers the seriousness of the evidence behind the brief summary.

(Gurry himself , on the other hand, has had a completely uncensored copy of the report since May, including the names of witnesses who testified against him, in violation of both WIPO and U.N. witness protections.)

In the case of Gurry’s procurement decision, the two-page summary had observed delicately that there were “reasonable grounds to conclude” that  Gurry’s actions “may be inconsistent with the standards expected of a staff member of the World Intellectual Property Organization.”

It added, evidently as a mitigating circumstance,  that “there is no evidence that Mr. Gurry directly or indirectly gained any financial or personal benefit from the procurement processes…and the eventual contract award.”

But regarding the alleged DNA theft, the truncated conclusions said that “although there are strong indications that Mr. Gurry had a direct interest in the outcome of the DNA analysis,” there was no evidence he was “involved in the [illegal] taking of DNA samples.”

Nor was there evidence, the two-page version concluded,   that he attempted to suppress a subsequent investigation of the incident.

The redacted version of the full report  is so heavily drenched in black ink that no names other than Gurry’s remain --even pronouns that might identify a person’s gender are blacked out. Nor are the names or officials of companies involved in the cybersecurity contract revealed.

The result is a visual hodge-podge that is also virtually unreadable to anyone not well versed in the issues involved.

Nonetheless, the much-censored document shows:

  • One reason there may be no evidence of Gurry’s involvement in the DNA caper is that Swiss police and justice authorities, who had aided Gurry in legally collecting DNA evidence from U.N. staffers after the anonymous letters were published the previous year, refused to cooperate with the OIOS investigation.

The scandal concerning illegally obtained DNA evidence emerged after it was included  among the legal samples collected by the Swiss police and sent to a lab for analysis. One sample, according to the lab analysis, also contained DNA from a U.N. security staffer, who denied taking it. The police who had gained possession of the samples seemed likely to know who had provided them—but they are not talking.

  • For his part, Gurry denied any involvement in the collection of personal DNA samples and said he “simply did not have any authority,” as the report puts it, over WIPO security services.
  • A six-figure settlement agreement between WIPO and a staffer whose DNA was illegally taken was worked out, according to a WIPO official who signed the deal , “in response to several cases” that the aggrieved person brought against WIPO. They included a proposed transfer to Singapore described by the complainant as “retaliation.”

The outcome included money plus a promise never to move the staffer outside Geneva without her written permission, in exchange for withdrawal of a criminal complaint as well as internal complaints before U.N. tribunals, which a witness told OIOS  the complainant “stood a good chance of winning.” All such payouts, one witness said, required the Director General’s approval.

For his part, Gurry disagreed that “a reasonable inference can be drawn that the primary aim of the Settlement Agreement was to avoid further attention being given to the ‘DNA Case.’” He also produced emails—contents not revealed in the report-- that disputed that WIPO had lost  the internal cases—though the report features part of a later email chain in which  Gurry discussed the timing of having the staffer drop the complaints as part of the deal.

  • So far as the cybersecurity contract is concerned, an executive of the unnamed company that won the award, according to the redacted report, refused to be interviewed.  A legal letter  said  allegations regarding the contract were “false,” and  “grossly defamatory,” and another legal letter, according to the report, said a company member “is not a friend or a personal acquaintance of Mr. Gurry and had dealt with Mr. Gurry on very infrequent occasions in the course of professional intercourse.”  

The U.S. State Department, for one, argued strongly in meetings of WIPO member nations  for release of the redacted version of the report. With the document now in U.S. hands, a State Department official told Fox News that Washington  “believes that this investigation process and report revealed flaws in the organization’s investigative procedures, internal oversight charter, and procurement process – shortcomings that the United States and other concerned member states believe need to be addressed by the WIPO member states.”

So far as any penalties for  Gurry are concerned, however, the official said that the final recommendation in the report-- “that the Chair of the General Assembly of the World Intellectual Property Organization consider taking appropriate actions against Mr. Francis Gurry”--was “dispositive.”

Translation: who knows? As little as a reprimand might still be possible.

To many WIPO insiders—and outsiders too--there is considerable irony in the statements by Gurry of concern for WIPO’s intellectual property assets in the face of cyber threats.

Gurry has often earned international notoriety since 2012 by putting sensitive technology close to harms’ way. That case involved the delivery by WIPO of a secretive shipment of sophisticated computers, a highly-restricted network security system and other advanced equipment to nuclear-ambitious North Korea and Iran.

The American-made equipment, some of it considered dual-use technology, was  ostensibly intended to bolster WIPO operations there,  but it went unannounced despite U.S. and U.N. sanctions against both nuclear-ambitious regimes.  Payment for the equipment, until it was discovered, had been carefully structured to bypass U.N. safeguards installed after an earlier sanctions scandal.

A subsequent investigation ruled there were no express sanctions forbidding his action, though the investigators declared Gurry’s actions “unjustified” and unfathomable.

Within two years, North Korea officially added major-league cyber-crime to its dubious international accomplishments. Hackers based there invaded the  databases of entertainment giant Sony, in a bid to abort the release of The Interview, a far-out comedy about an assassination attempt on North Korean dictator Kim Jong-Un.

Within a year of his arbitrary 2014 cybersecurity contract decision, Gurry had further  shocked the U.S. and other Western nations by failing to notify them that he was opening WIPO intellectual property offices in Russia and China—countries now considered to be two of the world’s most aggressive sponsors of cyber-crime and hacking.

The offices are still there.

George Russell is Editor-at-Large of Fox News. He is reachable on Twitter at @GeorgeRussell and on Facebook at