Pegasus: MEPs lash out at EU Commission for inaction

Budget Commissioner Johannes Hahn reiterated to lawmakers that the Commission was not "competent" and that "the examination of these issues is the responsibility of each Member State". [JULIEN WARNAND/EPA]

EU lawmakers revisited on Wednesday (4 May) new revelations of spying on European officials by the Pegasus software, criticising the lack of action by the European Commission, which prefers to leave the affair to the member states to handle.

MEPs attending the plenary session in Strasbourg did not hide their bitterness at the Commission’s refusal to formally address the numerous revelations of spying enabled by Pegasus, the spyware of the Israeli company NSO Group.

“The silence in the ranks is deafening,” said Saskia Bricmont, a Green MEP and member of the new committee of inquiry (PEGA), tasked with shedding light on the use of the spyware, which began work in late April.

“The Commission and the Council have previously been quicker to take action on security issues,” she added.

Forbidden Stories and Amnesty International, in partnership with 17 media outlets, revealed last July that NSO Group was providing governments with very sophisticated software, Pegasus, which allows almost undetectable access to all content and exchanges, as well as the ability to track the geolocation of a phone.

The spyware was reportedly used to spy on the devices of many politicians, journalists and human rights defenders around the world. Several member states, including Hungary and Poland, have admitted to being customers of the company but denied any wrongdoing.

The exchanges in Strasbourg, placed on the agenda at the request of the Greens, come two days after the Spanish authorities said the phones of Prime Minister Pedro Sanchez and Defence Minister Margarita Robles had been hacked by Pegasus in spring 2021.

The government’s announcement came shortly after Toronto’s Citizen Lab revealed, quoting “strong circumstantial evidence”, that dozens of Catalan pro-independence activists, including some MEPs, were themselves allegedly spied on through the software on behalf of Spanish intelligence services.

The revelation sparked a political scandal in the country, the “CatalanGate”.

“This is a situation that slips through our fingers and through the fingers of the governments of the states that allow themselves these illegal practices under European law,” MEP Bricmont told EURACTIV ahead of the debate.

Didier Reynders, the EU’s Justice Commissioner, and several other Commission officials have also recently joined the list of high-ranking politicians whose phones have been infected.

Bricmont said it was potentially a case of “European governments that have allowed themselves to spy on both Commissioners and MEPs in the course of their duties”.

Senior EU officials were targeted with Israeli spyware – sources

Senior officials at the European Commission were targeted last year with spy software designed by an Israeli surveillance firm, according to two EU officials and documentation reviewed by Reuters.

The European Commission passes the buck

The EU executive has so far done little about the use of the software by several of its member states, arguing that it is a matter of national security.

Budget Commissioner Johannes Hahn reiterated to lawmakers that this was not the Commission’s “competence” and that “the examination of these issues is the responsibility of each member state”, but recalled that the interception of electronic communications was strictly regulated by European legislation, notably through the ePrivacy Directive.

Lawmakers took the stand to share their concerns about the threat posed by spyware to democratic integrity and were united in denouncing the Commission’s evasiveness.

“I am quite shocked by the Commission’s reaction,” said liberal MEP Sophia in ‘t Veld, rapporteur of the PEGA committee. An “investigation on this issue is not optional, it is not about individual problems.”

“The Council does not seem to think this debate is worth its presence,” she said, turning to the empty seats where the representatives of the Council, chaired by France in the first half of 2022, usually sit.

The French Secretary of State for European Affairs, Clément Beaune, ended up joining the session an hour into the debate.

“We have been more present in the hemicycle than the three previous presidencies,” Beaune stressed as he took the floor.

“The illegal use of surveillance software is obviously unacceptable and must be condemned,” he said.

He then repeated what Hahn had said, recalling that it was “up to each member state to first carry out the necessary investigations in order to establish the possible illegalities that have been committed”, but that there was “a European responsibility to be implemented”.

Centre-right lawmaker Jeroen Lenaers of the European People’s Party, who chairs the PEGA committee, also said he was disappointed with the Commission’s approach. “This is not about national security, but about the rule of law,” he said.

The reference to fundamental rights and the rule of law was echoed by centre-left Hannes Heide and many other MEPs who took the floor during the debate.

The PEGA committee is due to complete its work within a year and is expected to make recommendations on how to deal with illegal spyware practices.

“I am convinced that only prohibition can help. I’m not sure that regulating the use of such software will really help,” Bricmont told EURACTIV.

EU urged to step up curbs on foreign spyware

The EU has been urged to step up its actions to prevent politicians, journalists, and activists from being hacked by foreign spyware following new revelations of politicians targeted by the controversial Pegasus software.

[Edited by Luca Bertuzzi/Zoran Radosavljevic]

Subscribe to our newsletters