EU urged to step up curbs on foreign spyware

The EU has been urged to step up its actions to prevent politicians, journalists and activists from being hacked by foreign spyware following new revelations of politicians targeted by the controversial Pegasus software. [Shutterstock / Shawn Hill]

The EU has been urged to step up its actions to prevent politicians, journalists, and activists from being hacked by foreign spyware following new revelations of politicians targeted by the controversial Pegasus software.

The phones of dozens of prominent Catalan politicians and activists were hacked with the spyware, produced by Israeli firm NSO Group, EURACTIV’s partner EFE reported.

A study by Citizen Lab, a research group based at the University of Toronto, revealed that more than 65 pro-independence Catalan politicians, journalists, and activists had been targeted with the Pegasus spyware between 2015 and 2020.

On Tuesday (19 April), the European Parliament’s Committee of Inquiry set up to investigate the use of the Pegasus and similar surveillance spyware will start its work.

EU lawmaker Jeroen Lenaers from the conservative EPP group will be chairing the committee.  Liberal lawmaker Sophie In’t Veld of Renew Europe will lead the report that is due to submit its conclusions after 12 months.

The committee, modelled on the inquiry committee set up in 2006 to look at the alleged rendition and detention of prisoners in European countries by the CIA, will seek testimony from member states’ intelligence services, elected politicians and senior officials.

Its remit is to examine national laws regulating surveillance, and whether Pegasus spyware was used for political purposes against journalists, politicians and lawyers.

“The use of this spyware by the authorities of the member states must be clarified and the responsibilities must be established,” the coordinator for the Greens, MEP Saskia Bricmont, told EURACTIV.

For Bricmont, the Pegasus scandal raises a rule of law and fundamental rights issue in the EU, and she noted that although MEPs cannot constrain the member states directly, their role is “to exert political pressure, raise public awareness and stand strong on the role of the European Parliament as a defender of fundamental rights.”

Poland and Hungary have acknowledged in the past they have been NSO Group’s clients.

France denied talks to buy Israeli Pegasus spyware after the MIT Technology Review reported that the talks between Paris and the Israeli company reportedly had broken down after revelations in July identified Emmanuel Macron as one of the software’s many targets.

Polish government accused of illegal purchase of Pegasus software

The government’s use of €5.4 million of court funds to buy the Israeli Pegasus software to investigate a person suspected of criminal activity was unlawful, claims leading Gazeta Wyborcza daily.

The revelations cast new light on the recent information that the Central Anti-Corruption …

Among those targeted were Catalonia’s regional leader, Pere Aragonès, former leader Quim Torra and Catalan activist Jordi Sànchez, who was persistently targeted with Pegasus from as early as September 2015 to July 2020, according to the human rights group.

“It’s an unjustifiable disgrace, (…)  An extremely serious attack on fundamental rights and democracy,” Aragonès tweeted.

Amnesty International’s Technology and Human Rights researcher, Likhita Banerji, said in a statement that “the Spanish government needs to come clean over whether or not it is a customer of NSO Group.”

“It must also conduct a thorough, independent investigation into the use of Pegasus spyware against the Catalans identified in this investigation.”

“We urge the European Parliament Committee of Inquiry to leave no stone unturned when documenting the human rights violations enabled by unlawful spyware, including by investigating these new revelations,” Banerji said.

Also reported on Monday, the UK Prime Minister Boris Johnson’s office and the foreign office were targeted by the Pegasus spyware. The attempts to infect Downing Street are thought to have been made by operators in the United Arab Emirates, although it is unclear whether any data had been stolen.

Last July, French President Emmanuel Macron was among a group of 14 heads of state and government targeted for surveillance using Pegasus spyware. European Council President Charles Michel was also on the list of leaders under surveillance.

The Israeli technology firm, NSO Group, which produced the Pegasus spyware has always defended its use, saying it is only sold to selected governments for legitimate law enforcement and intelligence purposes.

It has denied that its systems were used to infect the UK prime minister’s office or foreign office and denied the accusations related to the Catalan politicians.

“NSO continues to be targeted by a number of politically motivated advocacy organizations, like Citizens Labs and Amnesty, to produce inaccurate and unsubstantiated reports based on vague and incomplete information,” an NSO spokesperson said.

Last year, the US administration placed NSO on a US blacklist on the grounds that it had sold surveillance spyware to foreign governments that had used it for “transnational repression”.

*Mathieu Pollet contributed reporting to this story

[Edited by Zoran Radosavljevic/Luca Bertuzzi]

EU Parliament to launch investigative committee on Pegasus spyware

The launch of a committee to investigate the use of Pegasus spyware within the EU has been agreed to and is expected to be approved for action by the Parliament next week.

Subscribe to our newsletters