Recently, the European public was shocked by the revelation about the surveillance of citizens by the Pegasus spyware. Although Europe has become the target of attacks especially in recent months, the Middle East has faced similar practices for years. However, no regulations have yet been adopted that would allow illegal surveillance to be stopped.
Pegasus spyware is a special spy software developed by the Israeli company NSO Group. The software can remotely control a mobile phone or any other network-connected device. With the help of spyware, the tracker can take control of the microphone and camera, read messages, download photos, find out the GPS location and gain access to other features of the device. All this without the owner of the device knowing about it. According to experts, it is impossible to protect against spyware, only to reduce the probability of an attack. It spreads either through messages and emails containing links and files that the person in question has to click on (phishing), or uses system errors (vulnerabilities) in devices.
Governments illegally monitor citizens
According to the official version of NSO Group, Pegasus software is offered to state governments to fight terrorism and organized crime. But investigative journalists discovered a year ago that the software was being used by governments to illegally monitor journalists, activists and political opponents. A team of journalists from Forbidden Stories, Amnesty International, the Organized Crime and Corruption Reporting Project (OCCRP) and many other media outlets and organizations have published the stories of people who have been targeted by their own or foreign governments. In total, there are 50 countries and 50,000 phone numbers. Their owners were monitored during the years 2016-2020. The company denied all the allegations and said that the list of phone numbers did not belong to it. However, experts from Amnesty International found clear signs of Pegasus software attack on the phones.
The victims of spyware are well-known figures from politics, the media and the non-governmental sector
Lama Fakih is the crisis director of Human Rights Watch (HRW) and head of their Beirut office. It is dedicated to documenting and exposing violations of human rights and serious international crimes during armed conflicts, humanitarian disasters and social or political unrest. It was her work that probably attracted the attention of several governments who are suspicious of her surveillance. According to HRW, she was monitored up to five times between April 2021 and August of the same year. In November 2021, Fakih received a message from Apple warning that her phone could be a target of attacks. HRW’s security team later confirmed the presence of the spyware.
Other victims of spyware include, for example, Hungarian journalist Szabolcs Panyi, Azerbaijani journalist Khadija Ismayilova, French President Emmanuel Macron, former British Prime Minister Boris Johnson, Moroccan King Mohammed VI, Polish opposition leaders, human rights activists from Palestine, Kazakhstan, Bahrain, Jordan and many others.
The controversy surrounding the Pegasus spyware is that governments are illegally spying on innocent citizens. The NSO Group therefore offers the software as a tool of repression not against terrorists or drug cartels, but against people who are inconvenient and dangerous for governments for certain reasons. Whether they are human rights activists or investigative journalists, the governments of individual states consider it the best option to shine a light on such “enemies”. However, they violate several rights. Among other things, the right to privacy, freedom of opinion and expression, freedom of association, the right to dignity, physical and mental integrity and many others.
From the point of view of human rights, the steps taken are insufficient
Amazon Web Services was among the first to take action. They blocked all cloud accounts associated with NSO Group. Additionally, Apple and Whatsapp are suing NSO Group for hacking their users. The United States (US) Department of Commerce has decided to place NSO Group, along with Candiru (an Israeli spyware company), on its restricted trade list. This means a ban on the export of goods from the US to NSO Group or Candira, unless the ministry grants a special license. The European Union also updated the rules related to the export of surveillance technologies last September. The amendment authorizes the European Commission to inform the public of the number of license applications for the export of each surveillance technology, including information on the member country and the country of export.
However, human rights organizations are calling for more drastic changes. They propose a global moratorium against the use of spyware. According to them, states should stop using and tolerating the use of software as a tool for repression. “Spyware is beyond what we accept in a democracy,” says Peter Micek of digital rights group Access Now.
At a time when we are all very closely connected with technology, it is more important than ever to oversee digital security. Confidential information can be misused quickly and effectively. States should therefore adopt regulations that prohibit the restriction of human rights through the use of surveillance technologies. In the “offline” world, there is a clear line of what is unjustifiable from the point of view of human rights. States should set the same limit in the online space as well. Although the online world may seem fictional and too far from reality, human rights must be respected both offline and online.