Pegasus: MEPs grilled NSO Group representatives about spyware abuse allegations
On Tuesday, the EP inquiry committee investigating the use of Pegasus and other spyware heard from representatives of NSO Group, the supplier of the Pegasus spyware.
NSO Group General Counsel and Chief Compliance Officer Chaim Gelfand emphasized the company’s willingness to co-operate with the committee of inquiry. According to Mr Gelfand, Pegasus is not a mass surveillance tool, but instead targeted to specific individuals under suspicion, similarly to wire-tapping. He also stated that Pegasus cannot impersonate a victim, and that data about its use is retained in an audit trail that the company can access when investigating allegations of misuse. He stressed that the Israeli government has to approve Pegasus export licenses, and that the industry would welcome additional regulation to establish clear rules for spyware.
MEPs asked about cases where European governments have admitted to using Pegasus on citizens, for example discoveries of the spyware on the phones of Polish opposition politicians. They also raised the use of Pegasus in Hungary to target journalists and politicians, and reports of private companies using the software in Poland. MEPs wanted to know more about the scoring system used to rate countries on their suitability as customers of NSO products, including the scores of EU member states, and whether these impact the sale prices of the software. MEPs also questioned how NSO defines a “credible” report that warrants further investigation. Reacting to NSO Group’s description of Pegasus as a tool to fight crime, MEPs requested details on how many crimes have been prevented and how many lives saved through the use of Pegasus.
According to Mr Gelfand, where a customer has used Pegasus for purposes other than fighting serious crime and terrorism, the company cancels their licenses. NSO has determined that Pegasus was not used on French President Emmanuel Macron or murdered Saudi journalist Jamal Khashoggi. The company gathers information about suspected misuse through the whistle-blowing capability on its website, and third-parties are only involved in commercial aspects of the software sale, he assured. According to him, the company has completed dozens of investigations into the legitimacy of the use of Pegasus. It has also terminated more than eight customer contracts, including one or more contracts in European countries, and some of them after recent media revelations about Pegasus, said Gelfand.
You can watch a recording of the discussion here.
Taking stock of current spyware options
After the discussion, MEPs heard from guest experts who spoke about the current slate of spyware providers and options, highlighted possible policy responses and offered their views on NSO Group’s statements. The guests were:
- Edin Omanovic, Advocacy Director, Privacy International
- Stephanie Kirchgaessner, investigative journalist, the Guardian
- Ben Wagner, Assistant Professor at the Faculty of Technology, Policy and Management, TU Delft
You can re-watch the discussion here, and see more information about the committee meeting here.
Contacts:
-
Janne OJAMO
Press Officer