Use of the NSO’s Spyware Program Pegasus by the GSS
2021 November 8
Dr. Avichai Mandelblit
To whom it may concern,
On November 8, 2021, various media outlets reported that an inspection conducted on the phones of activists from human rights and civil society organizations in the Occupied Territories, revealed that the Israeli company NSO Group’s Pegasus spyware had been installed on these phones. One of them is a field worker for the human rights organization Al-Haq, the second is a lawyer and field worker for the organization Addameer, which addresses Palestinian prisoners’ rights, and the third is the director of the Bisan Center for Research and Development. Declaring these organizations terrorist groups was done on the basis of confidential materials without the presentation of evidence, which received sweeping condemnation in Israel and abroad, and the declaration is also likely to be investigated in court.
The technological inspection of the phones was conducted by the organization Front Line Defenders, and the results of the inspection were submitted for further external testing by the University of Toronto’s Citizen Lab, and Amnesty International’s Security Lab. The latter confirmed the validity of the aforementioned in a report on its findings. https://www.frontlinedefenders.org/en/statement-report/statement-targeting-palestinian-hrds-pegasus
NSO's Pegasus spyware is malicious software (malware) that takes advantage of mobile phone security vulnerabilities to gain control over someone’s phone and control it entirely remotely, without the individual’s knowledge and consent. To the best of our knowledge, the takeover enables searching through correspondence, emails, photos, and even remote control of components of the phone such as its camera and speaker, even enabling messages to be sent from the device.
If the GSS or another government entity is a customer of the NSO and executed the hacking of these phones, it entails crossing a red line. This is an illegal and unacceptable act.
In the occupied territories, state, military, and GSS officials are subject to international law and Israeli public law. They have general authority to maintain security and public order, yet this authority must be exercised while upholding human rights and principles of proportionality. International human rights conventions also apply in the occupied territories, as the International Court of Justice ruled in 2004 regarding the separation barrier.
Tracking human rights activists is particularly grave, and violates several basic human rights, including freedom of association and freedom of expression. It is also grave when conducted through wiretapping or tracking data and is far more severe when executed through malware like Pegasus.
Pegasus software does not stand the test of proportionality, as it enables the collection of excessively broad information and an extreme violation of privacy, not only of the person being tracked but also of many others in contact with them. Wiretapping is perceived as a problematic means of surveillance that must be reserved for extremely exceptional circumstances, yet the scope of Pegasus’ invasiveness makes even eavesdropping pale in comparison. Pegasus enables tracing of the contents of the device owner’s calls in the past, along with irrelevant matters. It allows for the breach of personal photos contained in the device, correspondences conducted with personal lawyers or physicians, and it remains in question as to whether it allows full control of the device's content, including sending or deleting messages, thus enabling incriminating evidence to be planted, or the erasure of exculpatory evidence.
The software also severely harms third parties, as it exposes correspondence and images sent by others, and in the case of activists in human rights organizations and lawyers, it is also severely harmful to clients granted confidentiality; victims who revealed their issues to organizational employees; other employees of the human rights organization; or other human rights organizations, including Israelis, who maintain working relationships and private conversations with those same employees whose phones have been hacked; and other agents such as diplomats and journalists who maintain ongoing working relationships with human rights defenders.
The capacity to gain command of the phones of lawyers and activists in human rights organizations, causes grave harm to these organizations’ activities, and the severe chilling effect on the activists of the organizations and people in need of their help, who will be wary of contacting them.
Thus, the use of malware such as Pegasus, which is disproportionate by definition, should be reserved – if used at all – for exceptional and extreme cases that are difficult to conceive of, as a definitive last resort to prevent a clear and immediate security threat, under close supervision of the Attorney General. The software must not be used whatsoever beyond those extreme cases.
It has recently been reported that the US Department of the Treasury has declared the NSO a body that acts against the interests of the US administration, due to the use of its software to spy on dissidents and human rights activists. It is assumed that such use is made by totalitarian regimes and is contrary to democracy’s most basic principles.
It is difficult not to suspect that the fact that Palestinian human rights organizations operate in the international arena to expose Israel’s human rights violations, and against the ongoing Israeli occupation, is what led to the extreme measures taken against these organizations, and if use of Pegasus software is indeed permitted, then the matter requires thorough internal examination. It seems that ulterior motives completely disrupted discretion in this case.
Considering the above, we request that you order the immediate cessation of the use of the Pegasus program in the occupied territories at large, and particularly against activists of social change organizations and human rights defenders.
Attorney Roni Pelli and Attorney Gil Gan-Mor