PARIS: The Israeli company at the heart of the Pegasus surveillance scandal on Oct 5 said it would support international regulation to prevent repressive governments from abusing powerful spyware like its own.
In a letter to the United Nations, seen by AFP, the NSO Group expressed “strong support for the creation of an international legal framework” to govern technology that allows for highly invasive snooping on people’s mobile phones.
NSO was engulfed in controversy in July over reports that tens of thousands of human rights activists, journalists, politicians and business executives worldwide were listed as potential targets of its Pegasus software.
Smartphones infected with Pegasus are essentially turned into pocket spying devices, allowing the user to read the target’s messages, look through their photos, track their location and even turn on their camera without them knowing.
NSO said in the letter that it took the allegations made by international media outlets “extremely seriously” and that it had launched an immediate investigation after the scandal blew up in July.
“Any accusation that Pegasus has been misused by a State or State agency to target any journalist, human rights defender or political leader in violation of their human rights is naturally very concerning,” the company’s chairman Asher Levy wrote.
NSO has faced a torrent of criticism over the use of its software, but it insists Pegasus is intended to help governments fight crime and terrorism – and that it has been used many times to do so.
“How can governments catch paedophiles and prevent terrorist attacks without these kinds of tools? There is no way,” a source close to the company told AFP.
The source said the company vets potential clients over ethical concerns, and had turned down business worth “hundreds of millions of dollars” from 55 countries.
NSO has also “previously terminated customer relationships as a result of our human rights investigations”, Levy wrote in the letter.
A second source close the company acknowledged, however, that NSO has a limited ability to ensure that its software is not used for nefarious purposes by the governments that have bought it.
“Sitting over the shoulder of a customer and seeing who they’re targeting is something that we cannot do,” the source said.
The company’s letter to the UN, dated Sept 30, came in response to a call in August from human rights experts at the world body for a moratorium on such digital surveillance technology until regulation is put on place.
NSO suggested the UN would be well-placed to lead the process of setting up international rules to better regulate the off-the-shelf surveillance sector, which has boomed in recent years.
The company would be “a constructive participant if given the opportunity”, the letter said.
Critics say the widespread availability of software like Pegasus now allows even cash-strapped authoritarian governments to effectively purchase their own answer to the United States’ National Security Agency, with highly invasive surveillance powers.
While companies offering such technology have sprung up around the world, several have been founded in Israel, drawing recruits from the military intelligence elite.
NSO suggested in its letter that companies in the sector should be forced to have human rights compliance systems in place.
The UN could offer guidance on “which states to consider as not having an acceptable track record of respecting international human rights”, it added.
NSO continues to reject the media reports that rocked governments around the world in July, saying they were plagued by “serious shortcomings and material inaccuracies”.
“The number of purported targets – or possible targets – is entirely implausible based on the number of licences actually granted by NSO,” it said in the letter.
Shockwaves from the scandal continue to reverberate several months on.
In mid-September, Apple users were urged to update their devices after researchers discovered a major software flaw that allowed Pegasus to be installed on iPhones and iPads without the user even needing to click a button. – AFP