Israel’s Defense Ministry said if it finds that the NSO Group violated the terms of its export licenses, it will “take appropriate action,” after an international investigation claimed that the company’s cyber surveillance products were used by governments around the world to track political dissidents and journalists, some of whom were killed.
In a statement, the ministry said that Israel only permits companies to export cyber security products to “government figures only for legal purposes and to prevent and investigate crimes and to combat terrorism. And this is dependent upon commitments regarding the end use/user from the purchasing country, which must abide by these conditions.”
The ministry refused to say if it will investigate the claims, which were published this week by the Washington Post, Le Monde, Die Zeit, the Guardian, Haaretz, PBS Frontline and other international news outlets that collaborated on the investigation into a data leak of more than 50,000 cellphone numbers obtained by the Paris-based journalism nonprofit Forbidden Stories, and Amnesty International, and shared with 17 news organizations.
“If it is found that there was use [of NSO Group’s products] in violation of the conditions of the license or in violation of the statements from the purchasing countries, we will take appropriate action,” the ministry said.
“It is important to note that the State of Israel does not have access to the information collected by the NSO Group’s customers,” it added.
The reporting focused on Pegasus, a spyware tool sold by NSO that it says is being used by dozens of governmental clients.
The software installs itself on a phone without requiring users to click a link, and gives the hacker complete access to the entire contents of the phone, as well as the ability to use its cameras and microphone undetected.
The analysis carried out on a leaked list of 50,000 phone numbers found that the list included people targeted by the governments of Azerbaijan, Bahrain, Kazakhstan, Mexico, Morocco, Rwanda, Saudi Arabia, Hungary, India, and the United Arab Emirates.
NSO refuses to reveal which countries have purchased the software, and it denied the majority of the claims made in the reporting.
NSO “firmly denies false claims made in your report which many of them are uncorroborated theories that raise serious doubts about the reliability of your sources, as well as the basis of your story,” the organization told the journalists involved in the project in an email.
Following the reports, NSO group faced a massive backlash from international organizations and governments, as well as large corporations.
Amazon Web Services, which provides servers to the company, shut down its infrastructure in light of the investigation.
“When we learned of this activity, we acted quickly to shut down the relevant infrastructure and accounts,” an AWS spokesperson told Vice News on Monday.
The head of the United Nations High Commissioner for Human Rights Michelle Bachelet said the findings of the investigation, dubbed the Pegasus Project, were “extremely alarming” and “seem to confirm some of the worst fears about the potential misuse of surveillance technology.”
“Use of surveillance software has been linked to arrest, intimidation and even killings of journalists and human rights defenders,” she said, also warning that broad use of such technologies could lead to self-censorship.
Bachelet called on companies involved in developing and distributing surveillance technologies to ensure their products were not used to violate human rights. And she said states should halt surveillance that violates human rights and protect individuals from companies abusing their right to privacy, including by regulating spying technology.
Under a 2007 Israeli law, companies looking to sell cyber security-related products must receive export licenses from the Defense Ministry’s Defense Export Controls Agency, based on the Wassenaar Arrangement and “additional factors,” the ministry said.
The Wassenaar Arrangement on Export Controls for Conventional Arms and Dual-Use Goods and Technologies is a non-legally binding, multinational agreement regarding arms sales, mostly dealing with transparency in defense exports rather than actively limiting them in cases of abuse. Israel is not a signatory to the agreement but says it follows its statutes.
“Decisions regarding the oversight policy take into account defense, diplomatic and strategic considerations and notably the adherence to international accords,” the ministry said.
Israeli governments — both left- and right-wing — have long faced criticism for providing weaponry to human rights violators.
Israel sold weapons to South Africa throughout the apartheid era, to Guatemala during its 36-year civil war in which the military allegedly carried out a genocide against the native Mayan population, and to Iran in the 1980s for its brutal war against Iraq.
Israel is also believed to have sold weaponry to Rwanda and Bosnia during their genocides in the 1990s.
Attempts to require the state to release records of these alleged arms sales have repeatedly been blocked by Israeli courts on the grounds that doing so could damage the country’s foreign policies.
Source: Judah Ari Gross – TOI and AFP