{"id":283711,"date":"2024-12-30T12:00:16","date_gmt":"2024-12-30T12:00:16","guid":{"rendered":"https:\/\/www.transcend.org\/tms\/?p=283711"},"modified":"2024-12-27T05:03:12","modified_gmt":"2024-12-27T05:03:12","slug":"catching-pegasus-mercenary-spyware-and-the-liability-of-the-nso-group","status":"publish","type":"post","link":"https:\/\/www.transcend.org\/tms\/2024\/12\/catching-pegasus-mercenary-spyware-and-the-liability-of-the-nso-group\/","title":{"rendered":"Catching Pegasus: Mercenary Spyware and the Liability of the NSO Group"},"content":{"rendered":"

\"\"<\/a><\/p>\n

24 Dec 2024 <\/em>– The NSO Group, Israel\u2019s darling of malware infection and surveillance for the global security market,\u00a0was the brainchild<\/a>\u00a0of three engineers drawn from that busiest of cyber outfits in the Israeli Defense Forces known as Unit 8200.\u00a0\u00a0Niv Carmi, Shalev Hulio and Omri Lavie, have certainly made an impression since they founded their technology company in 2010.<\/p>\n

The unmistakable impression from the group is its dazzling amorality.\u00a0\u00a0There is literally no government it will not add to its lists for supply, no wallet it will not empty with satisfaction.\u00a0\u00a0The jewel in the supply chain has, for the most part, been its Pegasus spyware, which NSO\u00a0claims<\/a>\u00a0is used exclusively to \u201cinvestigate terrorism and crime\u201d.<\/p>\n

Despite such a lofty assertion, this dainty infectious number has found its way into the surveillance armoury of various states and clients who regard human rights defenders, journalists and dissidents as worthy of targeting.\u00a0\u00a0Most notoriously, it was taken up by the Kingdom of Saudi Arabia, which used it to\u00a0eavesdrop on calls<\/a>\u00a0between the late dissident Saudi journalist Jamal Khashoggi and Omar Abdulaziz, another figure who had earned the ire of the Kingdom.\u00a0\u00a0In October 2018, Khashoggi blithely walked into the Saudi consulate in Istanbul, only to be carved up by a death squad on the orders of Saudi Arabia\u2019s Crown Prince Mohammed bin Salman.\u00a0\u00a0Abdulaziz subsequently gathered a legal team\u00a0claiming<\/a>\u00a0that the hacking of his phone \u201ccontributed in a significant manner to the decision to murder Mr Khashoggi.\u201d<\/p>\n

In July 2021, the\u00a0Pegasus Project<\/a>, a collaborative effort involving over 80 journalists from 17 media organisations and civil society groups steered by Forbidden Stories with technical assistance from Amnesty International\u2019s Security Lab, displayed much of the dirty laundry of NSO.\u00a0\u00a0Some 50,000 phone numbers deemed interesting to various governments had appeared on a list of hackable targets.\u00a0\u00a0Pegasus had been the key to open the lock.<\/p>\n

On December 20, the most significant\u00a0legal<\/a>\u00a0decision\u00a0to date regarding NSO\u2019s conduct was handed down by Senior District Judge Phyllis J. Hamilton of the US District Court for the Northern District of California.\u00a0\u00a0Her judgment concerned WhatsApp\u2019s legal suit filed in 2019 against the NSO Group, alleging that Pegasus had been installed on approximately 1,400 mobile phones and devices owned by journalists, activists and diplomats to conduct surveillance upon them.\u00a0\u00a0In so doing, WhatsApp alleged that NSO had breached both the federal Computer Fraud and Abuse Act and California\u2019s Comprehensive Computer Data Access and Fraud Act.\u00a0\u00a0After five years, the case took an interesting turn with a move by WhatsApp to seek partial summary judgment.<\/p>\n

Throughout the case, the District Judge was clearly unimpressed with NSO\u2019s slippery conduct.\u00a0\u00a0\u201cOverall, the court concludes that defendants have repeatedly failed to produce relevant discovery and failed to obey court orders regarding such discovery.\u201d\u00a0\u00a0Throughout, the Israeli company refused to produce the Pegasus code, their golden goose.\u00a0\u00a0Then came\u00a0a grudging disclosure<\/a>\u00a0of the installation level of the code.\u00a0\u00a0Unsatisfied by this incomplete picture, the judge asked for full disclosure.<\/p>\n

NSO did so, but only in Israel.\u00a0\u00a0This hobbled matters: Israeli law prevented the production of the source code, making it inaccessible to the plaintiff\u2019s lawyers or any US court.\u00a0\u00a0With audacity, not to mention parochial extravagance, the company\u00a0insisted<\/a>\u00a0that WhatsApp and the court might engage Israeli counsel to view the code, or pursue an Israeli government export license to use the code in the US.\u00a0\u00a0Judge Hamilton fumed at the sheer impracticality of it all, while NSO legal representative Aaron Craigh of King & Spalding\u00a0submitted<\/a>\u00a0that his clients had been \u201ccompliant\u201d with the court order.<\/p>\n

The judge made short work of claims that the NSO Group was not subject to the court\u2019s reach, as \u201cthe evidentiary record supports the conclusion that [the] defendants are subject to personal jurisdiction in this district.\u201d\u00a0\u00a0She also took note of the full acknowledgment by NSO \u201cthat the WIS (\u2018Whatsapp Installation Server\u2019 \u2013 a modified variant of WhatsApp) sent messages through Whatsapp servers that caused Pegasus to be installed on target users\u2019 devices, and that the WIS was then able to obtain protected information by having it sent from the target users, through the Whatsapp servers, and back to the WIS.\u201d\u00a0\u00a0NSO had \u201ccaused digital transmissions to enter California, which constituted a violation of the law within that jurisdiction.\u201d<\/p>\n

The case put paid to NSO\u2019s previous assertions that the customer, not the creator of the spyware, was essentially responsible or \u201csovereign\u201d.\u00a0\u00a0Citing a senior executive\u2019s deposition, a\u00a0filing<\/a>\u00a0by WhatsApp notes that \u201cthe customer simply places an order for a target device\u2019s data, and NSO controls every aspect of the data retrieval and delivery process through its design of Pegasus.\u201d\u00a0\u00a0By the company\u2019s own admission, installing the spyware through WhatsApp was \u201ca matter for NSO and the system to take care of, not a matter for customers to operate.\u201d<\/p>\n

The spyware installation was accordingly found to have violated both the federal Computer Fraud and Abuse Act and the state Comprehensive Computer Data Access and Fraud Act. But US law is also keen to emphasise the scriptural sanctity of contractual obligations.\u00a0\u00a0NSO had fallen short in violating WhatsApp\u2019s terms of service by reverse-engineering and decompiling the software to develop the WIS.\u00a0\u00a0With rat-like cunning, the defendants argued that any such modifications would have taken place \u201cbefore agreeing to the terms of service.\u201d\u00a0\u00a0The judge remained unconvinced by the cheek of it all, seeing as the defendants \u201chave withheld evidence regarding their agreement to the terms of service.\u201d\u00a0\u00a0Nor could NSO \u201cmeaningfully dispute that agreeing to the terms of service was necessary to create a Whatsapp account and to use Whatsapp.\u201d\u00a0\u00a0With a breach of contract found, the issue of deciding damages will be determined at trial.<\/p>\n

In a\u00a0statement<\/a>, WhatsApp expressed some satisfaction.\u00a0\u00a0\u201cAfter five years of litigation, we\u2019re grateful for today\u2019s decision.\u201d The NSO Group could \u201cno longer avoid accountability for their unlawful attacks on WhatsApp, journalists, human rights activists and civil society.\u201d\u00a0\u00a0Senior tech legal counsel at Access Know, Natalia Krapiva,\u00a0was also jubilant<\/a>at \u201cthe first successful case against NSO Group where NSO was found liable for compromising the digital security infrastructure that millions of people rely on with Pegasus spyware.\u201d<\/p>\n

Given the brazen course of conduct by the NSO Group, what Judge Hamilton regarded as \u201cpure gamesmanship\u201d, we can expect a fight to diminish any award of damages.\u00a0\u00a0But in this woefully unregulated industry, Israel\u2019s poster child of spyware will most likely cough up and continue to make money from the pathologies of government insecurity.\u00a0\u00a0They will just have to be mindful of the US market from hereon in.<\/p>\n

______________________________________________<\/p>\n

\"\"<\/a> Dr. Binoy Kampmark was a Commonwealth Scholar at Selwyn College, Cambridge. He currently lectures at RMIT University. Email: <\/em>bkampmark@gmail.com<\/em><\/a><\/p>\n

 <\/p>\n

Go to Original – counterpunch.org<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"

24 Dec 2024 – The NSO Group, Israel\u2019s darling of malware infection and surveillance, was the brainchild of three engineers from the IDF\u2019s Unit 8200. The main feature of the group is its amorality. There is literally no rogue government it will not add to its lists for supply.<\/p>\n","protected":false},"author":4,"featured_media":235278,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[3078],"tags":[1733,88,2608,2603,2606,2159,701,1109,911],"class_list":["post-283711","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-artificial-intelligence-ai","tag-artificial-intelligence-ai","tag-israel","tag-nso","tag-pegasus","tag-pegasus-project","tag-rogue-states","tag-saudi-arabia","tag-spying","tag-surveillance"],"_links":{"self":[{"href":"https:\/\/www.transcend.org\/tms\/wp-json\/wp\/v2\/posts\/283711","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.transcend.org\/tms\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.transcend.org\/tms\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.transcend.org\/tms\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"https:\/\/www.transcend.org\/tms\/wp-json\/wp\/v2\/comments?post=283711"}],"version-history":[{"count":1,"href":"https:\/\/www.transcend.org\/tms\/wp-json\/wp\/v2\/posts\/283711\/revisions"}],"predecessor-version":[{"id":283713,"href":"https:\/\/www.transcend.org\/tms\/wp-json\/wp\/v2\/posts\/283711\/revisions\/283713"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.transcend.org\/tms\/wp-json\/wp\/v2\/media\/235278"}],"wp:attachment":[{"href":"https:\/\/www.transcend.org\/tms\/wp-json\/wp\/v2\/media?parent=283711"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.transcend.org\/tms\/wp-json\/wp\/v2\/categories?post=283711"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.transcend.org\/tms\/wp-json\/wp\/v2\/tags?post=283711"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}