A private company’s software is used for snooping in on peoples’ phones. An Israeli corporation called The NSO Group has developed a military-grade code project called Pegasus, which appears to have spread its tentacles into 50,000 phones according to journalists.
Across oceans and geopolitical country boundaries, teams of journalists are reporting how deep and wide the undercover spyware is being employed to snoop on people.
Our cellphones have functions that are used by law enforcement officers for evidence in criminal cases and to track missing persons. It takes software or an app to access that information.
NSO has issued a statement saying New York Times journalist Jamal Kashoggi’s phone wasn’t infected with the software, but before he was executed by Saudi authorities at the Saudi consulate in Istanbul, Kashoggi thought his phone was being used to track him. His family members also thought he was being surveilled.
It is one thing for authorities to have access to private individuals’ phones. Some countries have strict limits on information that can be accessed. In some instances, surveillance of this type can be used in court as criminal evidence. In the U.S., some judges such as those on the FISA Court can authorize surveillance. In the U.S. at least, our privacy is protected by laws strictly limiting when and how our phone contents can be snooped. But hacks have been found in phones from many continents, some of which have U.S. connections. And hacks have few jurisdictional barriers.
At this point, it is unclear if these are exclusively state actors spying from within their cybersecurity units, or whether some of the surveillance is being conducted by government contractors, oligarchs, or mercenaries. We don’t know what all the spyware is finding and who is using it. But we know NSO’s Pegasus can break into anyone’s phone and turn on the microphone and camera, access calls, contacts, messages and the info the phone has received from others.
A simple example of hacking might be when you receive a G-mail message saying someone tried to access your account, and you know it was not you. (You might get an email like that if you accessed your e-mail from someone else’s computer.) Gone are the days when a phone owner has to click on a specious request to open the door for a hacker using sophisticated software. Amnesty International is helping high-profile whistleblowers to discover whether their phones are being silently snooped from the inside, with no notice and no personally-accessible proof about that.
Pegasus Project news organizations have found snoop targets in over 50 countries. Journalists don’t typically need a privacy level equivalent to that of a diplomat. But they are our eyes and ears worldwide, monitoring repressive regimes and exposing the truth. Journalists expose corrupt government officials who reward their allies while targeting challengers to their power.
Reliable evidence is that Pegasus software has been snooping on political foes, scholars, reporters, human rights organizations, doctors, diplomats, heads of state, and foreign officials. “Home Location Register” data on Androids and iPhones disclose information about the account owner’s electronic address, used to detect when the phone is on and signaling—two conditions hackers need to "go in" to the phone.
I grew up thinking the dividing line between personal privacy and public security ran through the vicinity of, “Don’t do anything illegal and you won’t have to worry about it.” I think we need global cooperation to quell evil-doers and global standards to restrict monitoring citizens, with clear global laws to punish surveillance that violates privacy rights.
In Greek mythology, Pegasus was the flying horse spawned from the snake-tentacled Medusa. But in Manga, Pegasus received a Millennium Eye in place of his own eye. It gave him the power to read minds and trap souls.
Kathy Tibbits is a Cherokee citizen, attorney and artist living at Lake Tenkiller.