The European Data Protection Supervisor calls for the NSO Group’s Pegasus spyware and similar software to be banned in Europe. The European Parliament already started an investigation into the spy software last week.
The EDPS writes in a report that advanced spyware like Pegasus has the potential to cause ‘unprecedented risks and damage’ to democracy and people’s fundamental rights, especially the right to privacy. Banning the development and deployment of spyware with Pegasus capabilities in the EU would be the most effective option to protect our fundamental rights and freedoms, the EDPS said.
Among other things, the regulator argues in favor of including the import of such spyware in the trade agreement for dual-use goods, which already includes export controls on ‘cyber surveillance goods’. The EDPS also says that governments that deploy advanced spyware anyway, for example to ‘prevent serious threats’, should take several steps. For example, the ‘democratic supervision’ of the use of surveillance software must be strengthened and European privacy rules must be applied.
The NSO Group’s spyware has been under fire for some time. In recent months, more and more news has come out about the alleged use of the controversial software. The espionage software would have been used, among other things, to intercept journalists and human rights activists worldwide, several media organizations discovered last year in collaboration with Amnesty International and Forbidden Stories.
The US blacklisted the NSO Group last year for “malicious cyber activities” and Israel restricted spyware exports after criticizing the NSO Group. Last week, the European Parliament launched an inquiry into Pegasus. It will investigate to what extent the spyware has been used against activists and politicians and to what extent the reports of abuse of Pegasus are correct. If necessary, the EU can impose sanctions or a ban. The EDPS does not have that power, although the opinions can influence the decisions of European administrative bodies.