Israeli authorities say it should be probed and U.S. authorities are calling for it to be sanctioned, but EU officials have a different idea for how to handle Pegasus spyware: just ban that shit entirely.
That’s the main takeaway from a new memo released by EPDS, the Union’s dedicated data watchdog on Tuesday, noting that a full-on ban across the entire region is the only appropriate response to the “unprecedented risks” the tech poses—not only to people’s devices but “to democracy and the rule of law.”
“As the specific technical characteristics of spyware tools like Pegasus make control over their use very difficult, we have to rethink the entire existing system of safeguards established to protect our fundamental rights and freedoms,” the report reads. “Pegasus constitutes a paradigm shift in terms of access to private communications and devices. This fact makes its use incompatible with our democratic values.”
A “paradigm shift” is a good way to describe the tool, which has been used to target a mounting number of civic actors, activists, and political figures from around the globe, including some notable figures from inside the EU. This past summer, local outlets reported that French president Emmanuel Macron surfaced among the list of potential targets that foreign actors had planned to target with the software, and later reports revealed traces of the tech appearing on phones from Macron’s current staffers. Officials from other EU member states like Hungary and Spain have also reported the tech on their devices, and Poland became the latest member to join the list last month when a team of researchers found the spyware being used to surveil three outspoken critics of the Polish government.
That said, these scandals haven’t been enough to dissuade officials in some of these member states from trying the tech out for themselves. Hungarian officials admitted late last year that they bought access to the software in 2019 (though they stressed it was all used “legally”), and German police forces reportedly bought access around the same time, much to the abject horror of other branches of the German government. And aside from those confirmed customers, EPDS’s report points out that “a number of member states have at least initiated negotiations with NSO Group for the licensing of the product,” meaning that the software’s customer base is likely still growing.
As for how those customers feel about the EPDS’s suggestion to ban the spyware across the EU, look no further than a statement given to Politico on Tuesday by France’s European Affairs Minister, Clément Beaune.
“This kind of surveillance constitutes such a severe intrusion into private life that it can only be used under the strictest conditions,” he said, which sure sounds like he—and presumably other high-ranking officials across the Union—see the tech’s obvious ills as a worthy price to pay for a high-powered tool that can surveil and silence the public at will.
Thankfully, none of that is stopping European Parliament from setting up an independent committee dedicated to investigating Pegasus usage across the EU. If an outright ban won’t happen, the least we can hope for is (a bit) more scrutiny on the software.