21. September 2022

Mission to Poland (19-21 September)

19 September:

  • 14:30-16:00: Polish Senate extraordinary Committee on Pegasus, meeting with Marcin Bosacki, Chairman of the Senate extraordinary Committee and committee members
  • 16:30 – 18:00 Meeting with Members of the Sejm with the Civic Coalition Club and the Left Coalition Club

20 September:

  • 8:30-10:00: Poland’s Supreme Audit Office, meeting with Janusz Pawelczyk and Marcin Marjański, advisors to President Marian Banaś
  • 10:30-12:00: Meeting with General Piotr Pytel
  • 13:30-15:00: Meeting with victims: Andrzej Malinowski, former president of the Employers of Poland organization; Krzysztof Brejza, chief of staff in the election campaign in 2019; Michał Kołodziejczak, political activist; Ewa Wrzosek, Prosecutor.
  • 15:15-16:45: Ombudsman, meeting with Valeri Vachev, Deputy Commissioner for Human Rights and Mirosław Wróblewski, Director of Constitutional, International and European Law Department
  • 17:00-18:30: Meeting with Judges Piotr Gąciarek, Dariusz Mazur, Krystian Markiewicz, Katarzyna Kwiatkowska on the judicial oversight of the use of Pegasus and similar spyware by state authorities.

21 September:

  • 08:00- 9:30: Meeting with experts on security services: Piotr Niemczyk, former director in Office of State Protection; Jacek Mąka, former colonel and former deputy Chief of Counterintelligence Service; Józef Polikowski, Stratpoints foundation.
  • 9:45- 11:15: Meeting with authors of the study „How to saddle Pegasus“: Jacek Cichocki, former Special Services Coordinator; Adam Rapacki, retired Police General; Wojciech Klicki, the Panoptykon Foundation.
  • 11:30-13:00: Meeting with civil society/human rights defenders/journalists: Ewa Siedlecka, journalist at Polityka; Marcin Wolny, Helsinki Foundation for Human Rights; Sylwia Czubkowska, Spidersweb.

The MPs also wanted to meet with the Ministry of the Interior and the Ministry of Justice, but this was refused.… Weiterlesen

8. September 2022

The use of spyware in Greece (8 September 2022)

Panel 1

Panel 2

  • Athanasios Staveris, Secretary General of Telecoms and Post, Greek Ministry of Digital Governance
  • Panos Alexandris, Secretary General of Justice & Human Rights, Greek Ministry of Justice
  • Christos Rammos, President, The Hellenic Authority for Communication Security and Privacy (ADAE)

Thanasis Koukakis explains his two bugging cases in Greek. First, the Financial Times reported how the newspaper’s journalist Kerin Hope was wiretapped. In 2019, the government had changed the penal code so that prosecution of a crime does not immediately follow when financial crimes are discovered, Koukakis and others had been reporting on, and subsequently uncovering further misconduct. In July 2020, after he became suspicious, he was finally informed that the Greek secret service was intercepting him, and in August he received a transcript of his intercepted conversations. He made the request to the competent independent authority; the day after, the wiretapping was immediately stopped. Subsequently, the government introduced a bill that this agency may no longer inform those affected, such as Koukakis, upon their request; the bill passed.

On 12 July 2021, he received a manipulated link to a business website, as a result of which his mobile phone was infected with the Predator Trojan, as confirmed by Citizen Lab. The government initially denied that they were using Predator at all. Koukakis worked for the French news agency AFP, among others, which is why the government in Paris asked Athens for details after the espionage was discovered. Athens, however, denied the wiretapping measures. It is thanks to the EP PEGA committee that the matter made waves in the first place, and Koukakis is not an isolated case, as MEP Nikos Androulakis was also intercepted accordingly. Koukakis has … Weiterlesen

30. August 2022

Interview with Edin Omanovic (Privacy International)

The different types of surveillance technologies need to be regulated differently, you said in the hearing 21 June, but how specifically is that going to be implemented?

While the European Parliament’s inquiry was spurred by revelations concerning the use of Pegasus spyware, for its final report to have a substantial impact it’s important that it addresses the full scope of technologies that are on the market. This includes spyware used to target devices similar to Pegasus, but also concerns technology for things like intercepting mobile communications, tapping phone networks, conducting forensics on devices, monitoring internet traffic at a network level, conducting facial recognition, or tracking people’s location; all of these can present clear threats to the privacy and other rights of people around the world similar to Pegasus, including in Europe.

There is no one law that can begin to regulate this full spectrum because of the different ways they work and the different threats they pose; while some techniques like the use of mass, untargeted surveillance or live facial recognition in public spaces present such grave risks that it calls for a ban, others like systems that tap specific conversations could be lawful if there are sufficient protections in place. And while some could be better regulated through things like technical standards, codes of conduct, or export restrictions, others can not.

The principles of international law are still the best guide we have for determining what should and shouldn’t be acceptable in a democracy and what kind of protections need to be in place. Privacy International also has a guide on interpreting the many judgments, resolutions, and reports on international law and surveillance, available here, and a study on the protections that would be required for the lawful use of spyware of the type sold by NSO … Weiterlesen

22. August 2022

Interview with Ben Wagner (TU Delft)

Dear Ben, in the Pegasus Committee of Inquiry, you pointed out in the hearing 21 June that ten years earlier you had also spoken in the EU Parliament about a report on surveillance. What exactly was that about?

My previous report 10 years ago in 2012 to the EU Parliament DROI (the human rights subcommittee of the foreign affairs committee) was about the ways to deal with European technology supporting authoritarian states repress their citizens in the Middle East after the Arab Spring. We discussed many different policy responses to this challenge including export controls and ways that Europe can create different technological ecosystems.

Your reference to the 10-year-old EP study was probably made because of continuities with today. Where do you see these?

As I mentioned during the hearing, the unwillingness to sufficiently respond to the needs of surveillance victims outside of Europe, has contributed to a market for surveillance inside of Europe. In terms of continuity, there has been a high degree of turnover among the companies doing surveillance, so lots of change in the relevant actors. A high degree of the regulatory and oversight burden is taken on by civil society and journalists, which suggests much is still to be done by government actors.

More broadly speaking, many of the measures suggested then, investing in decentralised human-rights based communications infrastructure, robust oversight and meaningful accountability. There is still much work to be done.… Weiterlesen

1. August 2022

Interview with Mona Shtaya (Arab Center for Social Media Advancement, 7amleh)

Dear Mona, in the Committee of Inquiry to investigate the use of Pegasus and equivalent surveillance spyware, you reported on 12 July that Palestinians are affected by numerous surveillance technologies. What are they, for example?

Palestinians are subjected to a multi-layered surveillance system. According to the Oslo accords, the Israeli authorities control the information and communication technology (ICT) infrastructure in the Occupied Palestinian Territory. This system impedes and deprives Palestinians of accessing a safe, affordable and high-quality Internet.

As for surveillance technologies, there is e.g. CCTV. Cameras are put to securitize and militarize the public urban places. Also, over the past two years, ground-breaking investigations and reports show other forms of how Israel is developing and testing its surveillance techniques on Palestinians, one of those initiatives is the system Blue Wolf, which was developed when the whole world was immersed in the fight against the pandemic. It started in Hebron, and was used all over the West Bank after that. It is a smart phone app powered by a massive database of Palestinians’ personal information. It draws from a larger database called the „Wolf Pack”, which seeks to profile every Palestinian living in the West Bank without consent or permit. Each profile contains photographs, a family history, and educational background, as well as a security rating. Earlier this year, a new report showed that Israeli soldiers are ordered to enter the photos and details of at least 50 Palestinians into the Israeli force’s „Blue Wolf“ tracking system over the course of each shift. Soldiers who fail to make the quota are forced to remain on duty until they do.… Weiterlesen

20. Juli 2022

Mission to Israel (18-20 July 2022)

19th July:

  • 9:00-10:00: Ministry of Foreign Affairs, meeting with Mrs Michal Weiler-Tal, Director of department for export control, and Mr Assaf Moran, Director of Department
  • 10:30-12:00: Mossi Raz, Knesset (Meretz)
  • 17:00-18:00: Gabi Siboni, Head of the Military and Strategic Affairs Program and Cyber Security Program at the Israeli Institute for National Securities Studies (INSS) and editor of the newspaper “Cyber, Intelligence and Security”
  • 18:00-20:00: exchange of views with academics and civil society/human rights defenders, in presence of the EU Mission Ambassador in Israel: Dr. Tehilla Shwartz Altshuler, Senior Fellow. Head, Democracy in the Information Age Program, The Israel Democracy Institute; Professor Anat Ben David, Open University, expert on digital rights and surveillance, founder of Israeli organisation Privacy Israel; Dr. Natalie Davidson, Buchmann Faculty of Law Tel Aviv University; Dr. Tamar Megiddo, Israeli researcher

20th of July:

  • 10:30-12:00 NSO, meeting with Shalev Hulio, CEO; Chaim Gelfand, General Counsel and Chief Compliance Officer of NSO