A new report by ZEIT Online claims that the German Federal Criminal Police Office (BKA) has purchased the malicious spyware Pegasus by NSO, an Israeli-based company. The spyware was bought in 2019 under “the greatest of secrecy in order to monitor suspects.” The Interior Committee of the German Bundestag was informed of the purchase by the Federal government on Tuesday, September 7, 2021.
This news comes as surprise because recently, German journalists and the government raised privacy concerns over Apple’s CSAM detection, new child protection, feature. Journalists argued that the new scanning system can be exploited by miscreants or governments to monitor journalists, activists, and rival politicians and suppress their voices of dissidents. The Chairman of the Digital Agenda committee in Germany even wrote a letter to Apple’s CEO Tim Cook, asking him to “crush” the launch of the Child Sexual Abuse Material (CSAM) detection feature over fears that the scanning capability “could undermine secure and confidential communication and would turn the internet into a surveillance tool.” and ironically, the German BKA has been doing that for past two years.
In 2019, the German Federal Criminal Police Office bought NSO spyware Pegasus to monitor suspects
The report details that the BKA went to NSO after it has failed to develop efficient in-house spyware to hack iPhones and Android smartphones. And has revealed the acquisition of Pegasus after multiple requests from the federal government.
The federal government has already been explicitly asked three times whether federal authorities use NSO software, in 2019 by the left-wing MP Martina Renner, the following year by the German Association of Journalists and this year in a small question from the parliamentary group of the Greens. In all cases the Ministry of the Interior replied that no information was given on this question. In Renner’s case, it was said that the parliamentary right of members of the Bundestag to obtain information had to take a back seat to the “interests of secrecy based on the interests of the state”.
As Pegasus uses zero-click exploit to take control of the victims’ devices to record their conversation, text messages, track their location, and more, the spyware’s capabilities violate the German laws. Although, the German officials claim that only those features of spyware that are in line with the requirements of the Federal Constitutional Court, they have failed to provide any transparency in how the spyware is used and against whom.
How exactly this can be ensured is just as unclear as the question of whether, how often and against whom Pegasus has been used so far. The BKA and the Federal Ministry of the Interior refuse to comment on this.
Pegasus has been used by countries like India, Saudia Arabia, Rwanda, Togo, Spain, the United Arab Emirates, and others to monitor individuals and subject them to State violence like arrests, harassment, and even murder. The spyware was also allegedly used in the brutal murder of Saudi journalist Jamal Khashoggi in Turkey. Over 50,000 journalists have been victims of NSO spyware.