“Mass privacy violation is nothing short of lawlessness, and it must end today,” says Israeli Interior Minister Ayelet Shaked following media reports of rampant police abuse of NSO Group’s notorious Pegasus spyware.
Israel Hayom and JNS staff via JNS
Israeli Prime Minister Naftali Bennett said on Monday that media reports regarding widespread illegal survillance of citizens by the Israel Police “would not go unanswered.”
“The things that have been published, if true, are very serious. This tool [Israel-based company NSO Group’s Pegasus spyware] and similar tools are very important tools in the fight against terrorism and in the fight against serious crime, but they are not intended for widespread ‘phishing’ among Israeli citizens or public figures in the country, so we need to understand exactly what happened,” said Bennett in a statement.
Israeli financial daily Calcalist first reported on the Israel Police’s use of NSO Group’s notorious Pegasus spyware last month. Initial police denials were quickly replaced with an admission that the police had indeed used the spyware in “a few instances,” but law enforcement officials insisted that all was above board. On Monday, however, the paper revealed that such surveillance—classified by police as “technological and data-oriented policing”—was not limited to special cases, but was rather routine.
According to the report, the spyware was used—without court orders or authorization from the Attorney General’s Office, as required by law—to obtain information on civilians ranging from politicians and government functionaries to social activists and journalists.
While Deputy Attorney General Amit Merari had already begun looking into the case, said Bennett, a full investigation would be carried out under incoming Attorney General Gali Baharav-Miara, whose appointment was approved by the Cabinet on Monday.
“We will sit down and consult, understand what the picture looks like and not leave the public without an answer. We understand the seriousness of the matter,” said Bennett.
Israeli Interior Minister Ayelet Shaked on Monday called for the formation of a commission of inquiry to investigate the allegations.
“If this is true, it is an earthquake. These acts characterize dark regimes to which we cannot be similar,” said Shaked.
“Mass privacy violation is nothing short of lawlessness, and it must end today. We must form an external commission of inquiry. This is not the purpose for which the police procured this software. The Knesset and the public deserve answers, now,” said Shaked.
Knesset Constitution, Law and Justice Committee chairman MK Gilad Kariv called for legislative change.
“The current laws were drafted before anyone could even imagine what powerful tools would be at [the police’s]disposal. We have to make sure that the legislation keeps up with technology and that strict oversight is in place,” he said.
The Privacy Protection Authority also called for the formation of a commission of inquiry, saying that if true, the report’s implications were “beyond far-reaching.”
Israel-based firm NSO Group’s Pegasus software allows its users to remotely access mobile phones infected with the spyware. It exploits security vulnerabilities in cellular operating systems to retrieve a device’s content, including text and email messages, photos, call history and location data.
The spyware has been the focus of a global scandal since mid-July, when the Pegasus Project of journalism organization Forbidden Stories revealed that the classified technology was being used to hack the phones of journalists, government officials and human rights activists around the world.
According to Calcalist, under then-police chief Roni Alsheikh, officers with the Police Signals Intelligence Unit hacked the phones of dozens of Israelis in what the daily described as an “intelligence phishing expedition.” These efforts were conducted prior to any official investigation against the targets and without judicial warrants, despite the fact that any information so obtained is inadmissible in court.
Among the victims listed in the report are then-directors-general of the transportation, finance and justice ministries Keren Turner, Shai Babad and Emi Palmor, respectively, as well as the leaders of social protest movements, including political and social activists. Several mayors were also reportedly hacked, including Miriam Feirberg (Netanya), Yoram Shimon (Mevaseret Zion), Yaakov Peretz (Kiryat Ata) and Motti Sasson (Holon).
Pegasus was also allegedly installed on the phone of witnesses and persons of interest in “Case 4000” against then-Prime Minister Benjamin Netanyahu, Iris Elovitch, the wife of former Bezeq owner Shaul Elovitch, a defendant in the case, former Communications Ministry chiefs Shlomo Filber and Avi Berger, Bezeq CEOs Stella Hendler and Dudu Mizrahi, Walla CEO Ilan Yeshua, former Walla editor-in-chief Aviram Elad and other journalists at the news outlet.
Netanyahu’s son Avner was also allegedly hacked, as were the phones of several members of the now-opposition leader’s inner circle, including advisers Topaz Luk and Yonatan Urich.
Other prominent public figures whose phones were infected with the spyware allegedly include businessman Rami Levy and Yair Katz, the chairman of the workers’ union at Israel Aerospace Industries.
The Israel Police said in a statement that they are “cooperating with the Attorney General’s Office review of the matter.”
Outgoing Attorney General Avichai Mendelblit ordered an investigation into the spyware scandal last week in one of his last decrees before leaving office.
After the original story broke, Pegasus developer NSO Group issued a statement stressing that “the company does not operate the systems in its customers’ possession and is not involved in their operation. NSO Group’s employees are not privy to the purpose for which the software is used, nor are they privy to the information derived as part of the investigations conducted by clients.
“The company sells its products under the license and supervision of state security and law enforcement agencies to legally prevent crime and terrorism, according to court orders and local laws.”
An NSO Group official told Calcalist, “There is no way for company employees to be exposed to the information gathered by clients” using Pegasus.
This is an edited version of an article that first appeared in Israel Hayom.