Dear EU High Representative Borrell and Foreign Ministers of the EU member states,
We are writing following credible revelations that Israeli NSO Group’s Pegasus Spyware was used to hack the devices of six Palestinian human rights activists – the latest in a growing series of reports about human rights abuses linked to the use of NSO technology – to urge that the EU takes serious and effective measures against NSO Group, including the designation of the entity under the EU’s global human rights sanctions regime.
Already in July, reporting by the Pegasus Project – a collaboration of more than 80 journalists from 16 media organizations in 10 countries coordinated by Forbidden Stories with the technical support of Amnesty International – exposed how the Pegasus software was used to infiltrate the devices of activists, journalists, and opposition figures, including in the EU. Forbidden Stories and its media partners identified potential NSO clients in countries known to engage in unlawful and arbitrary surveillance of their citizens and also known to have been clients of NSO Group.
The systemic targeting of Palestinian human rights defenders with Pegasus provides further evidence of a pattern of human rights abuses facilitated by NSO Group through spyware sales to governments that use the technology to persecute civil society and social movements in many countries around the world. Furthermore, these abuses underscore how NSO Group’s human rights policy fails to prevent and mitigate human rights abuse in a meaningful way.
NSO Group has repeatedly denied the allegations included in the Pegasus Project reporting and the revelations that Pegasus was used to target Palestinian human rights defenders. None of the Pegasus Project partners or groups that revealed the hacking of Palestinians have retracted their reporting. In fact, additional independent reporting and investigations from authorities corroborated the Pegasus Project’s findings.
Following allegations on the use of the software by the Hungarian government, Commissioner Reynders announced an investigation into the matter and called for urgent action against the use of the spyware.
The EU’s global human rights sanctions regime allows the EU to adopt targeted sanctions against entities deemed responsible for violations or abuses that are “of serious concern as regards the objectives of the common foreign and security policy”, including violations or abuses of freedom of peaceful assembly and of association, or of freedom of opinion and expression (art. 1, par. d, iii and iv of Council Decision CFSP 2020/1999). These rights have been repeatedly violated using NSO technology, and, as highlighted by the UN Special Rapporteur on freedom of opinion and expression, the use of spyware by abusive governments can also facilitate extrajudicial, summary or arbitrary executions and killings, or enforced disappearance of persons, covered by art. 1, par. c, iii and iv of the Decision.
On November 3, the US Department of Commerce added NSO Group to its trade restriction list (Entity List), for “acting contrary to the foreign policy and national security interests of the United States”. The Department cited the use of NSO Group tools by foreign government clients to “maliciously target government officials, journalists, businesspeople, activists, academics, and embassy workers” and to enable “foreign governments to conduct transnational repression” by “targeting dissidents, journalists and activists outside of their sovereign borders to silence dissent.”
The EU should follow suit and urgently put NSO on its global sanction list and take all appropriate action to prohibit the sale, transfer, export, import and use of NSO Group technologies, as well as the provision of services that support NSO Group’s products, until adequate human rights safeguards are in place.
Civil society organizations
Ralph Bunche Institute for International Studies
The Graduate Center, CUNY
365 Fifth Avenue, Suite 5203
New York, NY 10016-4309, USA