Pegasus Spyware Revelations Are a Cautionary Tale of Digital Authoritarianism

COMMENTARY Cybersecurity

Pegasus Spyware Revelations Are a Cautionary Tale of Digital Authoritarianism

Aug 5th, 2021 3 min read

Commentary By

Annelise Butler

Research Associate, Center for Technology Policy

Carolyn Moorman

Summer 2021 Member of the Young Leaders Program at The Heritage Foundation

An Israeli woman uses her iPhone in front of the building housing the Israeli NSO group, on August 28, 2016, in Herzliya, near Tel Aviv. JACK GUEZ / AFP / Getty Images

Key Takeaways

Authoritarian governments should not have access to spyware like Pegasus. This is extremely dangerous for citizens of those countries as well as the wider world.

Israel has taken steps to remedy the Pegasus situation by creating a commission to evaluate claims of inappropriate usage of the spyware.

As spyware like Pegasus becomes more advanced, these happenings could set precedents for future incidents in democratic countries.

As cybersecurity technology becomes more powerful, so has the technology that is used to hack phones, computers, and other devices. When this technology falls into the wrong hands—for example, a totalitarian government—it can be exploited to create a nightmare scenario for millions of people.

Unfortunately, such a scenario recently occurred in multiple countries using Pegasus, a spyware technology created by the Israeli company NSO Group.

The company states that its technology is supposedly meant for preventing crime and terrorism. NSO has claimed to closely observe the human rights-related behavior of whom it gives its technology, but recent news negates this claim.

Mexico, Morocco, the United Arab Emirates, Azerbaijan, and Saudi Arabia, among many other unstable and repressive governments, have purchased this technology. Reports show that they have used or attempted to use Pegasus to spy on devices belonging to human rights activists, opposition politicians, government leaders, and journalists around the world.

Authoritarian governments should not have access to spyware like Pegasus. This is extremely dangerous for citizens of those countries as well as the wider world.

The idea that Saudi Arabia, with its abysmal human rights record, can access technology that can be used to easily monitor activists and dissidents is unsettling. Especially with the rumors that NSO technology was used by the Saudi Arabia government after its murder of journalist Jamal Khashoggi in 2018.

Reportedly, Khashoggi’s wife, Hanan Elatr, had her phone targeted for months before and after his murder.

NSO has denied this claim in a statement, and Saudi Arabia called the allegations of targeting critics with spyware as “baseless.” But when have authoritarian regimes, like Saudi Arabia, ever owned up to their abuses of freedom and human rights?

What makes Pegasus so different from other spyware of its kind is that it uses the zero-click method.

This means that Pegasus can hack a device without ever having to be activated by user exploitation in the first place; no clicking on links or downloading files is needed. Pegasus has been successful on both Android and Apple devices, even though Apple has been known for years as having the “best” security.

When a device is hacked, it can access text messages, photos, videos, and emails. It can also turn on a user’s microphone and camera to record content.

As a strong, democratic ally of the U.S. in the Middle East, Israel has taken steps to remedy the Pegasus situation by creating a commission to evaluate claims of inappropriate usage of the spyware.

This commission, consisting of government representatives, will determine if policy needs to be developed to address the exporting of cyber products beyond what already exists in international law. This is a step in the right direction toward more accountability when it comes to companies and the governments to which they sell spyware.

The Israeli government supervises and authorizes, on a case-by-case basis, the export of dangerous products like spyware to foreign governments, according to the Israeli Defense Minister Benny Gantz. The global community, especially those countries whose citizens have been hacked with Pegasus, will be watching the outcome of this commission closely.

Incidents like this should remind Americans of some important concepts to consider. Foremost: Technology is being weaponized by authoritarian governments to attack the very Western values—like privacy—that the U.S. was originally built on.

The use of Pegasus for nefarious surveillance purposes is a trademark example of the rise of “digital authoritarianism,” or the use of the internet or digital technologies to undermine civil liberties.

While NSO claims Pegasus has never been used on Americans, how can any American trust this when current technology has the power to turn on microphones and cameras by itself? This raises the pressure on private sector technology companies like Apple and Microsoft to protect customers by designing more privacy protection into their products.

As more information is reveled about Pegasus, it will be very important to see how NSO, the Israeli government, and others react to the situation’s developments. As spyware like Pegasus becomes more advanced, these happenings could set precedents for future incidents in democratic countries.

This piece originally appeared in The Daily Signal