RSF calls on EU Member States to reinforce journalists’ protections against spyware

In the next cycle of negotiations, due to begin in Strasbourg on 13 February, the European Parliament and the Council of the European Union are meant to reach a joint position on tighter restrictions on dual-use exports, including surveillance technology. Sold by private companies to authoritarian regimes, these technologies can be used maliciously to spy on journalists and activists.

In late 2018, a coalition of NGOs including RSF criticized one of the latest versions of the regulations and the hypocrisy of some European governments that professed a desire to defend human rights while, at the same time, negotiating behind the scenes to weaken the regulations intended to protect those rights.

“Weakening the version of the text proposed by the European Parliament, refusing to include all existing and future cyber-surveillance technologies or relaxing governmental transparency requirements poses a real threat to journalists and their right to information,” said Iris de Villars, the head of RSF’s Tech Desk. “These technologies, while becoming more and more accessible and widely used throughout the world, expose journalists to surveillance and compromise their ability to do investigative reporting and protect their sources.”

The need for protective regulations is now greater than ever, in part because governments are becoming more and more directly involved in organizing international events involving security and surveillance sector companies and other states. At the initiative of Britain’s Home Office, for example, NSO Group, an Israeli company specializing in spyware and interception of online communications, has been invited to participate in the closed Security and Policing trade fair due to be held near London in March. According to a report by Agnès Callamard, the UN Special Rapporteur on extrajudicial, summary or arbitrary killings, it was this company’s software that was allegedly used to hack into the phones of three closed associates of the murdered Saudi journalist Jamal Khashoggi.

NSO Group’s software was also reportedly used to intercept the WhatsApp messages of Indian journalists in 2019. Two years before that, the Citizen Lab research centre identified NSO Group as the source of the software used to spy on the communications of Mexican journalists investigating the drug cartels, and those close to them.

And just last month, UN investigators said they suspected either NSO Group or Hacking Team, an Italian company specializing in surveillance software, of being involved in hacking into Washington Post owner Jeff Bezos’s phone with the presumed aim of influencing the newspaper’s coverage of Saudi Arabia.

It was revelations about the French company Amesys’ sale of surveillance technology to Libya’s former Gaddafi regime and its use in spying on Libyan dissidents that led to the European Commission decision to update the EU’s regulations on dual-use exports and transfers. The EU negotiations on the proposed new regulations have been underway since 2016.