Spain Reopens Investigation into Pegasus Surveillance
Spain’s highest court ruled last week that it would reopen its investigation into spyware attacks on politicians. The list of individuals targeted is said to include Prime Minister Pedro Sánchez.
The Spanish government announced publicly two years ago that Sánchez had been spied on using Pegasus intelligence software. Defense Minister Margarita Robles, Interior Minister Fernando Grande-Marlaska, and Agricultural Minister Luis Planas were also allegedly spied on.
At the time the Spanish government did not speculate as to who was behind the surveillance of top politicians. Media outlets nevertheless reported that Morocco could have been responsible for the attacks.
Spain’s highest court began investigating the incidents – but shuttered its initial inquiry in summer 2023. In announcing the closing of the inquiry, the court complained of a complete lack of cooperation from Israel. Authorities in Israel had not replied to repeated requests for assistance, the court said. Pegasus is developed and sold by the Israeli company NSO Group. The company claims to sell the software only to government clients; exports are subject to a licensing requirement.
Cooperation with France
As Spanish media have reported, Judge José Luis Calama has now decided to reopen the investigation. The impetus apparently comes from a request from French authorities, who are also investigating possible spyware attacks on top politicians – and also on journalists, lawyers, and other public figures. An international group of media outlets first uncovered this abuse in 2021 in collaboration with Forbidden Stories, a French non-profit, and Amnesty International.
French authorities now want to find out who was behind these attacks – and hope to do so in collaboration with Spain. A list compiling the traces of infection found on devices was reportedly sent to Spanish authorities, and experts in Spain are now set to compare the list with the traces they themselves have found. Spanish investigators have plans to put together a report, among other possible steps.
Spanish defense minister Robles called the reopening of the investigation “good news.”
The use of Pegasus against Spanish politicians was detected during an analysis of their smartphones in 2022. The revelation came not long after cybersecurity experts had uncovered evidence of Pegasus attacks on numerous Catalonian politicians, lawyers, and journalists.
The Spanish intelligence agency CNI was responsible for at least some of these cases, for which it claimed to have obtained court authorization. Shortly after admitting to having conducted the surveillance, then-head of the intelligence agency Paz Esteban was removed from her post.
Investigation in Poland
Cases of spying involving Pegasus have come to light in other European countries as well. In some instances the ruling party is alleged to have been responsible. In Poland for example the former PiS government is alleged to have spied on opposition leaders. A parliamentary investigation is ongoing – nearly 600 people are said to have been surveilled between 2017 and 2022.
Justice Minister Adam Bodnar confirmed this number when speaking before parliament last Wednesday. “It is sad for me that even in this room I am speaking to people who were victims of this system,” Bodnar told the lower house of parliament, the Sejm.
Bodnar did not say who exactly had been spied on. In one known instance, the smartphone of former opposition leader and current member of European parliament Krzysztof Brejza was infiltrated by Pegasus several times during the 2019 election year.
Last week the Polish news site Onet also reported that two military police officers were spied on with Pegasus after making accusations of sexual abuse against superiors. Among the data the hackers gained access to were communications between the officers and their attorneys.
Human rights experts around the world have long criticized the use of spyware. Amnesty International, in its annual report published last Wednesday, again demanded an immediate ban on highly invasive spyware like Pegasus. (js)