Of the 50,000 phone numbers that were, according to a consortium of investigative journalists, possible targets for surveillance using the Israeli company NSO Group Ltd.’s Pegasus spyware, apparently not one had a +1 prefix. NSO says it can’t — or doesn’t — hack U.S.-based smartphones. You might think, therefore, this is not a problem the United States needs to worry about.
In fact, the future of surveillance — which, as the investigation documented, is being targeted at dissidents and activists as much as terrorists and criminals — will be determined by decisions made in the U.S.
Those decisions will determine the future of democracy worldwide. NSO’s clients are all sovereign governments, according to the company. What they don’t say, but the investigation revealed, is that these governments are mostly autocracies such as Saudi Arabia or increasingly illiberal democracies such as Hungary and India.
NSO is a private company, so one might be tempted to blame corporate greed for the fact that its advanced technology is ending up in the hands of autocrats. Yet the Israeli government, through export licenses, controls where the company is allowed to send its products. One of the investigative journalists involved in the Pegasus report said that “the selection of Indian numbers started in earnest the day before … [Indian Prime Minister Narendra] Modi and Israel’s former PM [Benjamin] Netanyahu enjoyed a walk on the beach in Israel.”
If anything, it is the U.S. private sector — from Facebook Inc.’s WhatsApp to Microsoft Corp. to Alphabet Inc.’s Google — that is leading the charge against the impunity enjoyed by private spyware firms. WhatsApp’s CEO, in response to the Pegasus leak, urged “a global moratorium on the use of unaccountable surveillance technology.”
Google regularly warns Android users that they are being targeted by “government-based attackers,” sending out “more than 12,000 warnings to users in 149 countries” in just the third quarter of 2019. Apple Inc. — though it unfortunately chose to minimize the significance of the Pegasus leak — thinks that the iPhone’s security and privacy features are a valuable differentiator for its products.
Also read: Covid aid to India, financial help to Sri Lanka — Bangladesh is showcasing its economic rise
These companies are not making such efforts out of a pure and idealistic love of democracy. They are doing so because adhering to U.S. norms on privacy matters to how their products are marketed and sold. Right now, the scruples of U.S.-based tech companies provide whatever minimal protection people in troubled democracies have against snooping by their own governments.
We now know who is vulnerable when that protection fails. In India, attempted Pegasus targets reportedly included the leader of the political opposition, activists fighting for lower-caste empowerment, an independent member of the election commission and even a well-known virologist. In Viktor Orban’s Hungary, the list was dominated by activist lawyers and crusading journalists. And as many as 50 people linked to current Mexican President Andrés Manuel López Obrador, who ran as an insurgent against the previous administration, were in the leaked database.
Both the Hungarian and Indian governments deny using Pegasus to spy on dissidents and the opposition. Yet surveillance technology could easily be deployed in such countries to shrink the space available for liberal democratic politics. U.S. President Joe Biden has made the defense of democratic institutions a cornerstone of his foreign policy. If he’s serious, then his administration must start asking a few questions.
Here’s one: How much of this technology is being developed in the U.S., including by U.S. government agencies, and making its way to illiberal autocrats? NSO’s founders are, according to multiple reports, thought to be alumni of Israel’s signals intelligence division, Unit 8200. And we know — including through the Edward Snowden leak — that the U.S. National Security Agency provides Israeli intelligence “controlled access to advanced U.S. technology and equipment.”
What are the nature of those controls? Are they sufficient to prevent the development and sale of technology to autocrats who want to use it against their own people? Snowden himself, in response to these latest revelations, warned that “if we don’t do anything to stop the sale of this technology, it’s not just going to be 50,000 targets. It’s going to be 50 million targets, and it’s going to happen much more quickly than any of us expect. … There are certain industries, certain sectors, from which there is no protection, and that’s why we try to limit the proliferation of these technologies.”
The U.S. and other democracies don’t want autocrats benefiting from technology designed to defend democracy, so they carefully monitor the end-use of the weapons packages that they develop and export. It’s time to extend that effort transparently to digital technologies that, in today’s world, can be just as easily misused. –Bloomberg
Also read: Why Bangladesh – not India or Pakistan – is destined to be the economic star of South Asia