spyware
-
JORDAN: ‘Commercial spyware that enables digital repression and abuse must be completely banned’
CIVICUS speaks with Access Now about their forensic investigation that exposed the use of Pegasus spyware to target activists and journalists in Jordan. Access Now is an international civil society organisation that works to defend and extend the digital rights of people and communities at risk.
What restrictions do Jordanian journalists and activists face?
Over the past four years, the Jordanian government has dialled up its crackdown on the rights to freedom of association, expression and peaceful assembly. Journalists, human rights defenders, labour unions and activists are routinely harassed, detained and prosecuted under vague and draconian laws. In late 2022 and throughout 2023, several lawyers, journalists and activists were arrested in connection with protests or for their social media posts.
Repression has deepened as a result of the new cybercrime law adopted in August 2023. This law threatens online freedom of expression on the basis of ambiguous and overly broad provisions about ‘spreading fake news’, ‘promoting, instigating, aiding or inciting immorality’, ‘online assassination of personality’, ‘provoking strife’ and ‘undermining national unity’. The law is now being weaponised to quash pro-Palestinian protests and activism in Jordan. Since 7 October 2023, hundreds of protesters expressing solidarity with Palestinians in Gaza have been detained and many others prosecuted under this draconian law.
Our recent forensic investigation into the use of NSO Group’s Pegasus spyware in Jordan has revealed an additional layer of repression, with at least 35 people being targeted for no reason other than their peaceful political dissent and human rights advocacy.
How’s spyware used, and who’s using it?
In January 2022, Access Now and Front Line Defenders revealed that Pegasus spyware had been used to hack prominent Jordanian human rights lawyer Hala Ahed. Hala was hacked in March 2021, and it was an isolating and traumatic experience for her. Access Now then joined Citizen Lab to further investigate the use of Pegasus spyware in Jordan.
Our joint forensic investigation uncovered a terrifyingly widespread use of Pegasus to target Jordanian media and civil society. We found traces of Pegasus spyware on the mobile devices of 30 activists, journalists, lawyers and civil society members. Further forensic analysis by our partners Human Rights Watch, Amnesty International’s Security Lab and the Organized Crime and Corruption Reporting Project identified five more Pegasus victims, bringing the total to 35.
This is the largest pool of Pegasus victims uncovered in Jordan so far, but we believe actual numbers are much higher. We don’t know exactly who is behind these attacks because spyware manufacturers such as NSO Group make the identification of perpetrators of cyberattacks very hard.
The NSO Group blatantly claims its surveillance technologies are crucial for governments to fight crime and terrorism. Conveniently, this is the same pretext used by dictators and repressive regimes to criminalise the work of journalists and activists and prosecute them under draconian counterterrorism and cybercrime laws. It’s a match made in hell, as a result of which activists and journalists are hacked, prosecuted, jailed, tortured and killed merely for exercising their rights or doing their job.
What can activists and journalists do to protect themselves?
Unfortunately, given their stealthy nature, there’s no bulletproof protection against spyware attacks. Zero click spyware doesn’t require any interaction between the software and the user of the hacked device. It basically exploits a vulnerability in the device’s software to infect it without the user’s knowledge.
Still, there are some basic protection measures everyone should implement. For example, every time a vulnerability is discovered, Apple patches it, which means it’s important for users to ensure their device’s operating system is always up to date, otherwise the patch won’t apply. Activists can also enable the Lockdown Mode feature on their Apple devices, which seems to be helping protect at-risk users.
How does Access Now hold governments and companies accountable?
For years, Access Now and broader civil society have been campaigning for a global moratorium on the export, sale, transfer, servicing and use of targeted digital surveillance technologies until rigorous human rights safeguards are put in place. Commercial spyware that enables digital repression and abuse worldwide, such as Pegasus, must be completely banned. We are not there yet, but this is our baseline to rein in the surveillance tech industry.
There have been some positive steps toward holding spyware companies accountable. For instance, a number of Israeli spyware outfits including NSO Group, Candiru and four Intellexa entities were added to a list of the US Department of Commerce that includes entities engaging in activities contrary to the USA’s national security or foreign policy interests. The latest addition to the list was the Canada-based firm Sandvine, blacklisted for enabling digital repression in Egypt. In February 2024, the US State Department also announced a new visa sanctions policy that will deny visas to anyone involved in, facilitating or deriving financial benefit from the misuse of commercial spyware around the world.
Civil society plays a vital role in exposing how these shady companies profit from facilitating human rights abuses around the world and demanding accountability for violations and reparation to spyware victims. Its continued work is key to holding governments and spyware companies accountable.
Civic space in Jordan is rated ‘repressed’ by theCIVICUS Monitor.
Get in touch with Access Now through itswebsite orFacebook andInstagram pages, and follow@accessnow on Twitter.
