In May [2019], WhatsApp announced that we had detected and blocked a new kind of cyberattack involving a vulnerability in our video-calling feature... after months of investigation, we can say who was behind this attack. Today, we have filed a complaint in federal court that explains what happened and attributes the intrusion to... NSO Group... [The attack] targeted at least 100 human-rights defenders, journalists and other members of civil society across the world. This should serve as a wake-up call... Tools that enable surveillance into our private lives are being abused, and the proliferation of this technology into the hands of irresponsible companies and governments puts us all at risk. 

At WhatsApp, we believe people have a fundamental right to privacy... [F]ar more needs to be done to define what amounts to proper oversight of cyber weapons. NSO said in September that “human rights protections are embedded throughout all aspects of our work.” Yet it maintains that it has no insight into the targets of its spyware. Both cannot be true. At a minimum, leaders of tech firms should join U.N. Special Rapporteur David Kaye’s call for an immediate moratorium on the sale, transfer and use of dangerous spyware.