EU: Due diligence directive provides key opportunity to finally rein in most invasive forms of spyware, says expert
'Opinion: Targeting of EU officials with Predator spyware shows need for stronger legal controls'
In 2021, the Pegasus Project exposed how governments across the globe have used NSO Group’s highly invasive Pegasus spyware to unlawfully spy on human rights activists, political leaders, journalists and lawyers...
Two years later, an investigation by European Investigative Collaborations (EIC)... has revealed that a suite of surveillance technologies created and sold by the EU-based Intellexa alliance, including a highly invasive surveillance technology called ‘Predator’, is being traded worldwide...
EIC and Amnesty International’s Predator Files investigation has revealed that Predator has been used to target EU officials... and EU-based activists and academics. In total, 50 social media accounts belonging to 27 individuals and 23 institutions from around the world were found to have been targeted between February and June 2023...
Since the Pegasus Project revelations broke, civil society has been calling for governments to ban the most invasive forms of spyware and regulate the surveillance sector. And yet, the Predator Files clearly demonstrate that the EU has failed to take appropriate action.
Worse still, the Intellexa alliance advertises itself as “EU-based and regulated”. Many of the companies in the alliance are based in EU member states, and despite export controls... Intellexa alliance’s products have been found in at least 25 countries across Europe, Asia, the Middle East and Africa...
There is, however, one ray of hope for accountability: the Corporate Sustainability Due Diligence Directive, which offers a crucial opportunity for the EU to rein in the rampant human rights abuses of the surveillance technology sector...
And yet the Council of the European Union wants spyware to be excluded from these new rules. Last year, when the Council reached their position on the due diligence directive, it suggested that all products subject to export control be exempted.
[B]ut as... the Pegasus Project exposed, and the Predator Files have now underscored, export controls alone are not sufficient to address the harm inflicted by these technologies...
As EU policymakers enter final negotiations on the corporate sustainability due diligence directive, they should keep the Predator Files and Pegasus Project revelations in mind. The opportunity to restrain the growing impact of the surveillance technology sector on human rights should not be missed. To protect people both inside and outside the EU, spyware must not be excluded from new corporate due diligence rules.
[Free registration on the EURACTIV website required for full access]
Please click here and here for our coverage of the Pegasus Project and Predator Files including company comments.