About two years after the Pegasus scandal pulled back the curtain on how far governments can go to spy on their citizens, another study has revealed that the EU has a spyware problem bigger than we could ever imagine.
According to Donncha Ó Cearbhaill, head of Amnesty International’s Security Lab, Predator is “demonstrably worse” than comparable NSO-developed software. This is mainly because this time the tool was not only used across the EU, but was developed, sold and exported by EU-based companies mainly active in France, Ireland and Greece.
Now a year-long joint investigation by media partners at the European Investigative Collaborations (EIC) and Amnesty International’s Security Lab could expose the EU’s shortcomings in regulating highly lucrative and unethical surveillance activities.
An EU-based spy alliance
“The Investigating Predator Files shows what we have long feared: that highly invasive surveillance products are being traded on a near-industrial scale and are free to operate in the shadows, without oversight or any real accountability,” said Agnès Callamard, Secretary General of Amnesty International.
What is Predator Spyware?
Predatory spyware is a highly invasive phone hacking software designed to access all stored and shared data (such as messages, calls, photos and passwords) without leaving any traces on the target device. It can infiltrate a smartphone through a malicious link or through tactical attacks on unsecured networks by nearby devices.
“It proves once again that European countries and institutions have failed to effectively regulate the sale and transfer of these products.”
The so-called Intellexa Alliance is in fact a group of companies, many of which are based in the EU and must comply with EU law. However, there is evidence that this corporate espionage consortium has operated unchecked for years with little or no transparency about its internal operations and business relationships.
Signed in 2019, Amnesty explained that the alliance has evolved over time into “a complex corporate structure” with ties in many countries around the world. As a commercial coalition, it mainly comes between two groups of technology companies, namely the Nexa and Intellexa groups.
The Intellexa Group was founded in 2018 by Tal Dilian, a former Israeli army officer, and some of his associates. It appears to be controlled by Irish-based holding company Thalestris and includes other tech companies spread across Cyprus, Greece, North Macedonia and Hungary. The group produced the spyware software while describing itself as an “EU regulated company.”
The Nexa group, which operated mainly from France and the UAE, appeared to have strong ties to President Emmanuel Macron. The company is said to have hired his former bodyguard and personal security advisor, Alexandre Benalla, to try to sell spyware to Saudi Arabia.MediaPart reports this– a repressive government believed to have used Pegasus spyware to track and kill dissident journalist Jamal Khashoggi in 2018. The group appears to have been active since 2012 after it acquired the surveillance activities of French company Amesys.
🚨 The #PredatorFiles spyware scandal continues… New research from @Amnesty Security Lab in partnership with @EICnetwork reveals brazen attacks on civil society, politicians and officials around the world with “EU-regulated” spyware. 🧵https://t.co/F0vbBgjXx3October 9, 2023
Predator spyware started making headlines in 2021, when the new surveillance software was used to spy on journalists, civil society organizations and politicians in Armenia, Egypt, Greece, Indonesia, Madagascar, Oman, Saudi Arabia and Serbia –a forensic report from CitizenLAb revealed in that time.
In 2022 there will be an investigation into what is known as the Greek eavesdropping scandal has provided even more insights into political espionage operations by state intelligence services carried out directly on EU territory.
Now, new evidence has revealed that at least 25 countries in Europe, Asia, the Middle East and Africa have used the Intellexa alliance’s mass surveillance products since 2007 to undermine human rights, press freedom and social movements around the world.
Their most prominent clients include notorious authoritarian regimes such as Sudan, the UAE, Kazakhstan, Egypt and Vietnam, along with European democracies such as Switzerland, Austria and Germany.
The Intellexa Alliance repeatedly claims to have scrupulously respected export rules, despite acknowledging the establishment of “commercial relations with countries that are far from perfect in terms of the rule of law.” Amnesty reported this.
How the EU can solve its spyware problem
How could such an elaborate mercenary spy ring, with ties to European democratic governments, have managed to carry out its shady business activities for so long?
According to Amnesty experts, Intellexa’s opaque and complex corporate structure has helped it avoid accountability, transparency and government regulation. The whole truth is that the EU should have done better in the wake of the Pegasus Project revelations.
As Callamard explained, EU-based surveillance technology companies are subject to the EU dual-use regulationa series of export controls aimed at preventing human rights abuses linked to the sale of spyware and similar software.
But “as the Predator Files investigation shows, EU regulators are unable or unwilling to monitor and prevent human rights violations linked to spyware exports,” she said.
In March 2022, the European Parliament even formed the Commission of Inquiry to investigate the use of Pegasus and equivalent surveillance spyware (PEGA) with the aim of regulating the use of spyware technologies. However, experts lamented a lack of political will among EU member states to come up with a joint response to the issue.
There is also the issue surrounding the technical features of Predator spyware and similar software, which are designed to leave no trace and prevent independent audits of potential misuse. This seems to demonstrate again, as Amnesty put it, that “human rights abuses are a feature of the industry, not a bug.”
That’s why the call to completely ban the use of spyware technology is growing stronger. Callamard said: “There is only one possible conclusion: given the ineffectiveness of the regulations, which has been proven time and time again, the use of highly invasive spyware such as Predator should be banned.”