Access Now asks Novalpina Capital for transparency regarding NSO Group's export activities in the EU; NSO Group responds

Get RSS feed of these results

All components of this story

NGO rejoinder
27 September 2019

Rejoinder from Access Now to NSO Group's response

Author: Access Now

Novalpina’s Stephen Peel promised “ robust transparency ” in his March 1, 2019 letter; this latest reply from NSO Group shows that there is still a way to go to deliver on that promise. In its reply, NSO Group claims that it complies with all applicable laws and regulations -- but neglected to clarify from/through which EU countries it exports its products... As national law and government processes vary widely on export licensing, it is important for civil society to know from which countries NSO Group obtains its licenses and understand the conditions under which those licenses are issued.

... NSO Group claims to be “the only company in the cyber sector” with governance frameworks that align with the UN Guiding Principles, due to their recently published human rights policy. However, companies such as Nokia and Ericsson have human rights policies in place that are much more robust than NSO Group’s policy, and those firms offer more evidence of implementation. NSO Group can continue to claim that it is committed to respecting human rights, but without clear evidence of its respect for human rights, participation in processes to remedy violations it’s linked to, and transparency around its export activities, this remains an empty promise.

Download the full document here

Company response
22 September 2019

Response from NSO Group to Access Now letter

Author: NSO Group

NSO Group complies with all applicable laws and regulations, including laws regarding export approval for its technology. NSO has also recently shared a new governance framework that brings the company into alignment with the UN Guiding Principles on Business and Human Rights. We are proud that these governance standards make us the only company in the cyber sector – and one of a small number in any industry – to establish policies and practices that meet the Guiding Principles. In setting a model for good corporate governance in the cyber intelligence industry, NSO has codified our commitment to ethical business by building respect for human rights into all aspects of our work.

Download the full document here

Article
14 August 2019

Letter from Access Now to Novalpina Capital

Author: Access Now

Three months ago, we wrote to both Bulgaria and Cyprus to clarify your statement that “some of NSO's products are exported from the EU (either Bulgaria or Cyprus), where the relevant authorities apply the EU control list (which is based on the Wassenaar control list)" (8). This week, Cypriot authorities responded explaining that they had “not identified the NSO Group to be present in Cyprus and [had] not issued any export licences for NSO Group products.” Considering this is fundamentally a question of Novalpina’s activity in the EU, we ask you for your transparency and cooperation in reconciling these two findings.

... [W]e welcome Novalpina Capital’s affirmation of the UN Guiding Principles on Business and Human Rights (UNGPs) and the UN-supported Principles for Responsible Investment. We are encouraged about your commitment to ensure NSO Group operates in accordance with the UNGPs, including through “robust transparency in line with those Principles"... Specifically we ask that you:

  1. Clarify whether any, and which, NSO Group products, or products of NSO Group subsidiaries, partners, or affiliates, have applied for or been issued export licenses of any kind in Cyprus.
  2. Whether and which NSO Group products, research facilities, subsidiaries, partners, or affiliates are present in Cyprus.

Read the full post here