NSO Group lawsuit (re hacking WhatsApp users)

In 2019, WhatsApp filed suit in California state court against NSO Group, an Israeli-based spyware firm, alleging illegal hacking. They request an injunction to block NSO Group from attempting to access its computer system, as well as damages for violating Computer Fraud and Abuse legislation. The case is ongoing. 


Factual Background

https://www.canva.com/photos/MADGx4myTa4-whatsapp-application-screenshot/On 29 October 2019, WhatsApp, which is owned by Facebook, released a statement alleging spyware, known as Pegasus produced by the Israeli company NSO Group was used to hack the phone systems of 1,400 users between April 2019 and May 2019 in 20 different countries. Of the 1,400 users at least 100 were human rights defenders, journalists, and other members of civil society across the globe.   

Legal Argument

WhatsApp is demanding a permanent injunction blocking NSO from attempting to access its computer system and those of its parent company, Facebook. Additionally, they have asked that the court rule that NSO’s alleged hacking of user’s data violated the federal Computer Fraud and Abuse Act as well as the  California Comprehensive Computer Data Access and Fraud Act, breached their contracts with WhatsApp and “wrongfully trespassed” on Facebook’s property.  

NSO Group disputes these allegations. They argue the sole purpose of NSO is to provide governments and law enforcement agencies with technologies to help them fight terrorism and serious crimes. 

Legal Proceedings

On 29 October 2019 WhatsApp filed suit against NSO Group in California court in the US.

On 2 March 2020, NSO Group failed to appear in the California court, resulting in a notice of default entered. NSO responded that WhatsApp had prematurely moved for a default judgment before properly serving NSO with the lawsuit, allegedly violating international laws regarding service of process. Service of process is a legal term referring to the acceptable possible avenues with which plaintiffs can notify defendants a lawsuit has been filed against them and allow them ample opportunity to respond. WhatsApp argued they made several good faith attempts to serve the company.   

On 6 March 2020, defendants filed an application with the California state court to set aside the default judgment and raised the issue of incomplete service under the Hague Convention, which details acceptable service of process for international disputes. Additionally, defendants request sanctions be entered against the Plaintiffs for falsely representing to the Court that they had properly served defendants under the Hague Convention. Additionally, defendants argue that plaintiffs had a duty to correct the false statements. 


Lawsuit filed by NSO Group Employees against Facebook in Israel

On 26 November 2019, employees from NSO Group filed a separate lawsuit in Israel against Facebook Inc (which owns What’s App), alleging the social media giant had blocked their private accounts when it sued NSO in October 2019. They petitioned the Tel Aviv district court to order Facebook to unblock the accounts. Facebook responded that they had disabled relevant accounts after the cyber-attack and that the restrictions continue to be necessary for security reasons. 


Latest Legal News 

On 13 April 2020, the Court ruled WhatsApp had not intentionally made false statements to the court and given the short time frame, did not usurp their duty to correct the statements to the court. 



News Items

In Court, NSO Group accuses Facebook of lying, disregarding international law, The Times of Israel, 12 Mar 2020

The Israeli spyware firm accused of hacking WhatsApp is now claiming Facebook disregarded international law as the legal battle between the 2 companies heats up, Business Insider, 10 Mar 2020

Will WhatsApp win its lawsuit against NSO?, Al Jazeera, 5 Mar 2020

WhatsApp takes step toward winning spyware lawsuit after Israeli company no-show, Reuters, 4 March 2020

NSO Group points finger at state clients in WhatsApp spying case, The Guardian, 7 Apr 2020

Works at Israeli surveillance firm NSO sue Facebook for blocking private accounts, Reuters, 26 Nov 2019

How NSO Group helps countries hack targets, Vice, 31 Oct 2019

WhatsApp sues Israeli firm, accusing it of hacking activists’ phones,The Guardian, 29 Oct 2019

NSO Group/Q Cyber Lab Technologies, Citizen Lab, 29 Oct 2019


Court Documents

 Complaint for WhatsApp Inc. v. NSO Group Technologies Limited, U.S. District Court for the Northern District of California, 29 Oct 2019

Get RSS feed of these results

All components of this story

29 April 2020

WhatsApp says Israeli firm NSO Group 'deeply involved' in hacking its users

Author: Stephanie Kirchgaessner, The Guardian

WhatsApp has alleged in new court filings that an Israeli spyware company used US-based servers and was “deeply involved” in carrying out mobile phone hacks of 1,400 WhatsApp users... [and] bears responsibility in serious human rights violations, including the hacking of more than a dozen Indian journalists and Rwandan dissidents... In the court filings last week, WhatsApp said its own investigation into how Pegasus was used against 1,400 users last year showed that servers controlled by NSO Group – not its government clients – were an integral part of how the hacks were executed... According to WhatsApp’s filing, NSO gained “unauthorised access” to its servers by reverse-engineering the messaging app and then evading the company’s security features that prevent manipulation of the company’s call features.

... “Our products are used to stop terrorism, curb violent crime, and save lives. NSO Group does not operate the Pegasus software for its clients,” the company said. “Our past statements about our business, and the extent of our interaction with our government intelligence and law enforcement agency customers, are accurate.”... The new developments in the case come as NSO is facing separate questions about the accuracy of a tracking product it has launched following the outbreak of Covid-19... our Covid-19 product, Fleming, has proved vital for governments around the world working to contain the outbreak. Well-respected journalists from several countries have viewed Fleming, understood how the technology works and recognised it is the latest evolution in analytics software - which does not compromise privacy,” the company said.

Read the full post here

31 March 2020

USA: Israeli spyware firm NSO accuses Facebook of not following proper legal procedure in lawsuit against them for undue mass surveillance

Author: Aaron Holmes, Business Insider France

"The Israeli spyware firm accused of hacking WhatsApp is now claiming Facebook disregarded international law as the legal battle between the 2 companies heats up," 10 March 2020

Facebook is suing NSO Group for allegedly exploiting WhatsApp in order to carry out mass surveillance.

The legal battle between Facebook and the Israeli spyware firm NSO Group is heating up, with the company accusing Facebook of lying to the court in a new filing...

...Facebook won a default ruling against the company last week, when NSO Group representatives didn't show up to court in San Francisco.

NSO Group now claims that Facebook didn't properly serve it with the lawsuit in accordance with international law, and says Facebook lied in the process.

Facebook responded to NSO Group's filing, saying that the Israeli company was properly served.

Read the full post here

+ Français - Hide

Author: Reuters

« Les employés de la société de surveillance israélienne NSO poursuivent Facebook pour blocage de comptes privés », 26 novembre 2019

Un groupe d'employés de la société de surveillance israélienne NSO Group a déposé mardi une plainte contre Facebook…, affirmant…qu[‘il] avait injustement bloqué ses comptes privés lorsqu'il avait poursuivi NSO le mois dernier.

WhatsApp,…[appartenant] à Facebook, avait accusé la NSO d’avoir aidé des espions du gouvernement à percer les téléphones d’environ 1 400 utilisateurs [globaux]…dans une foulée de piratage visant notamment des diplomates, des dissidents politiques, des journalistes…[etc.]. Les employés de l’OSN ont déclaré que leurs comptes Facebook et Instagram ainsi que ceux d'anciens travailleurs et de membres de leur famille avaient été bloqués. Ils ont demandé au tribunal de district de Tel Aviv d'ordonner à Facebook de débloquer les comptes…

Facebook n'a pas immédiatement répondu à un[e] demand[e] [de] commentaire. Les employés de l'OSN ont déclaré que Facebook avait imposé une «punition collective»…en raison du processus judiciaire que Facebook mène contre l'ONS. Ils ont également déclaré que leur action en justice [se faisaient après]…des demandes répétées sans réponse. "[C’]est un geste injuste…[l]'idée que des données personnelles ont été recherchées et utilisées nous dérange beaucoup".

WhatsApp a accusé NSO de faciliter les tentatives de piratage gouvernemental dans 20 pays. Le Mexique, les Émirats arabes unis et Bahreïn ont été les seuls pays identifiés. NSO…nie les allégations,…sa présidente, Shiri Dolev…affirmant que les technologies NSO rendaient le monde plus sûr [et]…"Les terroristes et les criminels utilisent les plateformes sociales et les applications que nous utilisons tous les jours… [n]ous développons la technologie que nous vendons exclusivement aux agences de renseignement gouvernementales»…

Read the full post here

3 December 2019

Israel’s NSO staff sue Facebook for blocking private accounts

Author: Steven Scheer, Reuters

"Workers at Israeli surveillance firm NSO sue Facebook for blocking private accounts", 26 November 2019

A group of employees from Israeli surveillance firm NSO Group filed a lawsuit against Facebook Inc on Tuesday, saying the social media giant had unfairly blocked their private accounts when it sued NSO last month...

Facebook said in a statement that it had disabled “relevant accounts” after attributing a “sophisticated cyber attack” to NSO Group and its employees. Those actions “continue to be necessary for security reasons, including preventing additional attacks,” the company said.

Read the full post here

19 November 2019

Commentary: NSO Group gives lots of justifications for selling spy tech. Facebook's lawsuit proves them wrong

Author: Oded Yaron, Haaretz

According to NSO, its products are sold only to intelligence and law enforcement agencies after careful screening. The company stated in part that its products “assist its clients in their war on terror, pedophilia and serious crimes,” adding that “any other use of the company’s products is forbidden and invalid.”... But [a] contract attached to the lawsuit [brought by Facebook] governs a transaction worth millions of dollars between a local company representing NSO in Ghana and that country’s National Communications Authority. The authority doesn’t deal with law enforcement, making it unclear why it needed an advanced offensive cybertechnology tool... [T]he system was never delivered to either the communications authority or the NSCS. Instead, as was revealed in court testimony, it ended up at the private home of Baba Kamara, a senior adviser to Ghana’s president... NSO told Haaretz that the company’s system had never been installed in any private home.

... NSO claims that, while it develops offensive cybertechnological tools, it doesn’t operate them itself... [However] they also offer a support package [to clients]... [which] raises a number of questions regarding the kind of information NSO is privy to... Haaretz asked NSO what steps it takes if its equipment is misused and if it has ever halted service to a client that misused its technology. The company refused to respond to the questions.

Read the full post here

+ Français - Hide

« WhatsApp. De nombreux militants ont été la cible du logiciel espion de NSO », 5 Novembre 2019

...Mardi 29 octobre, 2019, WhatsApp a déclaré que le logiciel espion de NSO avait été utilisé pour exploiter une faille de sécurité dans l'application afin de cibler environ 1 400 personnes entre avril et mai 2019 approximativement. Selon WhatsApp, parmi les personnes ciblées, 100 étaient des défenseurs des droits humains, dans de nombreux pays du monde. La faille, rendue publique pour la première fois en mai, a permis aux pirates d'installer un logiciel espion en appelant simplement les utilisateurs de WhatsApp.

Read the full post here

+ Français - Hide

Author: Nicolas Sanders, RFI

« WhatsApp accuse une société israélienne de cyber-espionnage », 30 Octobre 2019

Après un récent accident de sécurité, WhatsApp a décidé de porter plainte contre une start-up israélienne spécialisée dans les logiciels d'espionnage, NSO Group, suspectée d’avoir – pour le compte de gouvernements aux antécédents douteux en termes de droits de l’homme - espionné les téléphones portables d’une centaine de défenseurs des droits humains, journalistes et autres membres de la société civile dans le monde.

...Plus récemment, Amnesty International a accusé NSO Group de vendre ses produits « à des gouvernements qui commettent de façon notoire de révoltantes violations des droits humains ». « Les recherches d'Amnesty International ont dévoilé de nouveaux éléments effrayants qui montrent une fois de plus comment le logiciel malveillant de NSO Group facilite la répression des défenseurs des droits humains cautionnée par les États », confie Danna Ingleton, directrice adjointe d'Amnesty Tech, la branche digitale de l’ONG, basée à Londres...

« Nous contestons dans les termes les plus fermes possibles les allégations actuelles et nous les combattrons vigoureusement (…) Notre technologie n'est pas conçue pour être utilisée contre les militants des droits de l'homme et les journalistes. Elle a permis de sauver des milliers de vies au cours des dernières années. » La firme israélienne précise également dans son communiqué être « alignée sur les Principes directeurs des Nations unies sur les entreprises et les droits de l'homme, pour nous assurer que nos produits respectent tous les droits humains fondamentaux. »

Read the full post here

5 November 2019

WhatsApp sues NSO Group: is this what it takes to hold surveillance tech to account?

Author: Ana Zbona & Phil Bloomer, Business & Human Rights Resource Centre, Open Global Rights

There’s been widespread coverage...that Whatsapp is suing NSO Group – an Israeli surveillance company – because of a cyberattack exploiting a vulnerability in Whatsapp... [The] attack...targeted at least 100 human-rights defenders...NSO has vigorously denied the allegations... One technology company suing another because of attacks on...defenders is new - but allegations that NSO Groups’ technology is being used like this are not... 

  • In 2019, [defenders] in Morocco, were allegedly targeted through...NSO Group's Pegasus software..NSO...in response promised to investigate.
  • In 2018,...NSO Group provided the Saudi government with the software that allowed it to spy on conversations of... Jamal Khashoggi before his killing...
  • In 2017,...journalists and...defenders...were targetted...by the Mexican government... The company... was...arguing that the software was meant to only be used against drug cartels...

This attack fits into a wider trend of attacks on...defenders and civic freedoms that BHRRC has been tracking...We have registered over 2000 attacks since 2015 linked to activists raising...concerns about companies from all sectors... Digital attacks are often a precursor to physical ones...[It's] positive that with Whatsapp’s lawsuit there is some legal scrutiny being brought to such egregious allegations of abuse linked to NSO Group’s products. But we cannot depend on tech companies to police the surveillance industry...Laws to insist these companies conduct the strictest due diligence and risk management before any export would be a first step. Exports without this should be outlawed and become a criminal liability for reckless companies.  

Read the full post here

31 October 2019

NSO Group allegedly more involved in hacking targets than previously believed based on documents revealed through lawsuit

Author: Lorenzo Franceschi-Bicchierai & Joseph Cox, VICE

"How NSO Group helps countries hack targets," 31 Oct 2019

WhatsApp, which is owned by Facebook, filed a lawsuit against NSO Group in a California court... NSO makes Pegasus, a surveillance product that hacks cellphones and is used by government agencies around the world to intercept and read data on the hacked devices. WhatsApp alleges that NSO was sending malware to take control of phones via WhatsApp and was using Facebook infrastructure as part of its hacking campaign... NSO provides hacking as a streamlined service, which means a lot of the actual tech is in the company’s own control, and NSO can offer hands-on assistance to the government employees who use it... NSO has maintained that it merely sells tools to governments and that it does not have specific knowledge of who its clients hack... The level of support NSO gives customers depends on how much the customer pays... [and] offers four tiers of support... The NSO staff may not press the Enter key to actually hack the target, but they are involved in essentially every other step of the process, according to the sources.

... A company spokesperson [said] “Under no circumstances does NSO operate the systems that are licensed to our customers; to do so would violate many laws and regulations, as well as our own policies. NSO’s products are only provided to intelligence and law enforcement agencies after a strict licensing and vetting process, and after training the clients use the system on their own for preventing and investigating terror and serious crime.”

Read the full post here

30 October 2019

India: Journalists and human rights activists targeted, phones hacked using Israeli spyware

Author: Special Correspondent, The Hindu

"Israeli spyware used to target Indian journalists, human rights activists: WhatsApp", 31 October 2019

Facebook-owned WhatsApp...said Indian...journalists and human rights activists were among those globally spied upon by unnamed entities using an Israeli spyware Peagasus.

WhatsApp said it was suing NSO Group, an Israeli surveillance firm, that is reportedly behind the technology that helped unnamed entities' spies to hack into phones of roughly 1,400 users.

These users span across four continents and included diplomats, political dissidents, journalists and senior government officials.

However, it did not say on whose behest the phones of journalists and activists across the world were targeted...

Refusing to divulge identities or the exact number of those targeted in India, WhatsApp said it had in May stopped a highly sophisticated cyberattack that exploited its video calling system to send malware to its users. 

WhatsApp said it "believes the attack targeted at least 100 members of civil society...this number may grow higher as more victims come forward".

WhatsApp head Will Cathcart said these victims include human rights defenders, journalists and other members of the civil society across the world.

Cathcart asserted that WhatsApp was committed to the fundamental right to privacy and that it is working to stay ahead of those who seek to violate that right.

Read the full post here