NSO Group lawsuit (re hacking WhatsApp users)
In 2019, WhatsApp filed suit in California state court against NSO Group, an Israeli-based spyware firm, alleging illegal hacking. They request an injunction to block NSO Group from attempting to access its computer system, as well as damages for violating Computer Fraud and Abuse legislation. The case is ongoing.
On 29 October 2019, WhatsApp, which is owned by Facebook, released a statement alleging spyware, known as Pegasus produced by the Israeli company NSO Group was used to hack the phone systems of 1,400 users between April 2019 and May 2019 in 20 different countries. Of the 1,400 users at least 100 were human rights defenders, journalists, and other members of civil society across the globe.
WhatsApp is demanding a permanent injunction blocking NSO from attempting to access its computer system and those of its parent company, Facebook. Additionally, they have asked that the court rule that NSO’s alleged hacking of user’s data violated the federal Computer Fraud and Abuse Act as well as the California Comprehensive Computer Data Access and Fraud Act, breached their contracts with WhatsApp and “wrongfully trespassed” on Facebook’s property.
NSO Group disputes these allegations. They argue the sole purpose of NSO is to provide governments and law enforcement agencies with technologies to help them fight terrorism and serious crimes.
On 29 October 2019 WhatsApp filed suit against NSO Group in California court in the US.
On 2 March 2020, NSO Group failed to appear in the California court, resulting in a notice of default entered. NSO responded that WhatsApp had prematurely moved for a default judgment before properly serving NSO with the lawsuit, allegedly violating international laws regarding service of process. Service of process is a legal term referring to the acceptable possible avenues with which plaintiffs can notify defendants a lawsuit has been filed against them and allow them ample opportunity to respond. WhatsApp argued they made several good faith attempts to serve the company.
On 6 March 2020, defendants filed an application with the California state court to set aside the default judgment and raised the issue of incomplete service under the Hague Convention, which details acceptable service of process for international disputes. Additionally, defendants request sanctions be entered against the Plaintiffs for falsely representing to the Court that they had properly served defendants under the Hague Convention. Additionally, defendants argue that plaintiffs had a duty to correct the false statements.
On 13 April 2020, the Court ruled WhatsApp had not intentionally made false statements to the court and given the short time frame, did not usurp their duty to correct the statements to the court.
Lawsuit filed by NSO Group Employees against Facebook in Israel
On 26 November 2019, employees from NSO Group filed a separate lawsuit in Israel against Facebook Inc (which owns WhatsApp), alleging the social media giant had blocked their private accounts when it sued NSO in October 2019. They petitioned the Tel Aviv district court to order Facebook to unblock the accounts. Facebook responded that they had disabled relevant accounts after the cyber-attack and that the restrictions continue to be necessary for security reasons.
Latest Legal News
In July 2020, a US district court judge in California ruled that Whatsapp's lawsuit could proceed. In its ruling, the judge explained not being convinced by NSO's argument that it had no role in the targeting of WhatsApp's users and only followed the directions of its customers. This decision means that the case can proceed to discovery, where both parties can request documents and records from each others' practices.
US judge: Whatsapp lawsuit against Isreali spyware firm NSO can proceed, The Guardian, 17 Jul 2020
In Court, NSO Group accuses Facebook of lying, disregarding international law, The Times of Israel, 12 Mar 2020
Will WhatsApp win its lawsuit against NSO?, Al Jazeera, 5 Mar 2020
WhatsApp takes step toward winning spyware lawsuit after Israeli company no-show, Reuters, 4 Mar 2020
NSO Group points finger at state clients in WhatsApp spying case, The Guardian, 7 Apr 2020
Works at Israeli surveillance firm NSO sue Facebook for blocking private accounts, Reuters, 26 Nov 2019
How NSO Group helps countries hack targets, Vice, 31 Oct 2019
WhatsApp sues Israeli firm, accusing it of hacking activists’ phones,The Guardian, 29 Oct 2019
NSO Group/Q Cyber Lab Technologies, Citizen Lab, 29 Oct 2019
All components of this story
Author: Nicolas Sanders, RFI
« WhatsApp accuse une société israélienne de cyber-espionnage », 30 Octobre 2019
Après un récent accident de sécurité, WhatsApp a décidé de porter plainte contre une start-up israélienne spécialisée dans les logiciels d'espionnage, NSO Group, suspectée d’avoir – pour le compte de gouvernements aux antécédents douteux en termes de droits de l’homme - espionné les téléphones portables d’une centaine de défenseurs des droits humains, journalistes et autres membres de la société civile dans le monde.
...Plus récemment, Amnesty International a accusé NSO Group de vendre ses produits « à des gouvernements qui commettent de façon notoire de révoltantes violations des droits humains ». « Les recherches d'Amnesty International ont dévoilé de nouveaux éléments effrayants qui montrent une fois de plus comment le logiciel malveillant de NSO Group facilite la répression des défenseurs des droits humains cautionnée par les États », confie Danna Ingleton, directrice adjointe d'Amnesty Tech, la branche digitale de l’ONG, basée à Londres...
« Nous contestons dans les termes les plus fermes possibles les allégations actuelles et nous les combattrons vigoureusement (…) Notre technologie n'est pas conçue pour être utilisée contre les militants des droits de l'homme et les journalistes. Elle a permis de sauver des milliers de vies au cours des dernières années. » La firme israélienne précise également dans son communiqué être « alignée sur les Principes directeurs des Nations unies sur les entreprises et les droits de l'homme, pour nous assurer que nos produits respectent tous les droits humains fondamentaux. »
- Related stories: NSO Group lawsuit (re hacking WhatsApp users) WhatsApp dépose une plainte contre NSO Group l'accusant d'avoir espionné les téléphones portables de plus de 100 défenseurs des droits
- Related in-depth areas: Dernières infos juridiques Dernières infos sur les défenseurs des droits de l'homme Technologies de l’information Technology and Human Rights
- Related companies: Facebook NSO Group Whatsapp (part of Facebook)
Author: Ana Zbona & Phil Bloomer, Business & Human Rights Resource Centre, Open Global Rights
There’s been widespread coverage...that Whatsapp is suing NSO Group – an Israeli surveillance company – because of a cyberattack exploiting a vulnerability in Whatsapp... [The] attack...targeted at least 100 human-rights defenders...NSO has vigorously denied the allegations... One technology company suing another because of attacks on...defenders is new - but allegations that NSO Groups’ technology is being used like this are not...
- In 2019, [defenders] in Morocco, were allegedly targeted through...NSO Group's Pegasus software..NSO...in response promised to investigate.
- In 2018,...NSO Group provided the Saudi government with the software that allowed it to spy on conversations of... Jamal Khashoggi before his killing...
- In 2017,...journalists and...defenders...were targetted...by the Mexican government... The company... was...arguing that the software was meant to only be used against drug cartels...
This attack fits into a wider trend of attacks on...defenders and civic freedoms that BHRRC has been tracking...We have registered over 2000 attacks since 2015 linked to activists raising...concerns about companies from all sectors... Digital attacks are often a precursor to physical ones...[It's] positive that with Whatsapp’s lawsuit there is some legal scrutiny being brought to such egregious allegations of abuse linked to NSO Group’s products. But we cannot depend on tech companies to police the surveillance industry...Laws to insist these companies conduct the strictest due diligence and risk management before any export would be a first step. Exports without this should be outlawed and become a criminal liability for reckless companies.
NSO Group allegedly more involved in hacking targets than previously believed based on documents revealed through lawsuit
Author: Lorenzo Franceschi-Bicchierai & Joseph Cox, VICE
"How NSO Group helps countries hack targets," 31 Oct 2019
WhatsApp, which is owned by Facebook, filed a lawsuit against NSO Group in a California court... NSO makes Pegasus, a surveillance product that hacks cellphones and is used by government agencies around the world to intercept and read data on the hacked devices. WhatsApp alleges that NSO was sending malware to take control of phones via WhatsApp and was using Facebook infrastructure as part of its hacking campaign... NSO provides hacking as a streamlined service, which means a lot of the actual tech is in the company’s own control, and NSO can offer hands-on assistance to the government employees who use it... NSO has maintained that it merely sells tools to governments and that it does not have specific knowledge of who its clients hack... The level of support NSO gives customers depends on how much the customer pays... [and] offers four tiers of support... The NSO staff may not press the Enter key to actually hack the target, but they are involved in essentially every other step of the process, according to the sources.
... A company spokesperson [said] “Under no circumstances does NSO operate the systems that are licensed to our customers; to do so would violate many laws and regulations, as well as our own policies. NSO’s products are only provided to intelligence and law enforcement agencies after a strict licensing and vetting process, and after training the clients use the system on their own for preventing and investigating terror and serious crime.”
Author: Special Correspondent, The Hindu
"Israeli spyware used to target Indian journalists, human rights activists: WhatsApp", 31 October 2019
Facebook-owned WhatsApp...said Indian...journalists and human rights activists were among those globally spied upon by unnamed entities using an Israeli spyware Peagasus.
WhatsApp said it was suing NSO Group, an Israeli surveillance firm, that is reportedly behind the technology that helped unnamed entities' spies to hack into phones of roughly 1,400 users.
These users span across four continents and included diplomats, political dissidents, journalists and senior government officials.
However, it did not say on whose behest the phones of journalists and activists across the world were targeted...
Refusing to divulge identities or the exact number of those targeted in India, WhatsApp said it had in May stopped a highly sophisticated cyberattack that exploited its video calling system to send malware to its users.
WhatsApp said it "believes the attack targeted at least 100 members of civil society...this number may grow higher as more victims come forward".
WhatsApp head Will Cathcart said these victims include human rights defenders, journalists and other members of the civil society across the world.
Cathcart asserted that WhatsApp was committed to the fundamental right to privacy and that it is working to stay ahead of those who seek to violate that right.
Author: Nick Hopkins & Stephanie Kirchgaessner, The Guardian
WhatsApp has launched an unprecedented lawsuit against... NSO Group, an Israeli surveillance company, saying it is responsible for a series of highly sophisticated cyber-attacks... WhatsApp said it believed the technology sold by NSO was used to target the mobile phones of more than 1,400 of its users in 20 different countries during a 14-day period... WhatsApp believes those who were the subject of the cyber-attacks included leading human rights defenders and lawyers, prominent religious figures, well-known journalists, officials in humanitarian organisations,... women previously targeted by cyber-violence, and individuals who have faced assassination attempts and threats of violence, as well as their relatives...
WhatsApp’s lawsuit, filed in a California court on Tuesday, has demanded a permanent injunction blocking NSO from attempting to access WhatsApp computer systems and those of its parent company, Facebook. It has also asked the court to rule that NSO violated US federal law and California state law against computer fraud, breached their contracts with WhatsApp and “wrongfully trespassed” on Facebook’s property. “This is the first time that an encrypted messaging provider is taking legal action against a private entity that has carried out this type of attack against its users,” said a WhatsApp spokesman. “In our complaint, we explain how NSO carried out this attack, including acknowledgement from an NSO employee that our steps to remediate the attack were effective.”
Citizen Lab identified over 100 cases of abusive targeting of human rights defenders & journalists using NSO Group software
Author: Citizen Lab
"NSO Group/Q Cyber Technologies: Over one hundred new abuse cases," 29 Oct 2019
As reported in May 2019, WhatsApp identified and shortly thereafter fixed a vulnerability that allowed attackers to inject commercial spyware on to phones simply by ringing the number of a target’s device. Today Oct 29th, WhatsApp is publicly attributing the attack to NSO Group... After the incident, Citizen Lab volunteered to help WhatsApp identify cases where the suspected targets of this attack were members of civil society, such as human rights defenders and journalists... Citizen Lab has identified over 100 cases of abusive targeting of human rights defenders and journalists in at least 20 countries across the globe... that took place after Novalpina Capital acquired NSO Group... NSO Group spyware is being sold to government clients without appropriate controls over how it is employed by those clients. They are, in turn, using NSO’s technology to hack into the devices of members of civil society, including journalists, lawyers, political opposition, and human rights defenders—with potential lethal consequences.
Author: Access Now
An investigation conducted by WhatsApp and Citizen Lab revealed that a total of 1400+ individuals were targeted, out of whom over 100 have already been identified as members of civil society (human rights defenders, activists, journalists). The investigation found enough evidence to attribute the attack to NSO Group...This is not the first time NSO Group spyware has been found to target members of the civil society. Access Now and other NGOs have repeatedly denounced the lack of human rights protections and safeguards for the products NSO sells...
Governments hold the primary duty to prevent and remedy violations of human rights involving private companies. Israel, where NSO Group is headquartered, and the U.K., where its owner Novalpina is based, must take immediate action to forestall more violations... In this case, the direct burden falls on the spyware vendors to change their ways... we also call on large platforms to review their policies and engage their... teams to assist civil society and government in keeping users safe and identifying, attributing, and mitigating threats posed by other companies. Working with Citizen Lab to investigate the attacks, giving notice to its users, and taking legal action, WhatsApp has set a strong precedent in this case that we can build on with the entire sector.
Author: Will Cathcart, Washington Post
In May , WhatsApp announced that we had detected and blocked a new kind of cyberattack involving a vulnerability in our video-calling feature... after months of investigation, we can say who was behind this attack. Today, we have filed a complaint in federal court that explains what happened and attributes the intrusion to... NSO Group... [The attack] targeted at least 100 human-rights defenders, journalists and other members of civil society across the world. This should serve as a wake-up call... Tools that enable surveillance into our private lives are being abused, and the proliferation of this technology into the hands of irresponsible companies and governments puts us all at risk.
At WhatsApp, we believe people have a fundamental right to privacy... [F]ar more needs to be done to define what amounts to proper oversight of cyber weapons. NSO said in September that “human rights protections are embedded throughout all aspects of our work.” Yet it maintains that it has no insight into the targets of its spyware. Both cannot be true. At a minimum, leaders of tech firms should join U.N. Special Rapporteur David Kaye’s call for an immediate moratorium on the sale, transfer and use of dangerous spyware.
Author: NSO Group, PR Newswire
In the strongest possible terms, we dispute today's allegations and will vigorously fight them. The sole purpose of NSO is to provide technology to licensed government intelligence and law enforcement agencies to help them fight terrorism and serious crime. Our technology is not designed or licensed for use against human rights activists and journalists. It has helped to save thousands of lives over recent years... We consider any other use of our products than to prevent serious crime and terrorism a misuse, which is contractually prohibited. We take action if we detect any misuse. This technology is rooted in the protection of human rights – including the right to life, security and bodily integrity – and that's why we have sought alignment with the U.N. Guiding Principles on Business and Human Rights, to make sure our products are respecting all fundamental human rights.
- Related stories: NSO Group lawsuit (re hacking WhatsApp users) WhatsApp dépose une plainte contre NSO Group l'accusant d'avoir espionné les téléphones portables de plus de 100 défenseurs des droits WhatsApp sues Israeli cyber surveillance company NSO Group, accusing it of hacking the phones of human rights activists & journalists Show moreShow less
NSO spyware tools allegely used to break into cellphones of human rights activists through WhatsApp security flaws
Author: Nicole Perlroth & Ronen Bergman, New York Times
NSO, an Israeli firm accused of supplying tools for spying on human-rights activists and journalists now faces claims that its technology can use a security hole in WhatsApp, the messaging app used by 1.5 billion people, to break into the digital communications of iPhone and Android phone users.
“WhatsApp encourages people to upgrade to the latest version of our app, as well as keep their mobile operating system up to date, to protect against potential targeted exploits designed to compromise information stored on mobile devices,” the Facebook-owned company said in a statement.
The WhatsApp hole was used to target a London lawyer who has been involved in lawsuits that accuse NSO Group of providing tools to hack the phones of Omar Abdulaziz, a Saudi dissident in Canada; a Qatari citizen; and a group of Mexican journalists and activists, the researchers said. The researchers believe the list of targets could be much longer.
The NSO Group said in a statement on Monday that its spyware was strictly licensed to government agencies and that it would investigate any “credible allegations of misuse.” The company said it would not be involved in identifying a target for its technology, including the lawyer at the center of the latest accusations.