Snooping via spyware raises questions over data security

PEGASUS’ GHOST refuses to die down. More than 80 investigative journalists from 17 media houses in 10 countries working on one global surveillance story have once again resurrected the ghost of Pegasus. While this is a still developing story, it has been found that phones of several politicians, activists, journalists and one sitting Judge were hacked through the spyware in the country.

The cyber security experts find that this cyber weapon could penetrate the iPhones and android-based smartphones with ease. A single missed call can install the spyware on any phone and then delete the call log, leaving targets with not even an iota of seamless intrusion into their devices.

Once installed, the software can access every information available on the phone, even encrypted chats, messages, calls, user location, video camera and microphone from the compromised device.

The July 2021 snooping report comes a little over two years after the same spyware was found to have been used to hack phones of several journalists and activists in June 2019. Developed by an Israeli firm called the NSO Group, Pegasus is a highly sophisticated surveillance software which first came into prominence when it was alleged that it was used to hack the phone of an Arab human rights activist way back in 2016.

Amid the brewing controversy, two petitions have been filed in the Supreme Court seeking a court-monitored probe into it and who had paid for spying? By far, the Government has denied the surveillance charge, saying that it has no basis though the Israeli company claims the Pegasus software is sold only to ‘vetted’ governments to check terrorism and crime.
However, it must clearly answer whether journalists, activists and politicians etc. were being spied on? The government must get to the bottom of the allegations about Pegasus because these have been vetted by media entities from across the world and the technical analysis of smartphones confirms the presence of the spyware.

The government must respond to the questions whether it had purchased spyware and used it or not. The statement by the Minister for IT does not give much confidence as he has merely alleged that it was no coincidence that the news broke a day before Parliament session began.

The minister quipped that such services are openly available to anyone and there is no factual basis to suggest that the use of the data somehow equates to surveillance. It is incumbent upon the government to institute an independent public inquiry to investigate the allegations to repair the public trust.

Ironically, the Personal Data Protection Bill introduced in the Parliament in December 2019 to regulate the use of data by government and private companies has still not seen the light of the day with the 30-member Joint Parliamentary Committee giving it a fifth
extension in a row to submit the report.