Israel Police accused of using NSO spyware on civilians for years without oversight
Exposé alleges infamous Pegasus tool secretly used to track anti-Netanyahu protesters, mayors and non-suspects, exploiting legal loophole; police, firm don’t explicitly deny claim
Michael Bachner is a news editor at The Times of Israel
The Israel Police has for years been making widespread use of spyware made by the controversial NSO Group against Israeli civilians, including people not suspected of crimes, exploiting a legal loophole and keeping the surveillance under tight secrecy without oversight by a court or a judge, according to an explosive investigation published Tuesday by the Calcalist business news website.
Among the reported targets were two mayors, organizers of weekly protests against former prime minister Benjamin Netanyahu’s government, an associate of a senior politician, activists campaigning against LGBT pride parades, and employees in governmental firms.
In some cases, the company’s spyware was installed on civilians’ phones to obtain information unrelated to an existing investigation, with the purpose of using the information later as leverage against suspects in questioning. In other cases, police obtained incriminating information using the spyware and later claimed the source of the information couldn’t be revealed since it would expose intelligence assets.
The Israeli company’s flagship spyware, Pegasus, is considered one of the most powerful cyber-surveillance tools available on the market, giving operators the ability to effectively take full control of a target’s phone, download all data from the device, or activate its camera or microphone without the user knowing.
The company has been involved in countless scandals in recent years and has faced a torrent of international criticism over allegations it helps governments, including dictatorships and authoritarian regimes, spy on dissidents and rights activists. In November, the US Department of Commerce blacklisted NSO Group, adding it to the list of foreign companies that engage in malicious cyber activities.
NSO insists its product is meant only to assist countries in fighting crime and terrorism. Last July, its CEO Shalev Hulio said that his firm “has chosen not to operate against Israeli and American phone numbers.”
But the exposé said the Israel Police acquired Pegasus as far back as December 2013, under commissioner Yohanan Danino, and started using it during the tenure of Danino’s successor Roni Alsheich, a former veteran Shin Bet official who served as police chief from December 2015 until December 2018. The report, which didn’t cite sources, didn’t say whether Pegasus is still being used today under Commissioner Kobi Shabtai, but said it was used as late as 2020.
Responding to the investigation, NSO didn’t deny that the Israel Police was a client, arguing that the firm wasn’t involved in customers’ use of its product and was operating legally.
The police force commented that the allegations were “baseless,” but didn’t deny it had been using Pegasus. It argued that its activity is legal and added that contrary to the accusations in the report, its use of investigation tools rested entirely on court orders and “meticulous work protocols.”
But according to Calcalist, only a handful of high-ranking officials were involved in the use of the spyware, without proper court oversight and with the usage determined solely by police investigators. It said surveillance was performed by a special operations team in a cyber division known as Sigint, whose entire operation is classified.
The report said Pegasus was used throughout 2020 against leaders of the “Black Flag” protest, which organized weekly mass anti-government protests.
The spyware was also used to obtain evidence of corruption from the phone of a serving mayor during the covert phase of an investigation, with police later obtaining the same information through court orders. It whitewashed the source of the evidence that had prompted the overt investigation as “intelligence information.”
Another serving mayor had his phone hacked, with police finding text message exchanges that raised a suspicion of illicit quid-pro-quo relations with a contractor, in a case that eventually did not yield an indictment.
Pegasus was also planted on the phone of an associate of a senior politician in an attempt to find information during a corruption investigation.
The report said that NSO’s spyware was used as a “shortcut” for police and an alternative to professional investigative work to obtain evidence. After the murder of teenager Shira Banki during the 2015 Jerusalem Pride Parade by an ultra-Orthodox extremist, police used Pegasus to follow anti-LGBT activists who were deemed potential future attackers.
In other cases, the spyware was used without court oversight against a suspect in the murder of a businessman, against a man who claimed in media interviews that he knew who murdered his relative, and to hack the stolen phone of a person who had intimate photos of them leaked online.
Calcalist claimed that former police chief Alsheich was the main official who pushed for the use of NSO’s spyware. The former Shin Bet deputy chief reportedly brought into the police force officers from covert IDF intelligence units whose views on the matter were similar to his.
The report said employees of NSO were involved in hacking the phones and that in the process, they were exposed to classified information they weren’t allowed to have.
It added that the use of the spyware was technically legal due to the ambiguity in existing laws on phone tracking, which haven’t caught up to technological advances. The conduct was therefore not subject to laws requiring police to obtain search warrants and get the approval of a district court judge before tapping a phone or another device.
Responding to the exposé, NSO Group said: “As a rule, we don’t comment on existing or potential customers. We would like to clarify that the company doesn’t operate the systems in possession of its customers and isn’t involved in their operation. Company employees aren’t exposed to targets, information about them, operational activities by clients or any information related to investigations led by them.
“The company sells its products under license and supervision for the use of state security and law enforcement authorities to prevent crime and terror legally and in accordance with court warrants and local laws in each country.”
Police commented: “There is no basis for the allegations made in the article. All police operations in this field are legal, and based on court orders and meticulous work protocols. The activity is under continuous supervision and oversight by the attorney general and qualified legal officials outside the organization. Naturally, the police will not comment on the tools it operates.
“We regret the baseless attempt to damage the police’s activity. The Israel Police will continue to act with determination to enforce the law in the State of Israel.”
Responding to the report Tuesday, Public Security Minister Omer Barlev tweeted that after an “inquiry” into the matter, “there is no practice of tracking, or hacking of devices, by the Israel Police without a judge’s approval.
“At the same time, I intend to ensure no corners are being cut on the issue of NSO and that every small detail is checked and approved by a judge,” he said.
There was no comment from Barlev on whether Pegasus had been used in the past.
MK Mossi Raz of the coalition party Meretz said all of his party’s lawmakers have contacted Barlev, demanding that Israel “immediately halt any use of the Pegasus tool against civilians.”
“An inquiry isn’t completed in a single morning, and when civil rights are on the line, there is a need for transparency and deep public discussion,” Raz added.