A proposal by Defense Minister Naftali Bennett to have Military Intelligence and the controversial private intelligence firm NSO Group assist the government in tracking carriers of the coronavirus, in an effort to better predict outbreaks, appeared to be dead in the water following a discussion on the matter in the Knesset Monday.
During the Knesset subcommittee session, lawmakers voiced opposition to the idea, citing grave privacy concerns, and government officials indicated the plan was not yet a serious one and that no formal requests had been filed with the relevant offices.
Earlier in the day, in a series of tweets, Bennett had floated the idea of giving the Israel Defense Forces’ elite Unit 8200, along with NSO, access to highly personal data of Israeli citizens that had been collected by the Shin Bet security service and Health Ministry as part of an already contentious mass surveillance program.
According to the defense minister, Unit 8200 — equivalent to the United States’ NSA — and NSO, a private company that has reportedly sold surveillance software to human rights-violating regimes around the world, have developed a program based on artificial intelligence that could give a score out of 10 to every person in the State of Israel based on their estimated likelihood of having the coronavirus.
So a person who was known to have been in direct contact with a carrier would receive a score of 9, while someone who has not been exposed would get a 3, Bennett said.
With these scores, the program could predict where outbreaks would occur, giving authorities the ability to prevent them.
However, the software would require personal medical, location and other data from large swaths of the population, raising major privacy concerns, particularly due to the involvement of a private intelligence firm.
The proposal was discussed during a meeting of the Knesset Subcommittee for Secret Services, which is tasked with overseeing the current Shin Bet mass surveillance program.
During the meeting, the Israel Democracy Institute, which opposed the Shin Bet’s tracking program, sent a message to the chair of the subcommittee, MK Gabi Ashkenazi, about Bennett’s plan.
Currently, the Shin Bet uses its access to the entire country’s cellular data and credit card records, among other digital information, to retrace the movements of those found to have contracted the coronavirus in order to determine with whom they may have been in contact so the Health Ministry can issue them quarantine orders.
In the past, this type of powerful surveillance effort was used solely in the fight against terrorism, not in the case of Israeli citizens who have not been accused of a crime. Critics of the program argued that the Shin Bet in particular should not be tasked with such a sensitive program as it is not subject to the country’s transparency laws.
Under the program, which met with significant backlash from Israeli civil society and from politicians, only a small number of Shin Bet officers are meant to have access to the data and are only permitted to give it to a handful of approved officials in the Health Ministry.
The defense minister’s proposal would significantly increase the number of people with access to the personal information of Israeli citizens.
During the discussion, Yisrael Beytenu MK Eli Avidar indicated that efforts to expand such a mass surveillance program were predictable, because once one security service receives access to a powerful new tool, others want to as well.
“What did you think would happen?” Avidar asked rhetorically.
Indeed, several privacy experts warned that the Shin Bet program was a Pandora’s box, which once opened could not again be shut.
Ashkenazi also balked at the notion of a private company like NSO Group getting access to Israelis’ personal data.
Representatives of the Attorney General’s Office, the Health Ministry and the Shin Bet who took part in the subcommittee meeting said they had only learned of the defense minister’s proposal through media reports and queries from journalists, and that he had not filed a formal request on the matter.
“We received a very, very initial request — basically an informal request with no legal grounding — about this matter. So for us, it’s not really recognized or being taken care of,” a representative from the Attorney General’s Office said.
A Shin Bet spokesperson told The Times of Israel that it has not transferred the information at its disposal — and legally cannot — to any government agency, including the IDF, save for the Health Ministry.
“[The security service] is neither authorized nor permitted to transfer the data to any institution other than those designated in the government’s decision,” the Shin Bet said.
The Herzliya-based NSO Group is best known for marketing Pegasus, a highly invasive tool that can reportedly switch on a target’s cellphone camera and microphone and access data, effectively turning the phone into a pocket spy.
In October, Facebook, which owns the WhatsApp messaging app, filed suit in the US against the company, accusing it of using the hugely popular messaging platform to conduct cyber-espionage on nearly 1,400 journalists, diplomats, dissidents and human right activists worldwide.
The FBI, meanwhile, is investigating NSO over suspicions its products were used to hack American citizens’ phones and spy on foreign governments, according to Reuters.
In January, independent UN rights experts said that the alleged Saudi hacking of Amazon owner Jeff Bezos’s phone was likely carried out using NSO spyware. Bezos’s phone was reported to have been infiltrated through a WhatsApp account belonging to Saudi Crown Prince Mohammed bin Salman.
The spyware has also been implicated in the gruesome killing of Saudi journalist Jamal Khashoggi, who was dismembered in the Saudi consulate in Istanbul in a 2018 incident that has also been linked to Prince Mohammed.
NSO Group insists it provides its software to governments for the sole purpose of fighting terrorism and crime, and has denied allegations against it.
Times of Israel staff contributed to this report.