March 29. 2024. 6:51

The Daily

Read the World Today

EU Parliament adopts/calls for ‘de facto moratorium’ on spyware


Lawmakers adopted on Monday (8 May) a non-binding report and recommendation on the use of Pegasus and other spyware in the EU, calling for an effective ban on the technology unless certain conditions are met by the end of the year.

The documents result from an ad hoc committee set up last year to investigate Pegasus and equivalent surveillance software, following the 2021 revelations that governments worldwide had systematically deployed the NSO-provided spyware.

The text, based on 15 months of investigation, also includes country-specific recommendations. The report was adopted with 30 votes in favour and three against; the recommendations received 30 for and five against. The two will be voted on by the full Parliament at its next plenary session.

The report is “the most comprehensive overview ever of the illegitimate use of, and trade in, spyware in and through the EU,” rapporteur Sophie in ‘t Veld of the liberal, centrist Renew Europe told EURACTIV, adding that it “paints a highly alarming picture”.

European Parliament to call for national, EU level changes over spyware

In a new set of recommendations, the Parliament’s Pegasus spyware committee has expressed concern over the EU’s “fundamental inadequacy” in dealing with internal attacks on democracy and called for action by the Council and Commission to crack down on the sale and use of surveillance technology.

“De facto moratorium”

The amended report contains a key change to the draft report’s provision covering the regulation of spyware. To continue using spyware, the report’s final version says EU countries should fulfil certain criteria by 31 December 2023, described as a “de facto moratorium” by Saskia Bricmont, a Green lawmaker.

The conditions they must meet include investigating fully alleged abuses, providing an adequate governing framework in line with European law, committing explicitly to involve Europol in investigations into its illegitimate use, and repealing export licenses that are not in line with the EU’s Dual-Use regulation.

According to the resolution, the European Commission should assess whether these conditions have been fulfilled and publish their conclusions in a separate report by 30 November. The EU executive has so far declined to get involved in this matter, branding it as a member states’ issue.

The report also includes calls for action at several levels on a variety of topics, including the rights of non-targeted persons whose data is collected during surveillance, the inclusion of specific markers to help identify the tech used, and the establishment of a Commission taskforce to ensure the integrity of the 2024 European elections.

Speaking ahead of the vote, MEP in ‘t Veld highlighted the need to enforce existing legislation that could help tackle the abuse of spyware, such as the ePrivacy Directive, the Dual-Use Regulation, and the General Data Protection Regulation (GDPR).

“The problem is: If it’s not enforced and if member states consider that national security means an area of lawlessness where the EU laws don’t apply and where the EU and basically nobody has access, then what’s the point in having legislation?” she asked.

Commission to look into Pegasus affair, Reynders says

The European Commission has decided to launch an investigation on the surveillance of EU journalists as the bloc reels from the Pegasus Project revelations released over the weekend that governments had used military spyware to intercept communications.

“We are starting to …

Country recommendations

Also in the report are specific recommendations for five countries where abuse of spyware has been identified, covering what In ‘t Veld said were the two main clusters of problems identified by the committee: abuse of the spyware for political purposes, and its export from the EU to non-democratic countries.

For Poland, whose government has been accused of purchasing the software, the report urges the public prosecutor general to launch an inquiry into its abuse and calls for greater clarity on the situation to safeguard upcoming elections. It also seeks the introduction of legislation to protect citizens, and action to ensure full judicial independence and compliance with EU law.

The report has also been updated to call on the Hungarian government to comply with European-level rulings on the independence of the judiciary and to implement the EU Whistleblowers Directive.

It also expands an earlier provision on institutional and legal safeguards to stipulate that clear justification be provided in instances of surveillance and that targets be informed of the fact, duration, scope, and manner of data processing linked to the operation.

In the case of Greece, where the spyware scandal has had major and continuing ramifications, the text calls on Athens to ensure that the judiciary has the support it needs to investigate the abuse of spyware and that the government refrains from interfering in the work of the chief prosecutor.

Where the draft report urged the reversal of a 2019 amendment that placed the Greek intelligence services (EYP) under Prime Minister Kyriakos Mitsotakis’ direct control, the final report goes a step further, calling for constitutional guarantees and parliamentary control of its operation.

MEP calls for ‘clarity’ on Greek Watergate before elections

The investigation over the Greek wiretapping scandal should be completed before the national elections so “any shadow of a doubt is lifted”, Dutch MEP Sophie in ‘t Veld told EURACTIV amid concerns in Athens that some politicians whose phone was …

In Spain, the government has been accused of using Pegaus software against politicians linked to the Catalan independence movement. The spying software was also found to have infiltrated devices belonging to Prime Minister Pedro Sánchez and other members of his government.

The report calls on Spanish authorities to conduct a “full, fair and effective investigation” into alleged abuses and to provide the targets of abuse with adequate access to information about their cases. The report also calls for the start of a reform of the national intelligence service, announced last year.

Cyprus, where much of the focus is on the trade of surveillance tech, is again urged to conduct a thorough assessment of the shipment of spyware within the EU’s internal market and of any Israeli companies involved in the business that are registered in the country.

“While acknowledging that the report is not binding and could have been more ambitious on certain aspects, its implementation would be a key step for accountability, transparency and the rights of the victims,” MEP Bricmont told EURACTIV.

Strong EU rules needed to protect espionage victims, says Catalan minister

Tough EU rules to protect victims of spyware activities are essential, Catalan foreign and EU affairs Minister Meritxell Serret told EURACTIV in an exclusive interview.

Read more with EURACTIV

AI Act: EU Parliament fine-tunes text ahead of key committee vote

AI Act: EU Parliament fine-tunes text ahead of key committee vote