Human Lives Human Rights: NSO Group’s Pegasus spyware has yet again targeted a prominent human rights activist in Morocco in recent months.
Two phones belonging to Sahraoui human rights defender Aminatou Haidar were targeted and infected as recently as November 2021, just months after the Pegasus Project revelations shocked the world, an analysis by Amnesty International revealed.
It is further proof that companies like NSO Group will continue to facilitate human rights violations unless they are properly regulated. NSO Group’s human rights policies are meaningless in practice.
The forensic evidence of Pegasus misuse since 2019 in Morocco has been proved repeatedly, as well as in over a dozen countries in the Pegasus Project investigation, yet NSO Group has taken no action to prevent the ongoing human rights violations caused by its tools in Morocco.
Human Rights defenders urge that NSO Group must be held accountable for its role in the targeting of Aminatou Haidar, and other fearless activists from Morocco and Western Sahara.”
Aminatou Haidar is a human rights defender from Western Sahara, who has won multiple awards for her peaceful activism, including the Robert F. Kennedy Human Rights Award in 2008, the 2009 Civil Courage Prize, and the Right Livelihood Award in 2019.
After receiving security alerts by email from Apple saying her phones may have been targeted by state-sponsored attackers, Aminatou Haidar contacted the Right Livelihood Foundation, who referred her to Amnesty International’s Security Lab for forensic analysis. The Security Lab then confirmed the targeting and infection with NSO Group’s Pegasus spyware.
The analysis showed that one of Haidar’s phones contained traces of Pegasus targeting dating back to September 2018, and further traces of infection as recently as October and November 2021 on the other.
The forensic records from Haidar’s phone were then shared with Citizen Lab researchers at the University of Toronto, who independently confirmed the Pegasus infections from October and November 2021.
This clearly indicates that civil society in Morocco and Western Sahara is still being unlawfully targeted with the Pegasus spyware.
NSO Group’s repeated failure to act on the misuse of its tools indicates that it has failed in its human rights responsibilities to not contribute to human rights violations and failed to conduct adequate human rights due diligence in order to mitigate harm.
Since the first revelations of the Pegasus Project, targets from countries including Palestine, El Salvador, Poland and Belgium, have been uncovered, highlighting the wide range of abuses and violations committed using NSO Group’s Pegasus spyware.
Spyware companies like NSO Group cannot be trusted to regulate themselves, thus, rights groups are again calling for an immediate moratorium on the sale, transfer, and use of spyware technology until a human rights regulatory framework is in place.