©2021 Reporters Post24. All Rights Reserved.
A rights group on Thursday called on the Mexican government to suspend all use of surveillance spyware until robust and transparent regulations are put in place that respect human rights.
Of the more than 50,000 phone numbers that a collaboration of 17 media organisations and a rights organisation found were selected for surveillance by clients of the Israeli tech firm NSO Group, 15,000 were in Mexico.
Politicians from across the political spectrum, journalists, human rights activists, judges and doctors were allegedly targeted for spying between 2016 and 2017, according to the investigation. In Mexico, 27 journalists and activists were possibly targeted.
And at least 50 people linked to the leftist President Andres Manuel Lopez Obrador, back when he was a candidate for president – including his wife, children, drivers and even his cardiologist – were on the list.
“We are calling on governments to suspend the purchase and use of instruments of surveillance until adequate regulations that respect human rights are put in place,” Edith Olivares Ferreto, executive director of Amnesty International Mexico, said during a virtual news conference on Thursday.
“We hope that the revelation of the magnitude of illegitimate surveillance and impunity that operates in the NSO Group and its clients will lead to a revision of the accounts and to the regulation of an opaque sector,” she said.
Amnesty International, a United Kingdom-based rights group, provided technical assistance to the “Project Pegasus” investigation. Researchers say their analysis found that “mass and selective surveillance” has been taking place in Mexico that unjustly targeted activists and journalists.
The group launched a petition on Wednesday entitled Pegasus in Mexico: No to Surveillance.
“Mass surveillance like this violates the rights to freedom of privacy and expression, to personal security, to the presumption of innocence, and the State has the obligation to protect people,” reads the petition.
Ten countries have been named as having allegedly used the software, including Bahrain, Hungary, India, Morocco, Saudi Arabia and the United Arab Emirates (UAE). Mexico is the only Latin American country on the list.
NSO’s Pegasus spyware can infiltrate a mobile device either through a text message that the user would click or more recently through “zero-click attacks” that compromise phones without any action by the user. Messages, chats, phone calls, contacts and emails can be monitored.
Amnesty says the results of its research in Mexico call into question NSO’s claim that its product is only used by states to tackle serious crime and terrorism.
“Despite the fact that the NSO Group has repeatedly said that they only sell their software to states and solely for the purpose of combatting terrorism and crime, the targets of surveillance have been human rights defenders, activists, people in the opposition and journalists,” Olivares Ferreto told Al Jazeera
“Mexico did not use this software to combat terrorism or organised crime, but to spy on people for political purposes,” she said.
Mexico has been widely reported as being NSO Group’s first client, and the administration of Lopez Obrador said previous Mexican governments have purchased and used Pegasus spyware.
Mexico’s Public Safety Secretary Rosa Icela Rodriguez said on Wednesday that the country’s two previous administrations had signed at least 31 contracts with NSO Group and spent $61m to purchase Pegasus hardware, software and equipment. She said the contracts date back to the administrations of Felipe Calderon, who was president from 2006-2012, and Enrique Pena Nieto, who governed from 2012-2018.
She said many of the contracts were signed with front companies, allegedly to facilitate kickbacks.
Speaking during Lopez Obrador’s daily news conference, she vowed to “find those responsible for this illegal practice who violated rights”.
Lopez Obrador said he would make the contracts with NSO Group public.
Cybersecurity experts in Mexico say there is currently little to no regulation or legislation in the country to oversee the use of privately purchased spyware, and virtually anyone is at risk.
“Mexico has not had clear policies in relation to protections of data or technology,” Victor Ruiz, a cybersecurity expert and owner of SILIKN, a technology startup.
“This has allowed the proliferation and the growth of this monitoring and spying and there has not been any punishment or clear legislation or regulation that could in some way hold those responsible – even less so when the government is the one doing it.