The European Federation of Journalists (EFJ) fully supports the call by the Council of Europe Commissioner for Human Rights, Dunja Mijatović, to impose a moratorium on the use of highly intrusive spyware by governments. The EFJ recalls that many journalists have been victims of this abusive surveillance, notably in Hungary, Greece, Spain, France, Belgium and Azerbaijan.
In 2021, the Pegasus Project, one of the most ambitious transnational investigative journalism projects, coordinated by Forbidden Stories and assisted by Amnesty International’s forensic lab, exposed the use of spyware to surreptitiously penetrate journalists’ communications.
In Hungary, investigations continued into the use of Pegasus by state intelligence agencies to surveil at least five journalists and media owners. In January 2022, the Hungarian National Authority for Data Protection and Freedom of Information issued a report concluding that in all the cases they investigated, including those involving journalists, all legal criteria for the application of the spyware were met and the spyware was used to protect national security. No explanation was given about why these journalists posed a threat to national security..
Even though European governments promised to clamp down on illegal surveillance, new cases have emerged in 2022, especially in Greece where a new spyware, Predator, was allegedly used by the National Intelligence Agency to spy on journalists. In April 2022, in Spain, it was revealed that four Catalan journalists were among those to have their smartphones targeted or infected with Pegasus between 2017 and 2020. Other cases have been reported in France, Belgium and Azerbaijan, in 2021.
“Ample evidence exists that Pegasus spyware has been used illegally and for purposes of domestic and international espionage rather than legitimate public safety concerns,” said Dunja Mijatović. “The targeting of journalists with spyware endangers the confidentiality of their sources and, with that, the functioning and credibility of one of the most crucial pillars of our democratic societies: free access to information for all and the promotion of a pluralist media environment. To prevent grave human rights violations stemming from the use of commercial spyware like Pegasus, Council of Europe member states must comply with their obligations under the European Convention as interpreted by the Court and ensure the legality, legitimacy, and necessity and proportionality of each such use.”
“It is high time for Council of Europe member states to recognise that the Pegasus spyware scandal is more than just an embarrassing episode,” she added. “I call on Council of Europe member states to impose a strict moratorium on the export, sale, transfer, and use of highly intrusive zero-click spyware tools such as Pegasus, and to put in place a precise, human rights compliant legislative framework for the use of modern surveillance technology. This framework should provide for meaningful procedural guarantees, robust systems of ex-ante and ex-post oversight through judicial review and parliamentary scrutiny, and effective redress mechanisms for victims. (…) Member states should further pay enhanced attention to the fact that the spyware industry is continuously developing new tools that, without safeguards and oversight, can be weaponised for nefarious purposes and facilitate human rights abuses.”
“In the face of such a threat, the EFJ calls on the European Parliament, which will start debating the issue, to strengthen the provisions of the European Media Freedom Act (EMFA) to combat all forms of surveillance that jeopardise the protection of journalistic sources,” said EFJ President Maja Sever. “The proposed EMFA provisions are a step backwards in the protection of journalistic sources as they do not correspond to the protection of journalistic sources as provided in the European Convention on Human Rights and the case law of the European Court of Human Rights guaranteeing the right of journalists to protect their sources.”