Investigation finds police did not use NSO’s Pegasus without court approval

The team did find that police had collected data they were not legally allowed to collect, although they did not use it.

 Chief of police Kobi Shabtai, Minister of Public Security Omer Bar Lev and Israeli police officers at the Israel Police Independence Day ceremony at the National Headquarters of the Israel Police in Jerusalem May 1, 2022. (photo credit: ARIE LEIB ABRAMS/FLASH 90)
Chief of police Kobi Shabtai, Minister of Public Security Omer Bar Lev and Israeli police officers at the Israel Police Independence Day ceremony at the National Headquarters of the Israel Police in Jerusalem May 1, 2022.
(photo credit: ARIE LEIB ABRAMS/FLASH 90)

The investigation team tasked with investigating allegations that Israel Police had wiretapped devices without receiving court approval announced on Monday that it had found “no indication” that police had wiretapped devices without receiving approval.

It did find, however, that police had collected data they were not legally allowed to collect, even if they didn’t use it.

In February, allegations were raised by Israeli business daily Calcalist that Israel Police had used the NSO Group’s Pegasus spyware against politicians, government officials, activists and journalists without a court order and in direct violation of the law. According to the report, the technology was used to gather intelligence, not evidence.

Pegasus spyware, called “Siphon” by police, is capable of remotely and covertly extracting information from targets’ cell phones, including text, browser history, call history and screenshots, among other information.

The formation of a team headed by Deputy Attorney-General Amit Marari was announced within days in order to investigate the allegations. Additionally, police were prohibited from using wiretapping measures until the investigation was completed. The State Comptroller’s Office is also investigating the use of spyware systems.

 A man walks past the logo of Israeli cyber firm NSO Group at one of its branches in the Arava Desert, southern Israel July 22, 2021 (credit: REUTERS/AMIR COHEN) A man walks past the logo of Israeli cyber firm NSO Group at one of its branches in the Arava Desert, southern Israel July 22, 2021 (credit: REUTERS/AMIR COHEN)

The team worked with the assistance of technological experts from the Shin Bet and the Mossad to conduct an in-depth inspection of the systems owned by Israel Police. They also questioned current and past police officers concerning the methods used by police in wiretapping and met with relevant professionals who have expertise on the matter.

While the investigators found that police did not tap mobile phones without a court order, it did find that police collected material that it was not legally allowed to collect because the systems it was using were not adapted to the needs of the police. While, according to police procedures, this material could not be used, the collection of it alone was an overstepping of its authority.

An example of the material forbidden to police is information on the target device that was created before the police started listening and before the date of the court order. Pegasus can also receive information that does not constitute “communication between devices” (and is therefore forbidden to police to collect) including logs, lists of applications, contacts and notes saved on the device.

"The team believes that the significance of introducing the use of a system with wide-ranging technological capabilities, which is a turning point in terms of the world of wiretapping, was not fully understood by the decision makers in Israel Police."

Summary

“The team believes that the significance of introducing the use of a system with wide-ranging technological capabilities, which is a turning point in terms of the world of wiretapping, was not fully understood by the decision-makers in Israel Police,” read a summary published on Monday.

“Over the years, the full significance required has not been attributed to the scope of the potential capabilities of the system and to the fact that prohibited materials enter the police computers from mobile phones, and to the accessibility of the materials received in the police systems.”

The team stressed that while police had specific procedures prohibiting the use of this excess information, from the commission point of view the procedures are not enough and these abilities must be removed from the systems used by police.

Additional 'deficiencies' found in police's use of wiretapping

Additional deficiencies in police use of wiretapping were found as well and the investigators recommended that police act to correct them in the near future.

The team did find a few cases in which the court order issued did not correspond to the wiretapping operation carried out by police using Pegasus software, but in these cases the infection was unsuccessful and no data was collected.

The investigators added that there was no orderly procedure concerning the sharing of information about these systems between police legal advisory bodies and its technological bodies and that this would need to be fixed to ensure that these systems were being adapted to meet legal requirements.

The team also stressed that police must bring any new technological capabilities it wants to acquire or develop for the purpose of collecting or processing data for the approval of the attorney-general. Additionally, a deepening of technological legal knowledge in the Justice Ministry is required.

“The report details a series of issues that require improvement and regulation in issues related to the wiretapping of communications between computers, with the aim of ensuring that the operation of advanced technological tools will be within the limits of authority according to the wiretapping law,” said Marari.

"The report details a series of issues that require improvement and regulation in issues related to the wiretapping of communications between computers, with the aim of ensuring that the operation of advanced technological tools will be within the limits of authority according to the wiretapping law."

Deputy Attorney-General Amit Marai

The head of the team added that once these issues are fixed, including through the implementation of technological blocks to keep wiretapping within legal restrictions and legal supervision to ensure wiretapping is conducted according to the law, police could be allowed to resume the use of wiretapping systems.

The investigators also called for legislation to be passed that would regulate the use of wiretapping in the digital age, taking into account the unique characteristics of the violation of privacy with modern systems.

“It is to be hoped that the findings of the report and its recommendations will be a stepping stone and will help Israel Police to continue to carry out its important work in maintaining the rule of law and public order, within the framework of the powers and tools at its disposal, while paying increased attention to the rights of the individual.”

Civil rights association demands spyware use be halted lacking better legislation

The Association for Civil Rights in Israel called the report “an acute and serious report that indicates significant failures in the functioning of the police and as a result, a severe violation of the privacy and rights of suspects.”

“There is an inverse relationship between the conclusions of the report and its recommendations that allow the continued use of spyware based on the existing old legislation,” added the association. “The police do not have the authority to spy on mobile phones for the purpose of wiretapping, and the Association for Civil Rights calls on the attorney-general to continue to prohibit the police from using the system. If the attorney-general allows the police to return to using the spyware without explicit legislation, the association will consider applying to the High Court.”

Police say report shows they 'acted with integrity'

Israel Police responded to the report on Monday, stating “The report clearly shows that, contrary to the false publications, the use of the technological capabilities of Israel Police was solely for the purpose of preventing and detecting serious crimes, and subject to court orders, and that no deliberate activity was carried out in violation of the law.”

Police stressed that “no use was made of the materials that were downloaded following the technological bug in the system. The police officers in the cyber framework did not make any use of them, and certainly the investigating unit did not receive them and was not aware of them at all.”

“What were serious allegations against the conduct of the police, turned out to be wrong, but unfortunately they caused great damage to the public’s trust in the police and we are obliged to act to restore them,” added police, stressing that all the issues raised in the report would be “fully addressed” by a team established by the Police Chief Kobi Shabtai.

“We see this as proof that Israel Police acted with integrity, in accordance with procedures and strict supervision when before our eyes is the fight against crime and criminals and maintaining the safety of the public.”