Cyber spying firm NSO to follow human rights guidelines

NSO said it would from now on systematically apply procedures to identify risks that its technology could harm human rights, and then prevent or mitigate them.

Cyber hacking (illustrative) (photo credit: INGIMAGE)
Cyber hacking (illustrative)
(photo credit: INGIMAGE)
The Israeli-based NSO Group, whose software is alleged to have been used in a number of government surveillance scandals, said on Tuesday it would abide by U.N. guidelines to prevent rights abuses.
NSO is best known as a supplier of surveillance tools to governments and law enforcers, and says its products tackle and prevent serious crimes and support search and rescue operations after natural disasters.
But its cellphone hacking software, Pegasus, has been linked to political surveillance in Mexico, the United Arab Emirates and Saudi Arabia, according to University of Toronto's Citizen Lab, which researches digital surveillance, security, privacy and accountability.
Shalev Hulio, co-founder and chief executive of NSO, said: "NSO's products provide governments with the tools to help stop the world's worst terror attacks and most dangerous criminals. But (we) also understand that misuse could represent human rights violations."
NSO said it would from now on systematically apply procedures to identify risks that its technology could harm human rights, and then prevent or mitigate them.
It also plans to evaluate its sales process and contractually oblige customers to limit the use of its products to the prevention and investigation of serious crimes, and to ensure that they will not be used to violate human rights.
A Saudi dissident close to murdered journalist Jamal Khashoggi filed a lawsuit last year alleging that NSO had helped the royal court to take over his smartphone and spy on his communications with Khashoggi. Hulio has denied that NSO technology was used in Khashoggi's murder.
In May, the electronic encrypted messaging service WhatsApp said a security breach on its app showed signs of coming from a government using surveillance technology developed by a private company, and may have targeted human rights groups.
WhatsApp told human rights groups it had some reasons to believe the spyware had been developed by NSO. The firm at the time did not comment on the specific incidents but said it would investigate any "credible allegations of misuse" of its systems.
NSO, which Francisco Partners sold seven months ago to NSO managers and the European private equity firm Novalpina Capital, said the rules also provide mechanisms to enable reporting and investigation of suspected misuse of its products.
"This new policy publicly affirms our unequivocal respect for human rights and our commitment to mitigate the risk of misuse," Hulio said.
NSO said it had taken on Tom Ridge and Juliette Kayyem, former secretary and assistant secretary at the U.S. Department of Homeland Security, and former French ambassador to the United States Gerard Araud as advisers.
Amnesty International published a statement in response to NSO's policy change saying that the policy was "too late" and that, "while on the surface it appears a step forward, NSO has a track-record of refusing to take responsibility. The firm has sold invasive digital surveillance to governments who have used these products to track, intimidate and silence activists, journalists and critics."