Growing reports reveal rights advocates threatened by heightened surveillance
Not only do the UAE and Bahraini authorities violates activists’ basic human rights and imprison them, but the activists’ personal life is also not safe from these regimes’ espionage.
Paragraph 1 of Article 17 of the International Covenant on Civil and Political Rights explicitly states, “No one shall be subjected to arbitrary or unlawful interference with his privacy, family, home or correspondence, nor to unlawful attacks on his honor and reputation.”
This implies that any communications surveillance program must adhere to local and international human rights law, as surveillance not only frightens those who are directly targeted but also has a frightening effect on activists or journalists, who may self-censor out of fear of potential observation.
Reportedly, Bahraini human rights advocate Ebtisam al-Saegh had her mobile device hacked at least eight times between August and November 2019, by advanced spyware made by “Israel’s” NSO Group, the world’s most infamous hacker-for-hire firm.
“I now fear the worst and worry that the Bahraini government will be able to exploit my personal documents and family photos,” al-Saegh told the Guardian.
In May 2017, al-Saegh was detained, sexually assaulted, and tortured by security officers at Bahrain’s National Security Agency.
“As someone who has been unable to heal from the torture and sexual assault experienced by Bahraini security due to the culture of impunity that allows my abusers to walk free, I feel deep pain in knowing that malicious spyware has now been used against me,” al-Saegh told MEE.
Al-Saegh is known for her activism, reporting rights violations, and calling for justice for victims of torture in Bahrain’s detention centers with SALAM for Democracy and Human Rights (SALAM DHR).
The rights advocate pointed out that she is not only worried about surveillance but terrified that this breach will impose a serious threat to her safety and her life.
“This increased surveillance on human rights defenders is one of the consequences of Bahrain’s normalization with “Israel,” and it will only stop when NSO, “Israel,” and Bahrain are held accountable,” she added.
The revelations are part of an investigation by the Front Line Defenders (FLD) and confirmed by the University of Toronto’s Citizen Lab, a cybersecurity watchdog, which “studies information controls that impact the openness and security of the Internet and that pose threat to human rights.”
NSO is an Israeli surveillance company regulated by “Israel’s” ministry of defense, which approves the sale of NSO’s spyware technology to government clients around the world. It has contracts with 45 countries, but the leaked list is dominated by only 10 of those, including Bahrain, which is believed to have acquired access to it in 2017.
Back in August, Citizen Lab reported that 9 Bahraini activists had their phones hacked between June 2020 and February 2021. Among those targeted were members of the Bahrain Center for Human Rights (BCHR), which described the sale of Israeli-made spyware to Manama as “worrisome knowing its longstanding history of oppression.”
“The fact that Bahrain uses spyware to target political opposition and activists, given its record of repression, is not quite a surprise. The real concern is: what now? Will all parties involved in these violations still enjoy impunity?” said BCHR’s Nedal Al Salman.
Bahraini rights campaigner Sayed Alwadaei is among those journalists, activists, and politicians believed to be chosen for surveillance by clients of “Israel’s” NSO Group. According to The Guardian newspaper, Alwadaei’s number appears in the leaked data from 2018. He was apparently selected by a customer, understood to be the UAE.
In one case, a member of Bahrain’s opposition Al-Wefaq group was also targeted. Al-Wefaq blasted the Manama regime, saying this attack is part of a broader assault on civil society and it raises serious questions about the prolonged surveillance of rights defenders.
The firm was the focus of recent media reports that exposed the company’s Pegasus Spyware was used in several instances of successful or attempted phone hacks of business executives, journalists, and human rights activists across the world.
Once installed on a mobile phone, NSO’s flagship program, Pegasus, can harvest any data from it and transmit it back to the attacker. It enables clients to access messages, photos, videos, recordings, location records, web searches, camera, and microphone passwords, call logs, and social media posts and can turn the phone into a remote listening device.
NSO claims that its software is licensed for use by client countries against suspected terrorists and serious criminals and that it investigates credible allegations of client abuse.
In November, Apple sued the NSO Group in federal court over what it said was the targeting of Apple users. Apple’s senior vice president of Software Engineering, Craig Federighi, said, “State-sponsored actors like the NSO Group spend millions of dollars on sophisticated surveillance technologies without effective accountability.” That needs to change.
For her part, the U.S. Commission on International Religious Freedom chairperson (USCIRF), Nadine Maenza, expressed concern on Twitter about Pegasus spyware being “used to target organizations and individuals in Bahrain who advocate for freedom of religion and belief” and called for a “full and transparent investigation” into this matter.
USCIRF is a U.S. government body that monitors conditions abroad. It has no power to enforce its recommendations, but theoretically speaking, the State Department is required to consider them.
Surveillance of rights activists, according to a right activist who requested anonymity, violates their freedom of expression and jeopardizes their personal security and lives.
Along with the Bahraini activists, the Israeli malware was allegedly also used to surveil the late Emirati rights activist Alaa al-Siddiq, who was likely to have been hacked from 2015, when she lived in Qatar, up until 2020, when she was living in the UK, according to Citizen Lab. Al-Siddiq fled the UAE, where she had risked arrest for her activism. She was executive director of the rights organization, ALQST.
In 2016, Citizen Lab revealed that the NSO’s technology was used against the UAE dissident Ahmed Mansoor.
This targeting of rights defenders provides further evidence of a pattern of human rights infringements facilitated by NSO Group through spyware sales to governments that use the technology to persecute civil society and social movements in various states.
Likewise, these infringements underscore how the NSO Group’s Human Rights Policy has unfortunately failed to mitigate rights abuses and provide robust support for impartial and transparent inquiries into these abuses.
Therefore, the international community ought to implement an immediate moratorium on the sale, transfer, and use of surveillance technology until adequate human rights safeguards are in place and to take urgent action to denounce human rights violations by states facilitated by the use of the NSO Group’s Pegasus spyware.