New York Times journalist Ben Hubbard was targeted with NSO Group’s Pegasus spyware via a June 2018 SMS message promising details about “Ben Hubbard and the story of the Saudi Royal Family.” The SMS contained a hyperlink to a website used by a Pegasus operator that we call KINGDOM. We have linked KINGDOM to Saudi Arabia. In 2018, KINGDOM also targeted Saudi dissidents including Omar Abdulaziz, Ghanem al-Masarir, and Yahya Assiri, as well as a staff member at Amnesty International.
This document provides a high-level introduction to deep packet inspection, Internet filtering, and targeted intrusion dual-use technologies with the aim of familizaring the reader with their key technical features, the surrounding international human rights law framework, and some of the leading research to date on their deployment.
In recent days, United Nations Special Rapporteurs have released two revelatory reports that demonstrate the dangerous effects of unchecked technology in the hands of autocrats: one relating to the proliferation and abuse of surveillance software and one that investigates the murder of Washington Post journalist Jamal Khashoggi. Both reports highlight the danger of unaccountable and unregulated surveillance technology sold to countries with egregious human rights records.
18 June 2019 Dear Yana and Stephen Peel, We write to you in light of recent reporting indicating that you both own a stake in Novalpina Capital LLP. As Yana Peel has recently expressed that she believes criticism of NSO Group is “misinformed,” we thought it appropriate to specifically draw Ms. Peel’s attention to the… Read more »
This report provides an in-depth legal and policy analysis of technology-facilitated intimate partner surveillance (IPS) under Canadian law. Stalkerware apps are designed to facilitate remote surveillance of an individual’s mobile device use with the surveillance often being covert or advertised as such. Despite increasing recognition of the prevalence of technology-enabled intimate partner abuse and harassment, the legality of the creation, sale, and use of consumer-level spyware apps has not yet been closely considered by Canadian courts, legislators, or regulators.
This report was collaboratively written by researchers from computer science, political science, criminology, law, and journalism studies. As befits their expertise, the report is divided into several parts, with each focusing on specific aspects of the consumer spyware ecosystem, which includes: technical elements associated stalkerware applications, stalkerware companies’ marketing activities and public policies, and these companies’ compliance with Canadian federal commercial privacy legislation.
Endless Mayfly is an Iran-aligned network of inauthentic websites and online personas used to spread false and divisive information primarily targeting Saudi Arabia, the United States, and Israel. Using this network as an illustration, this report highlights the challenges of investigating and addressing disinformation from research and policy perspectives.