“… E (e)verybody feels that he is being observed by everybody and he observes everybody; a modern man is a man being watched, a state watches him using more and more sophisticated techniques, a man tries as much as he can to avoid observation; a man to a state and a state to a man are becoming increasingly suspicious, similarly every state watches the others and feels that it is being watched by every other state.” — Friedrich Dürrenmatt

The peril of living in a connected, networked world is now far too evident in the proliferation of the CCTV cameras, millimeter-wave scanners, security agency databases, big data marketers, predator drones, “stop and frisk” tactics, Facebook algorithms, hidden spyware, which in happier times was limited only to nosy neighbours and was manifested in the wider anonymity of things. All the trails that we leave in our computers, laptops, and our mobile phones and the digital transactions that we make ~ our digital footprints in our credit, medical, travel or even criminal records ~ now form a single, composite informational database that can be easily mapped, traced and manipulated by government and business.

This is an age of voyeurism. Our governments justify it on the grounds of national security. Businesses thrive on it for targeted marketing. But the abundance of privately produced and procured spyware that makes unethical forays into our private lives to exploit the knowledge gleaned in the process is nothing short of cyber warfare, which must be countered with all force. It is here the leading operating systems of the world have to take up the cudgels to put in place fool-proof security systems against any putative attempt of snooping when it comes without a judicial mandate.

Surveillance can never be a norm but an exception. No government in the world can be trusted not to engage in foul play against a specially curated set of people. More than 1,000 phone numbers in India were among nearly 50,000 selected worldwide as possibly of interest to clients of the Israelbased NSO Group, maker of the Pegasus spyware, and the objective behind this exercise cannot be taken to be benign. It is beside the point that many leaders such as India’s Narendra Modi, Brazil’s Jair Bolsonaro, Hungary’s Viktor Orbán and Duque’s Colombia remain impressed by the efficiency of Israel’s military and security apparatus in repressing opposition and resistance.

A report titled ‘Hide and Seek: Tracking NSO Group’s Pegasus Spyware to Operations in 45 Countries’ by The Citizen Lab ~ an interdisciplinary laboratory based at the Munk School of Global Affairs & Public Policy, University of Toronto, dealing with information and communication technologies, human rights, and global security ~ paints a bleak picture of the human rights risks of NSO Group’s global proliferation as Pegasus is being used by countries with poor human rights records.

Different human rights organisations pointed out that the invasive spyware has been repeatedly misused to target human rights defenders, journalists, lawyers or opposition politicians in at least four countries ~ Morocco, Saudi Arabia, Mexico and the United Arab Emirates ~ and even EU member states such as Greece, France, Latvia, Poland and the Netherlands were not spared. In 2019, the NSO Group publicly committed to abide by the UN Guiding Principles on Business and Human Rights, but an investigation by Amnesty International revealed that just days after the company made that commitment, journalist Omar Radi in Morocco was targeted with NSO’s Pegasus software.

If an invocation to human rights is currently unfashionable as a social discourse in this age of terrorism, the Citizen Lab found evidence of possible political themes within targeting materials in several countries, making the legitimacy of criminal investigations that use Pegasus look suspect. The possibility of snooping has increased with the proliferation of smartphones in use; India had 502.2 million smartphone users as of December 2019, China has more than 782 million ~ the highest in the world, the USA has over 235 million users, and the numbers might well have multiplied during the pandemic.

As such phones communicate with networks of transmission points that monitor and note a phone’s location whenever it is on, the records stored by phone companies, can be ‘subpoenaed’ ~ a subpoena is issued by the court for the production of documents or order appearance before the court in a legal proceeding ~ or their aggregate patterns can be ‘data-mined’ for commercial uses. The potential threat that such an exercise poses against a ‘target’ was evident when in December 2018, Montreal-based Saudi activist Omar Abdulaziz lodged a case against the NSO Group in a court in Tel Aviv.

He alleged that his phone had been compromised using Pegasus, and conversations that he had with his close friend, the murdered Saudi dissident journalist Jamal Khashoggi, snooped on. The most incriminating thing about Abdulaziz’s ‘belief’ is that the phone owned by Khashoggi, who was slaughtered by Saudi agents at the kingdom’s consulate in Istanbul on October 2, 2018, was hacked in August that year. In a paper titled ‘Israeli Impact on Palestinian Digital Rights During the Coronavirus Pandemic’ by Dr Nijmeh Ali published last year, the findings of Neve Gordon, an Israeli scholar who studied the Israeli security industry, draw our attention to the fact that the country’s surveillance industry stems from the close links between Israel’s military and technology sector.

Gordon’s observation is that the Israeli military was developing computer software in 1960 ~ “nine years before the Israeli software industry and university computer science programs even existed” and its prolonged occupation of the West Bank, Gaza, and East Jerusalem, along with its periodic wars, “provides a laboratory for testing and fine-tuning different products that are created or different technologies”.

The paper states how Israel has become a leading exporter of tools for spying on civilians and how dictators around the world ~ “even in countries with no formal ties to Israel” ~ use their surveillance tools for dark purposes. A project seeking to document digital violence caused by the global use of the Israeli malware, in course of interviews conducted with targets, as well as lawyers and investigators of NSO worldwide, that was supported by Amnesty International and the Citizen Lab, brings to light how digital infections are related to violence in the physical world in the form of break-ins, harassment, intimidation and murder – and how infections spread within professional and personal networks, not to speak of the extreme psychological effects of being hacked on the ‘targets’, as well as the intimidation and harassment against their families and colleagues.

Besides targeted surveillance, the secretive and un-regulated use of indiscriminate biometric surveillance without judicial safeguards or any oversight body can create a perception of mass surveillance across the population, even if we gloss over its sheer illegality. In this context one can recall that the Personal Data Protection Bill 2019, that seeks to provide for protection of personal data of individuals, and establishes a Data Protection Authority for the same, lying pending in the Lok Sabha since 2019, is still awaiting legislation.

What gradually transpires is that the proliferation of digital communication technologies has not only expanded the activist toolkit, but the state’s repressive repertoire as well, as regimes across the world have adopted them – to identify and track dissident networks, monitor their activities, hack and deface social media accounts and websites, plant malware, phish for confidential information, steal identities, and transmit private and public threats” and by other unlisted means.

Governments across the world have taken to various stratagems to expand the scope of digital transnational repression such as deployment of spyware on the mobile devices of their targets abroad, disruption operations of media and opposition websites based abroad, including defacement and Distributed Denial of Service attacks (DDoS) campaigns by hackers, the deployment of cyberespionage campaigns (for instance, by China against Tibetan diaspora or pro-democracy groups in Hong Kong). In India, social media insults, calls for rape and death threats to women activists have been a time-tested tool for repression.

Regime-recruited ‘troll armies’ often take to digital platforms to discredit or intimidate any dissenting voices or spread disinformation with a view to drowning out accurate content. The recent legislation that adopted obliging service providers to proactively filter online content, without sufficient safeguards preventing the possible abusive use of such tools, must be taken with a pinch of salt, scholars warn, as it is a measure to fuel real-time censorship that, alongside sophisticated content filtering techniques that engage algorithms powered by machine learning, prevents independent journalists from using digital communication for fear that they would be monitored or intimidated.

The Pegasus episode is a crime for the simple reason that it is hacking ~ a criminal offence under India’s Information Technology Act. The careful selection of the targets in the list does point out that a dark deal was indeed made and mandated by people not too unfamiliar to us. But this might well be the beginning for governments to continue to interrupt citizens’ access to online information and target their privacy in far more brazen but covert ways in the coming days.

(The writer is a Kolkata based commentator on politics, development, and cultural issues)