- Jul 27, 2015
The US Supreme Court has quashed spyware maker NSO Group's argument that it cannot be held legally responsible for using WhatsApp technology to deploy its Pegasus snoop-ware on users' phones.
Facebook and its WhatsApp subsidiary sued the notorious Israel-based software company in 2019, alleging that NSO exploited a zero-day bug in WhatsApp to remotely drop Pegasus on about 1,400 smartphones belonging to attorneys, journalists, human rights activists, political dissidents, diplomats and other senior foreign government officials in multiple countries. Pegasus, of course, is the now-infamous malware that NSO claims is only sold to legitimate government agencies - not private companies or individuals - and can only be used "for the purpose of preventing and investigating terrorism and other serious crimes," despite numerous reports from Citizen Lab, Google, and the media of the malicious code being used to spy on journalists, activists, and politicians by their opponents. Once installed on a victim's device, Pegasus can, among other things, secretly snoop on that person's calls, messages, and other activities, and access their phone's camera without permission.
In response to Facebook's lawsuit, NSO asked the courts to dismiss the lawsuit on the grounds that the immunity of foreign states from prosecution also applies to non-governmental vendors. After the lower courts rejected its argument, NSO appealed to the US Supreme Court, which today denied [PDF] its case, thus kicking it back to the Court of Appeals. NSO, for its part, maintains that Pegasus' use was - and is - all aboveboard.