Pegasus spyware has put women in the global south at risk of blackmail, harassment and even 'bodily harm,' experts and victims say
* Pegasus program puts women at greater risk in global south
* Women used as 'pawns' to reach other targets
* 'Intimate' material gathered by spyware hits women harder
By Rina Chandran and Maya Gebeily
BANGKOK/BEIRUT, Aug 11 (Thomson Reuters Foundation) - Dozens of women across India, the Middle East and North Africa who were likely targeted for surveillance by governments using Pegasus spyware are now at a heightened risk of being blackmailed or harassed, tech experts and victims said.
Developed by Israeli tech firm NSO, Pegasus turns a mobile phone into a surveillance device - using its microphone and cameras and accessing and exporting messages, photos and emails without the user's knowledge.
Deploying the software in countries with few privacy protections, restricted freedom of expression, and broadly conservative societies can pose a particular risk to women, rights activists warned.
"A woman being targeted for surveillance is different from a man being targeted because any information can always be used to blackmail or discredit her," said Anushka Jain at the Internet Freedom Foundation in Delhi, that is providing legal assistance to two activists - including a woman - who were targeted.
"Women already face harassment online. If they think they can be surveilled, they may self censor even more and will simply be afraid to speak up," said Jain, an associate counsel.
A leaked database of 50,000 phone numbers that were possibly compromised between 2017-2019 included dozens of numbers of women - 60 of them from India, among them journalists, activists and homemakers, according to Indian news portal The Wire.
One potential target was a former Supreme Court employee who accused then-chief justice Ranjan Gogoi of sexual harassment, although judges later dismissed the complaint. Several members of her family were also on the list.
"She was not a public persona, so she was being surveilled for no other reason than that (complaint)," Jain said of the woman, whose identity has not been publicly disclosed.
"It's a massive invasion of her privacy," Jain told the Thomson Reuters Foundation.
Indian authorities have declined to say whether the government had purchased Pegasus spyware for surveillance, only saying that "unauthorised surveillance does not occur."
In an emailed statement, an NSO spokesperson said that it undertakes "vigorous pre-sale human rights and legal compliance checks to minimize the potential for misuse" and has cut access to clients who have been found to be abusing the technology.
The spokesperson declined to say whether any of those shutdowns were linked to the use of material gathered through Pegasus to blackmail or otherwise intimidate women.
'PAWNS TO SETTLE SCORES'
In India and beyond, some women were suspected to have been targeted not because of their activities, but because they were linked to other potential targets.
Abha Singh, a lawyer and former bureaucrat in Mumbai, said the news that she was a potential target came as a "huge shock."
Her brother, a senior law enforcement officer, was also on the list, according to The Wire.
"Women have become pawns to settle scores, and are being implicated for nothing other than who they are connected to," said Singh.
"But I will not be silenced; I will carry on with my work," said Singh, who works on issues including gender justice and freedom of expression.
A similar trend emerged in the Middle East and North Africa, said Alia Ibrahim, co-founder of Daraj, the regional media outlet that partnered with Amnesty on the Pegasus Project.
She estimated a third of the potential targets in the region were women – including rights defenders and journalists, but also women linked to powerful men or men who were themselves targeted.
"That's the justification - that they're a mother, wife, daughter," Ibrahim said.
The most high-profile targets were arguably Princess Latifa, daughter of UAE Prime Minister Sheikh Mohammad bin Rashid al-Maktoum, and Princess Haya Bint al-Hussein, her stepmother and the Prime Minister's former wife.
The possibility that their phones – and those of two female friends of Latifa's – were surveilled has been linked to the foiling of the younger princess's attempt to escape the UAE in 2018.
Hatice Cengiz, the fiancee of murdered Saudi journalist and dissident Jamal Khashoggi, and his wife Hanan al-Atar were also identified as possible targets.
Among the nearly 10,000 leaked phone numbers tied to Morocco, were Salma Bennani – the wife of the king, himself identified as a potential target – and Claude Mangin, the French wife of Sahrawi activist Naama Asfari, who has been imprisoned in Morocco since 2010.
That had created a broader malaise among women in the region who never considered they could be the target of such sweeping surveillance, said Ibrahim.
"You become paranoid or scared that you're constantly being watched because of the people that you know," she added.
Even if researchers could confirm a device was compromised, they could not identify what material may have been collected – raising concerns that private conversations or revealing photographs may have been swept up.
Mobile phones contain information that is "deeply personal and intimate," so a hack has greater impacts for women, said Vrinda Bhandari, a lawyer who works on digital rights and privacy issues in India.
"When their phone is hacked, women experience this not just as a privacy violation, but also as a violation of their bodily integrity - akin to bodily violence," she said.
Such pressures are familiar to Moroccan journalist Hajar Raissouni, who was sentenced in 2019 to a year in prison on charges of having premarital sex and an abortion, which is illegal in Morocco unless the pregnancy threatens the mother's life.
Raissouni told the Thomson Reuters Foundation her number and that of her husband had been listed as possible Pegasus targets.
"Your whole phone is at the programme's mercy – so my whole life was open to these people," she said.
That had made her much more paranoid - constantly deleting pictures of herself from her phone, using codes to communicate with loved ones, and leaving her devices in a separate room during private conservations, she said.
"Our chats with our relatives our friends, photos of our bodies - if they leak that, given how fast this material spreads on the internet – they can use that against us."
(Reporting by Rina Chandran @rinachandran and Maya Gebeily @GebeilyM; Editing by Zoe Tabary. Please credit the Thomson Reuters Foundation, the charitable arm of Thomson Reuters, that covers the lives of people around the world who struggle to live freely or fairly. Visit http://news.trust.org)
Our Standards: The Thomson Reuters Trust Principles.