India’s main opposition Congress party has accused Prime Minister Narendra Modi of “treason” and compromising national security following revelations that dozens of Indians were potential targets of snooping by an Israeli-made spyware.
More than 1,000 phone numbers in India were among nearly 50,000 selected worldwide as possibly of interest to clients of the Israel-based NSO Group, maker of the Pegasus spyware, an investigation by a consortium of media organisations revealed on Sunday.
The leaked list, shared with the news outlets by Forbidden Stories, a Paris-based journalism nonprofit, and rights group Amnesty International, showed the identities of people targeted with more than 300 of those phone numbers in India, including politicians, dozens of journalists, businessmen and even two ministers in the Modi government.
Indian media reports said Modi’s main rival, former Congress party president Rahul Gandhi, was among dozens of Indian politicians, activists and government critics identified as potential targets of the Pegasus spyware.
“Is spying on India’s security forces, judiciary, cabinet ministers, opposition leaders including Rahul Gandhi, journalists and other activities through a foreign entity’s spyware not treason and an inexcusable dismantling of national security?” Congress spokesman Randeep Surjewala said at a press conference in New Delhi on Monday.
— Rahul Gandhi (@RahulGandhi) July 19, 2021
Gandhi’s phone numbers, which he has since given up, appear to have been selected for targeting between 2018 and mid-2019, when the parliamentary elections were held in India.
The Congress party on Monday demanded an investigation into the roles of Modi and his closest aide, Home Minister Amit Shah, in the scandal.
“Our first demand is the immediate sacking of Minister of Home and Internal Security Amit Shah and a probe into the role of the prime minister in the matter,” Surjewala said.
Among others whose phone numbers were reportedly targeted are a top virologist, a woman who had accused a former chief justice of India of rape, a former election commissioner who oversaw the 2019 national polls, and leading political strategist Prashant Kishor.
What is the Pegasus Project?
Forbidden Stories and Amnesty International had access to a list of tens of thousands of phone numbers worldwide that were potentially targeted by Pegasus spyware, and shared it with media organisations from different countries.
While Forbidden Stories oversaw the investigation, called the Pegasus Project, Amnesty’s International’s Security Lab provided forensic analyses and technical support during the probe.
Pegasus is spyware owned by NSO Group, an Israeli technology firm. It enables the remote surveillance of smartphones, secretly unlocks the contents of a target’s mobile phone and transforms it into a listening device.
The firm claims the spyware is sold exclusively to “vetted governments” around the world to combat “terrorism” and other serious crimes.
The company, which does not confirm the identity of its customers, has termed the Pegasus Project’s findings “exaggerated and baseless”.
Worried about cyber-attacks? Want to keep yourself as digitally secure as possible?
Here are 8 tips to help. pic.twitter.com/nGvbSSYhuK
— Amnesty International (@amnesty) July 19, 2021
Though the Indian government has not accepted so far whether any of its agencies is using the spyware, the investigation suggests the widespread and continuing abuse of the hacking spyware in the country.
Indian news website The Wire, along with The Guardian and The Washington Post on Monday reported that most of these individuals, including Gandhi, were targeted in the run-up to the 2019 national elections, which saw Modi return to power with a bigger majority than in 2014.
The expose has caused a major political controversy in India with the Congress calling Modi’s right-wing Bharatiya Janata Party (BJP) the “Bharatiya Jasoos Party” – “jasoos” means a spy in Hindi – and accusing it of listening to people’s “bedroom conversations”.
Who all were targeted in India?
Though it is not known how many of the phones on the list were targeted for surveillance or how many of those attempts were successful, The Washington Post said forensic analyses performed on 22 smartphones in India whose numbers appeared on the list showed that at least 10 were targeted with Pegasus, seven of them successfully.
Among the Indians whose phones had been targeted with the NSO-owned spyware was Ashok Lavasa, the former election commissioner of India, who had faulted Modi for violations of the model code of conduct before the 2019 election.
Of all the cases of Pegasus snooping, the one of the accuser of Chief Justice Gogoi is the worst and most heart breaking. Basically if you are a woman pitted against a powerful man you won’t get justice. Can there be anything more shameful that that?
— Rohini Singh (@rohini_sgh) July 20, 2021
Also, at least 11 of those phone numbers belonged to a former Supreme Court staffer and her family. The woman, whose identity cannot be revealed for legal reasons, had accused former Chief Justice of India, Ranjan Gogoi, of rape in April 2019 and was soon fired from her job.
The expose said the phone numbers belonging to the woman and her family began to be surveilled the same week when her allegations against Gogoi were first reported. Gogoi is currently a BJP member of the Indian parliament.
Also appearing in the Pegasus spyware list are more than 40 Indian journalists belonging to different news organisations.
Vijaita Singh, who covers internal security for The Hindu newspaper, is among them. She told Al Jazeera that until a few days ago, she was not aware of any intrusion into her phone.
“It was disconcerting and unsettling,” she said. “These days, our phones literally contain every aspect of our lives.”
Journalist Ritika Chopra covers India’s election commission and education ministry for the Indian Express newspaper.
She said she discovered that her phone number figured in a leaked list of potential targets of surveillance only last week after The Wire reached out to her, seeking a comment.
“I was told that I was possibly targeted in 2019. I would not like to speculate on who is behind this. This is a breach of my privacy and freedom, but it will not affect my work as a journalist,” Chopra told Al Jazeera.
Paranjoy Guha Thakurta, writer and former editor of Economic and Political Weekly, whose phone was also compromised, told Al Jazeera the expose has had a “chilling effect” on him.
“It sends out a signal and a message to others that you can be snooped on,” he told Al Jazeera.
Thakurta said a “very small section” of the Indian media is “actually playing the role of the fourth state and holding truth to power”.
“Look at who these 40-plus journalists are? They are all journalists who have been critical of the government, so this is clearly sending a message that we can invade your privacy,” he said.
What does the government say?
At least two serving ministers in the Modi government – Ashwini Vaishnaw and Prahlad Singh Patel – also feature in the leaked database of numbers believed to be selected by clients of the NSO Group as potential targets for surveillance.
Ironically, Vaishnaw, who was recently inducted as information technology minister, on Monday defended the government on the issue in the parliament, saying the expose was an “attempt to malign Indian democracy and its well-established institutions”.
“In the past, similar allegations were made [about the use of Pegasus] on WhatsApp but there is no factual basis to these and have been categorically denied,” he said.
Vaishnaw said “any form of illegal surveillance” is not possible with the “checks and balances in our laws and robust institutions”.
Home Minister Shah alleged the Pegasus Project report published by the “disrupters” was timed to help the “obstructers” in the parliament as it began its monsoon session.
“Disrupters are the global organisations which do not like India to progress. Obstructers are political players in India who do not want India to progress. People of India are very good at understanding this chronology and connection,” he said on Monday.
In a statement on Monday, Access Now, an organisation defending the digital rights of global users, said it was outraged that products sold by NSO were allegedly “used to hack and invade the private communications” of thousands of people across the globe.
Raman Jit Singh Chima, Asia Pacific Policy Director and Global Cybersecurity Lead at Access Now, told Al Jazeera that hacking is a crime, with no exceptions to be made even if it is directed by a government. He demanded that the Indian government must answer whether its agencies or security services were dealing with NSO.
“Previous statements have evaded the question, and vaguely asserted that safeguards are followed to avoid overboard surveillance. This is clearly not the case,” he said.
“The largest democracy in the world cannot be at the mercy of a shady, private company.”