European Parliament committee calls for stricter regulation of spyware

The European Parliament committee has adopted a non-binding report and recommendation concerning the use of spyware such as Pegasus within the EU. The report calls for stricter regulation of spyware, including rules for law enforcement, prohibition of surveillance of certain targets (e.g. doctors, journalists, politicians) and mandatory notifications in some instances to targets of surveillance.

The report is the work by the European Parliament’s Committee of Inquiry to investigate the use of Pegasus and equivalent surveillance spyware, where reference is made to the Pegasus product made by the company NSO Group. This committee was formed in March 2022 following reports by several media about governments using Pegasus to spy on politicians, journalists and activists. The NSO Group publicly announced that it terminates contracts with governments when there is abuse and that its technology helps prevent crime and terrorism.

The report, in particular, calls on ‘Hungary and Poland to comply with the European Court of Human Rights judgments and restore judicial independence and oversight bodies’, as well as on ‘Spain to fully investigate the use of spyware, including in 47 cases’ where it is unclear who authorised its use. The government of Greece has been mentioned and called upon to ‘urgently restore and strengthen the institutional and legal safeguards’ on the use of spyware, while Cyprus should repeal export licenses that are ‘not in line with the EU law’ since the country had become a hub of spyware exports according to the report.