Foreign AffairsHomepage

Privacy In Crisis: The Consequences of Ignoring the Pegasus Project

By December 6, 2021 No Comments

Unsplash/Markus Spiske

The past two years of the global pandemic have revealed the true extent of our reliance on technology. And yet, it is difficult to conceptualize how vulnerable our online activities make us. Our data is the petrol that fuels the profits of the companies whose services we use, and our privacy is just another commodity to be bought and sold.

Despite making an initial splash in July 2021, the scandalous revelations of the ‘Pegasus Project’ have all but dissipated from public discourse. Notably, the Israeli NSO Group initially marketed its Pegasus spyware tool as an investigative weapon for human-rights abiding governments in narrow criminal and counter-terrorism efforts. However, the ‘Pegasus Project’ uncovered how Pegasus and the technology we relied on had been used to spy on journalists, political opposition figures, presidents, and prime ministers. It shines a light on the fragility of our right to privacy.

But only weeks after the abuses of the Pegasus spyware tool were revealed, public attention turned elsewhere. By the end of July, headlines had shifted away from these historic allegations towards the Olympics, COVID-19, and more timely issues. The media did not press the NSO Group, the creator of the spyware, effectively leaving the company without any significant blowback.

Although the company was left relatively unscathed, it was senior political figures, from the President of France, to opposition MPs in Hungary, who found themselves in the crosshairs, with their phones potentially hacked and monitored for political purposes. This is not a Westworld-esque episode of technology off the rails: it’s real life. If the privacy of presidents and prime ministers, on whom the powers of government rest, can’t be protected, then neither can the privacy of the citizens they represent. The stakes are almost impossible to overstate.

Naturally, with a scandal of such scale, there has been some political fallout. Faced with allegations in the media, Morocco was forced to deny that it was using Pegasus to spy on the French President. The Supreme Court of India also authorized an independent investigation into the use of the spyware to snoop on political opponents of the ruling BJP party in the country.

But despite this exposé on the threats to privacy, there has not been a renewed global push to regulate surveillance, nor one to strengthen privacy rights. Authoritarian governments that were exposed in this scandal, and governments trending that way, have had nothing more than a slap on the wrist. Popular sentiment has simply not formed against these gross violations of privacy.

Arguably, this deficit in public outrage stems from the lack of immediate real-world consequences. Digital globalization implies that the sheer number of devices and services that exist will collect data on everything we have done and everything we will do. This makes it incredibly easy for intelligence agencies, or private actors with sufficient resources, to spy on us. The information they want is stored in databases and in servers, and is obtainable with the right tools. Hidden in the shadows, it is this ease of access that allows privacy violations, like a caustic acid, to slowly but surely eat away at the foundations of a strong democracy.

Our phones and the apps on them are the gateways to our lives. If cyber weapons can be used against the leaders of our countries; it is a short step to making a mockery of the privacy of every other citizen. Digital globalization inherently means the possibility that every text, call, and photo can be monitored, with Pegasus just one tool to make that easier. This is why the sacrosanctity of privacy must be ensured.

In light of the abuse of Pegasus, a few calls to create a global framework for regulating such weapons have been made. Strengthening privacy rights would make clear that governments cannot simply benefit from the products of companies that act in an anti-democratic manner. It would disabuse authoritarian states of the notion that their actions can go unpunished. States must take an active role in protecting privacy, not just because power in a democratic society demands righteousness, but also because democratic principles depend on it.

Well-written, specific regulations could go a long way to ensuring that privacy is reinforced for years to come. Governments have clearly shown that they are willing to hold themselves and companies to account: the G20’s recent agreement on a minimum global tax rate for companies is evidence of this. No global agreement on privacy regulations or regulations of spyware appears to be in the works, however.

The right to privacy is fundamental. As a democratic right, it underpins freedom of expression and the ability to live freely. The concept of democracy has evolved as technology has. But more than ever, it appears that a radical evolution of democratic principles is necessary, including one on the right to privacy in the age of massive privacy violations.

Every unwarranted violation of privacy, however small, chips away at the pillars of democracy. Before long, the consequences of these small cracks may become too large to rectify. The fallout from ignoring the ‘Pegasus Project’ will only grow, leaving our societies increasingly vulnerable.

Privacy has the power to shape global affairs, as the ‘Pegasus Project’ so clearly demonstrates. How we decide to protect our right to privacy, and our democracies at large will determine the strength of our global society for generations to come.


Other posts that may interest you: