19 of the 22 human rights activists, academics and lawyers, who had been targeted by the Pegasus spyware using a WhatsApp vulnerability, have written an open letter to the government of India, asking it to reveal all information it has about the attack, other similar methods of mass surveillance, and the identity of concerned players. WhatsApp had told the Indian government that 121 people were targeted by Pegasus in India through the WhatsApp vulnerability.

They want the government to inform the public on:

  1. Whether it was aware of any contract between any of its various ministries, departments, agencies, or any State Government, and the NSO group or any of its contractors to deploy Pegasus or related malware for any operations within India
  2. Details of any such contract that might have existed, including its total value, the contracting agencies, along with information about monitoring and oversight on such operations to prevent their abuse.
  3. If the government had no information of any such surveillance, what steps it is taking to identify the culprits, and to secure Indian telecommunication channels to prevent such future attacks.

This is a matter of public concern, according to the letter, as Indian taxpayers’ money has been spent on such expensive cyber surveillance that requires a “vast infrastructure of information technology”. The letter called this penetration of international private corporations and other foreign players across all levels of telecommunication channels a threat to India’s national sovereignty.

Nihalsing Rathod, who was one of the first people to reveal that his device had been targeted by Pegasus malware, told MediaNama that the signatories “know 30-40 senior, dedicated lawyers in Delhi with whom we are associated in different capacities. All of us will decide together what needs to be done legally.”

The address of Internet Freedom Foundation, which is given in the letter, is only for correspondence. “If anyone has any replies, or wants to send any of us something, send it there. IFF has volunteered to send it to the rest of us,” Rathod said. The 19 signatories did not seek IFF’s legal opinion, he said.

Apar Gupta, the executive director of IFF, told MediaNama, “The NSO-Pegasus hack on activists, journalists and human rights defenders in India is a disturbing and shameful instance of illegal surveillance. It has put vulnerable people who do social work at risk. We are working with several individuals and collaborators to support accountability and remedy that are determined by the targets.”

***Update (6:10 pm): The phrase “Apar Gupta, the executive director of IFF, which is providing non-legal support to the targets, told MediaNama” now reads “Apar Gupta, the executive director of IFF, told MediaNama” as the former suggested that Gupta said that IFF is providing non-legal support to the targeted people. As the article says, Rathod had provided that detail.