The government did not follow through on its investigation into the WhatsApp-Pegasus revelations from 2019 or reach out to Israel regarding the NSO group, RTI responses published in The Quint on September 17 have revealed.
Then IT minister Ravi Shankar Prasad had assured Parliament in October 2019 that the government would look into the Pegasus issue by sending notices to both WhatsApp and the NSO Group. This came after a vulnerability was found in WhatsApp’s voice call feature that allowed NSO to install Pegasus on at least 121 targetted devices in India.
The government recently suggested to the Supreme Court that it will set up a committee of experts to look into fresh allegations regarding its use of Pegasus spyware on civil society members and opposition leaders. The government’s failure to follow up on the 2019 revelations, however, raises serious questions about its ability to carry out an unbiased probe into the 2021 Pegasus Project revelations.
What did the RTIs reveal?
- ‘No information’ about WhatsApp investigation: The Indian Computer Emergency Response Team (CERT-IN) had ‘no information’ regarding the outcome of the investigation into WhatsApp, the agency said on March 1, 2021, in response to an RTI query filed by transparency activist Saurav Das, according to The Quint’s report.
- No talks with Israel to date: In response to another RTI filed by Das, the Ministry of External Affairs revealed on August 24 that the government has not bilaterally raised the Pegasus issue with Israel, The Quint reported.
- No response on NSO Group: Das also filed an RTI with the IT Ministry asking for a copy of the notice sent to NSO Group, referring to Prasad’s claims in parliament. According to Quint’s report, the RTI was filed on July 21, 2021, and the 30-day deadline for response has passed without any response from the ministry.
What happened with WhatsApp and Pegasus in 2019?
- WhatsApp’s Pegasus vulnerability: In May 2019, the Financial Times reported a vulnerability in WhatsApp which allowed attackers to inject Pegasus spyware on the phones of targetted users through WhatsApp calls, even if they were unanswered.
- CERT-IN responds: After this report, CERT-IN published a vulnerability note advising users on a WhatsApp vulnerability. WhatsApp raced to fix it and the update patch was released on May 20, 2019.
- WhatsApp updates CERT-IN: In September 2019, WhatsApp told CERT-IN that approximately 121 users in India may have been breached by Pegasus exploiting the app’s vulnerability. WhatsApp also told CERT-IN that “the full extent of the attack may never be known.”
- CERT-IN issues notice to WhatsApp: On October 31, 2019, CERT-IN issued a notice to WhatsApp asking for details regarding the breach, which Prasad referred to while updating the parliament. The Quint’s reporting found that CERT-IN had no information about the outcome of this notice.
Government resists independent probe in 2021
Petitioners demand independent probe: Since the 2021 Pegasus Project allegations came to light accusing the Indian government of using Pegasus to snoop on opposition leaders and civil society members, petitioners in the Supreme Court have been demanding an independent probe into the matter.
The government, however, has resisted such an investigation in the Supreme Court. In a hearing regarding the petitions on September 13, the government refused to file an affidavit clarifying whether it had used Pegasus, and asked to be allowed to form a committee of domain experts to handle the petitions.
West Bengal’s investigation unconstitutional, says government: The West Bengal government had set up a two-member commission of inquiry to probe the purported surveillance on Indians using Pegasus spyware. “It is unconstitutional,” Solicitor General Tushar Mehta told the Supreme Court on August 18. Days later, the court asked the West Bengal government to wait before launching such a probe.
Also read:
- Judicial Panel On Pegasus Is Unconstitutional: Solicitor General Tushar Mehta In SC Hearing
- A Guide To The NSO Group’s Pegasus Spyware In India
- All You Need To Know About NSO Group And Its Pegasus Spyware
Have something to add? Subscribe to MediaNama here and post your comment.
