Controversy over European Parliament spyware probe in Spain –

A parliamentary hearing on Spain’s involvement in the Pegasus spyware scandal, scheduled for Tuesday (November 29), has sparked controversy after allegations against two panelists led to the removal of one of them from the panel.

Following the disclosure of the content of the hearing, a letter was sent to lawmakers from the Pegasus Case Committee in the European Parliament (PEGA) by Pegasus victims, experts and civil society actors, including Access Now, ARTICLE 19 and Digital Rights Foundation.

The letter raises concerns about two interveners invited to attend the hearing. This will focus on allegations that the Spanish government has used spyware to track figures linked to the Catalan independence movement.

The petitioners state that two of the speakers at the hearing, Jose Javier Olivas, a political scientist at theNational University of Distance Education (Spain), and Gregorio Martin, professor emeritus of computer science at the University of Valencia, are both linked to discredited research into the Pegasus scandal and defamatory allegations against researchers and victims.

According to the letter, Mr. Olivas “engaged in a campaign to discredit the work of specialized organizations”including Amnesty International and Citizen Lab, both of which helped uncover the Pegasus scandal last year.

“The actions of these individuals appear to be part of a larger disinformation campaign intended to discredit the work of trusted anti-spyware organizations and distract the committee from its investigative mission.”wrote the authors of the letter, asking that their invitations be reconsidered.

Following receipt of the letter, a meeting of PEGA coordinators was held on Monday (21 November), an EU official told EURACTIV. During that meeting, Renew, the centrist political group that originally proposed Olivas’ name as a speaker, dropped him from the schedule.

The centre-right EPP group, which had proposed the Hon. Martin as a speaker, maintained the invitation to attend next week’s hearing.

Following his disinvitation, Mr Olivas spoke out against the decision on Twitter, accusing Parliament of accepting “veto an academic researcher providing expert testimony, based on a defamatory letter from a group of vested interests in this case”.

The absence of spyware victims at the scheduled hearing was also raised during the coordinators’ meeting. Previous hearings, such as those held in Poland and Greece in recent months on the use of spyware, have included testimony from people affected by the technology.

Following the discussions, it is now expected that one victim will be invited to the hearing. Also, on the same day, the Greens in Parliament will organize a second meeting with other people targeted by spyware.

“As an institution, we should carefully consider who we invite to hearings. I can only regret the lack of space left for victims to testify during this hearing.”Saskia Bricmont MEP, PEGA coordinator for the Green group, told EURACTIV.

“I am also saddened to see that the majority favored retaining on the panel an individual accused of spreading conspiracies and known for attacking the work of Citizen Lab, whose work is consistently praised by experts, academics and investigative journalists,” he added.

This is not the first time the commission’s handling of Spain’s involvement in the Pegasus scandal has drawn criticism. Questions have also been raised as to why lawmakers have yet to travel to the country to investigate the allegations, as they have in other cases.

Earlier this month, when she launched a report on the commission’s first findings since it started work in April, Sophie in ‘t Veld MEP said she hoped the majority would support such a trip soon.

Along with country-specific hearings, the PEGA committee continues to hold discussions on the issue and practice of spyware in general.

The committee also held a hearing on Thursday (Nov. 24) on zero-day vulnerabilities, flaws that have not yet been discovered or fixed by developers and are particularly susceptible to exploitation.

This hearing came a day after the European Parliament’s website was shut down for several hours following a cyber-attack claimed by a pro-Kremlin group.

Parliament Speaker Roberta Metsola highlighted the destabilizing implications of the growing market for zero-day attacks and the complexity of tackling this phenomenon.

“It’s shocking noted Ian Beer, an ethical hacker on Google’s Project Zero team of cybersecurity experts who track zero-day attacks, that in half of the 58 cases of wild “zero day vulnerabilities” tracked by Google in 2021, the root cause was a variant of a problem that industry was already aware of and could have addressed more effectively.

Speaking to experts in response, Ms in ‘t Veld MEP said the discussion left her with a sense of “despair and helplessness”to the idea of ​​addressing zero-day vulnerabilities.

“We seem to be in a situation where government authorities and criminals seem to share the same interest, which is to maintain the trade in vulnerabilities”she said.

Leave a Reply

Your email address will not be published. Required fields are marked *