MADRID (Reuters) --
Catalonia’s regional leader accused the Spanish government of spying on its citizens after a rights group said his phone and dozens more belonging to Catalan pro-independence figures had been infected with spyware used by sovereign states.
The Citizen Lab digital rights group found more than 60 people linked to the Catalan separatist movement, including several members of the European Parliament, other politicians, lawyers and activists, had been targeted with “Pegasus” spyware made by the occupying regime of Israel’s NSO Group after a failed independence bid.
“It’s an unjustifiable disgrace,” Catalan leader Pere Aragones tweeted. “An extremely serious attack on fundamental rights and democracy.”
Describing the use of surveillance software as crossing a “red line”, he demanded explanations from the Spanish government.
Toronto-based Citizen Lab said almost all of the infections took place between 2017 and 2020 in the wake of the independence bid by Catalonia that plunged Spain into its worst political crisis in years.
The European Union’s data protection watchdog has called for a ban on Pegasus over allegations it has been abused by client governments to spy on rights activists, journalists and politicians.
Last week Reuters reported that several senior EU officials had been targeted by the software.
On Monday, Citizen Lab said it had warned British officials that electronic devices connected to government networks, including some inside the prime minister’s office and foreign ministry, appeared to be infected with Israeli-made spy software.
Citizen Lab said it believed the targeting connected to the prime minister’s office was done by NSO clients in the United Arab Emirates while the British foreign ministry hacking came from other countries, including Cyprus, Jordan and India.
Pegasus can be used to remotely break into iPhones, giving clients deep access into a targeted phone’s memory or turning them into recording devices.
Citizen Lab found evidence of the compromised UK devices by monitoring internet traffic and other digital signals to spy servers that control Pegasus for various NSO clients.
“We identified infections emanating from those UK networks based on a variety of network scanning methods we use, and notified the relevant UK authorities of our suspicions at the time for them to follow up,” Citizen Lab Director Ron Deibert wrote in the blog post. “We did not have access to any devices, and do not have any information on specific victims.”