SUBSCRIBE TO OUR FREE NEWSLETTER
Daily news & progressive opinion—funded by the people, not the corporations—delivered straight to your inbox.
5
#000000
#FFFFFF
To donate by check, phone, or other method, see our More Ways to Give page.
Daily news & progressive opinion—funded by the people, not the corporations—delivered straight to your inbox.
Stelios Kouloglou, then a member of the European Parliament from Greece, arrived for a meeting with the police commissioner in Valletta, Malta on December 3, 2019.
Civil society groups and experts said that "the EU must act now to defend independent oversight, protect fundamental rights, and ensure that spyware abuse in Europe is met with accountability, not impunity."
The European Parliament narrowly voted Monday to hold a debate on spyware after recent revelations that the phone of Stelios Kouloglou, a Greek journalist and former member of the European Parliament, "was repeatedly hacked with NSO Group's Pegasus" while he sat on the body's committee investigating abuses of the technology.
The vote came amid a fresh wave of calls for action. Elina Castillo Jiménez, advocacy and policy adviser for Amnesty International's Security Lab, said in a Monday statement that "the brazen targeting of someone in his position underlines how inadequate the current system is, and is yet another wake-up call that the protections that were put in place to prevent this kind of abuse are still not being implemented in Europe."
"Three years ago, the European Parliament's PEGA Committee, on which Stelios Kouloglou sat, issued clear and detailed recommendations for how to close the gaps that allow this abuse to continue. We are still waiting for implementation. Delaying it sends the wrong message about impunity in the surveillance industry."
Castillo Jiménez argued that "European leaders must find the political will needed to protect people from spyware abuse. An independent and impartial investigation into this attack, together with a roadmap for implementing PEGA recommendations, is urgently needed. If an elected member of parliament is not safe from unlawful surveillance, then no one is."
Amnesty was also part of a Monday joint statement with individual experts and organizations including Access Now, Center for Democracy and Technology Europe, Committee to Protect Journalists, Reporters Without Borders, and more, calling out the European Union for failing "to deliver a meaningful, EU-wide response to the proliferation and abuse of commercial spyware."
Global calls for restrictions on surveillance technology have mounted since the Pegasus Project—an international media consortium led by the media nonprofit Forbidden Stories, with tech assistance from Amnesty—published a 2021 exposé of the Israeli firm's software that was developed to secretly infiltrate mobile phones.
Kouloglou, who left the European Parliament two years ago, was appointed to serve as a substitute member of its PEGA Committee on March 24, 2022. That October, his Apple iPhone was infected with the spyware, according to research released Friday by the Citizen Lab at the University of Toronto in Canada.
The first documented hacking occurred while Kouloglou was at a hospital, where he was visited by Greek journalist Thanasis Koukakis—who, as the Citizen Lab explained, "has worked closely on mercenary spyware issues in Greece, has testified to the PEGA committee, and was himself targeted with Intellexa's Predator spyware."
The following March, as Kouloglou left Athens for Brussels, his phone was again infected with Pegasus. The lab noted that the second hacking happened as he and Koukakis were making tentative plans to meet over WhatsApp, "the PEGA Committee was engaged in intense discussions related to the final drafting process," and PEGA Rapporteur MEP Sophie in 't Veld was in Greece with another committee delegation that questioned Greek officials on the country's scandal involving other spyware.
The forensic analysis also found that "Kouloglou received multiple Apple threat notifications about targeting with mercenary spyware on three occasions: March 2, 2023, August 29, 2023, and April 10, 2024," the lab said. "It is important to note that threat notifications from Apple and other companies are not real-time alerts. They are typically sent to users in batches, often months or more after targeting takes place. Kouloglou reports to us that he did not recall receiving the Apple notifications we observed."
The Citizen Lab acknowledged that "we have no indications that this hacking was the work of the Greek government," though it does appear to be the same operator who targeted seven Russian- and Belarusian-speaking independent journalists and opposition activists based in Europe, whose experiences were detailed in its May 2024 joint report with Access Now.
Although there were some known cases of MEPs being targeted with Pegasus before the European Parliament's panel was created, the lab stressed, "this is the first time a member of the PEGA Committee has been publicly identified as a victim" of this particular spyware while serving on it.
Reuters reported that while NSO did not respond to requests for comment, Apple said the vulnerability referred to in the Citizen Lab report has been patched. The European Parliament told the news outlet that its spyware screening tools had been available to all lawmakers since 2022 and its information technology security services "constantly monitor cybersecurity threats as well as potential cyberattacks against its working environment."
However, that's not enough for critics like In 't Veld, who is also no longer an MEP and pointed out to Politico that hundreds of politicians, including European Parliament President Roberta Metsola, have been targeted by various tech.
"If attempts to target the phone of the president of the European Parliament, or members of the European Commission, does not trigger sufficient reaction, [and] is not enough to break the deadlock, then what is?" she asked
The coalition of groups and tech experts similarly said in their Monday statement: "These incidents all point to a structural failure to adequately and seriously respond to the spyware crisis in Europe. This latest revelation should be treated as a rule of law emergency, threatening the very foundations of our society."
"Europe cannot continue moving from scandal to scandal without consequence. The targeting of a member of the European Parliament involved in investigating spyware abuse should mark a turning point," the coalition said. "The EU must act now to defend independent oversight, protect fundamental rights, and ensure that spyware abuse in Europe is met with accountability, not impunity."
John Scott-Railton, a senior researcher at the lab, told The Guardian last week that "this case is the ultimate irony of Europe's spyware crisis. Someone on the very committee tasked with investigating Pegasus gets infected by it. And what has happened since? The parliament looks the other way when new European spyware abuses emerge."
"I can tell you how the next chapter will go: more hacked parliamentarians," he warned. "In fact, I suspect there are members voting and attending high-level meetings with no idea that their phone has been turned into a spy in their pocket."
Scott-Railton welcomed Monday's vote to hold a debate later this week, and listed some key questions on social media:
In addition to urging investigations by European Union institutions, the Citizen Lab recommended that other members and their staff immediately seek forensic screening of their devices, exercise vigilance for state-sponsored attack warnings, and enable Lockdown mode on iPhones and Advanced Protect for Android.
Dear Common Dreams reader, It’s been nearly 30 years since I co-founded Common Dreams with my late wife, Lina Newhouser. We had the radical notion that journalism should serve the public good, not corporate profits. It was clear to us from the outset what it would take to build such a project. No paid advertisements. No corporate sponsors. No millionaire publisher telling us what to think or do. Many people said we wouldn't last a year, but we proved those doubters wrong. Together with a tremendous team of journalists and dedicated staff, we built an independent media outlet free from the constraints of profits and corporate control. Our mission has always been simple: To inform. To inspire. To ignite change for the common good. Building Common Dreams was not easy. Our survival was never guaranteed. When you take on the most powerful forces—Wall Street greed, fossil fuel industry destruction, Big Tech lobbyists, and uber-rich oligarchs who have spent billions upon billions rigging the economy and democracy in their favor—the only bulwark you have is supporters who believe in your work. But here’s the urgent message from me today. It's never been this bad out there. And it's never been this hard to keep us going. At the very moment Common Dreams is most needed, the threats we face are intensifying. We need your support now more than ever. We don't accept corporate advertising and never will. We don't have a paywall because we don't think people should be blocked from critical news based on their ability to pay. Everything we do is funded by the donations of readers like you. When everyone does the little they can afford, we are strong. But if that support retreats or dries up, so do we. Will you donate now to make sure Common Dreams not only survives but thrives? —Craig Brown, Co-founder |
The European Parliament narrowly voted Monday to hold a debate on spyware after recent revelations that the phone of Stelios Kouloglou, a Greek journalist and former member of the European Parliament, "was repeatedly hacked with NSO Group's Pegasus" while he sat on the body's committee investigating abuses of the technology.
The vote came amid a fresh wave of calls for action. Elina Castillo Jiménez, advocacy and policy adviser for Amnesty International's Security Lab, said in a Monday statement that "the brazen targeting of someone in his position underlines how inadequate the current system is, and is yet another wake-up call that the protections that were put in place to prevent this kind of abuse are still not being implemented in Europe."
"Three years ago, the European Parliament's PEGA Committee, on which Stelios Kouloglou sat, issued clear and detailed recommendations for how to close the gaps that allow this abuse to continue. We are still waiting for implementation. Delaying it sends the wrong message about impunity in the surveillance industry."
Castillo Jiménez argued that "European leaders must find the political will needed to protect people from spyware abuse. An independent and impartial investigation into this attack, together with a roadmap for implementing PEGA recommendations, is urgently needed. If an elected member of parliament is not safe from unlawful surveillance, then no one is."
Amnesty was also part of a Monday joint statement with individual experts and organizations including Access Now, Center for Democracy and Technology Europe, Committee to Protect Journalists, Reporters Without Borders, and more, calling out the European Union for failing "to deliver a meaningful, EU-wide response to the proliferation and abuse of commercial spyware."
Global calls for restrictions on surveillance technology have mounted since the Pegasus Project—an international media consortium led by the media nonprofit Forbidden Stories, with tech assistance from Amnesty—published a 2021 exposé of the Israeli firm's software that was developed to secretly infiltrate mobile phones.
Kouloglou, who left the European Parliament two years ago, was appointed to serve as a substitute member of its PEGA Committee on March 24, 2022. That October, his Apple iPhone was infected with the spyware, according to research released Friday by the Citizen Lab at the University of Toronto in Canada.
The first documented hacking occurred while Kouloglou was at a hospital, where he was visited by Greek journalist Thanasis Koukakis—who, as the Citizen Lab explained, "has worked closely on mercenary spyware issues in Greece, has testified to the PEGA committee, and was himself targeted with Intellexa's Predator spyware."
The following March, as Kouloglou left Athens for Brussels, his phone was again infected with Pegasus. The lab noted that the second hacking happened as he and Koukakis were making tentative plans to meet over WhatsApp, "the PEGA Committee was engaged in intense discussions related to the final drafting process," and PEGA Rapporteur MEP Sophie in 't Veld was in Greece with another committee delegation that questioned Greek officials on the country's scandal involving other spyware.
The forensic analysis also found that "Kouloglou received multiple Apple threat notifications about targeting with mercenary spyware on three occasions: March 2, 2023, August 29, 2023, and April 10, 2024," the lab said. "It is important to note that threat notifications from Apple and other companies are not real-time alerts. They are typically sent to users in batches, often months or more after targeting takes place. Kouloglou reports to us that he did not recall receiving the Apple notifications we observed."
The Citizen Lab acknowledged that "we have no indications that this hacking was the work of the Greek government," though it does appear to be the same operator who targeted seven Russian- and Belarusian-speaking independent journalists and opposition activists based in Europe, whose experiences were detailed in its May 2024 joint report with Access Now.
Although there were some known cases of MEPs being targeted with Pegasus before the European Parliament's panel was created, the lab stressed, "this is the first time a member of the PEGA Committee has been publicly identified as a victim" of this particular spyware while serving on it.
Reuters reported that while NSO did not respond to requests for comment, Apple said the vulnerability referred to in the Citizen Lab report has been patched. The European Parliament told the news outlet that its spyware screening tools had been available to all lawmakers since 2022 and its information technology security services "constantly monitor cybersecurity threats as well as potential cyberattacks against its working environment."
However, that's not enough for critics like In 't Veld, who is also no longer an MEP and pointed out to Politico that hundreds of politicians, including European Parliament President Roberta Metsola, have been targeted by various tech.
"If attempts to target the phone of the president of the European Parliament, or members of the European Commission, does not trigger sufficient reaction, [and] is not enough to break the deadlock, then what is?" she asked
The coalition of groups and tech experts similarly said in their Monday statement: "These incidents all point to a structural failure to adequately and seriously respond to the spyware crisis in Europe. This latest revelation should be treated as a rule of law emergency, threatening the very foundations of our society."
"Europe cannot continue moving from scandal to scandal without consequence. The targeting of a member of the European Parliament involved in investigating spyware abuse should mark a turning point," the coalition said. "The EU must act now to defend independent oversight, protect fundamental rights, and ensure that spyware abuse in Europe is met with accountability, not impunity."
John Scott-Railton, a senior researcher at the lab, told The Guardian last week that "this case is the ultimate irony of Europe's spyware crisis. Someone on the very committee tasked with investigating Pegasus gets infected by it. And what has happened since? The parliament looks the other way when new European spyware abuses emerge."
"I can tell you how the next chapter will go: more hacked parliamentarians," he warned. "In fact, I suspect there are members voting and attending high-level meetings with no idea that their phone has been turned into a spy in their pocket."
Scott-Railton welcomed Monday's vote to hold a debate later this week, and listed some key questions on social media:
In addition to urging investigations by European Union institutions, the Citizen Lab recommended that other members and their staff immediately seek forensic screening of their devices, exercise vigilance for state-sponsored attack warnings, and enable Lockdown mode on iPhones and Advanced Protect for Android.
The European Parliament narrowly voted Monday to hold a debate on spyware after recent revelations that the phone of Stelios Kouloglou, a Greek journalist and former member of the European Parliament, "was repeatedly hacked with NSO Group's Pegasus" while he sat on the body's committee investigating abuses of the technology.
The vote came amid a fresh wave of calls for action. Elina Castillo Jiménez, advocacy and policy adviser for Amnesty International's Security Lab, said in a Monday statement that "the brazen targeting of someone in his position underlines how inadequate the current system is, and is yet another wake-up call that the protections that were put in place to prevent this kind of abuse are still not being implemented in Europe."
"Three years ago, the European Parliament's PEGA Committee, on which Stelios Kouloglou sat, issued clear and detailed recommendations for how to close the gaps that allow this abuse to continue. We are still waiting for implementation. Delaying it sends the wrong message about impunity in the surveillance industry."
Castillo Jiménez argued that "European leaders must find the political will needed to protect people from spyware abuse. An independent and impartial investigation into this attack, together with a roadmap for implementing PEGA recommendations, is urgently needed. If an elected member of parliament is not safe from unlawful surveillance, then no one is."
Amnesty was also part of a Monday joint statement with individual experts and organizations including Access Now, Center for Democracy and Technology Europe, Committee to Protect Journalists, Reporters Without Borders, and more, calling out the European Union for failing "to deliver a meaningful, EU-wide response to the proliferation and abuse of commercial spyware."
Global calls for restrictions on surveillance technology have mounted since the Pegasus Project—an international media consortium led by the media nonprofit Forbidden Stories, with tech assistance from Amnesty—published a 2021 exposé of the Israeli firm's software that was developed to secretly infiltrate mobile phones.
Kouloglou, who left the European Parliament two years ago, was appointed to serve as a substitute member of its PEGA Committee on March 24, 2022. That October, his Apple iPhone was infected with the spyware, according to research released Friday by the Citizen Lab at the University of Toronto in Canada.
The first documented hacking occurred while Kouloglou was at a hospital, where he was visited by Greek journalist Thanasis Koukakis—who, as the Citizen Lab explained, "has worked closely on mercenary spyware issues in Greece, has testified to the PEGA committee, and was himself targeted with Intellexa's Predator spyware."
The following March, as Kouloglou left Athens for Brussels, his phone was again infected with Pegasus. The lab noted that the second hacking happened as he and Koukakis were making tentative plans to meet over WhatsApp, "the PEGA Committee was engaged in intense discussions related to the final drafting process," and PEGA Rapporteur MEP Sophie in 't Veld was in Greece with another committee delegation that questioned Greek officials on the country's scandal involving other spyware.
The forensic analysis also found that "Kouloglou received multiple Apple threat notifications about targeting with mercenary spyware on three occasions: March 2, 2023, August 29, 2023, and April 10, 2024," the lab said. "It is important to note that threat notifications from Apple and other companies are not real-time alerts. They are typically sent to users in batches, often months or more after targeting takes place. Kouloglou reports to us that he did not recall receiving the Apple notifications we observed."
The Citizen Lab acknowledged that "we have no indications that this hacking was the work of the Greek government," though it does appear to be the same operator who targeted seven Russian- and Belarusian-speaking independent journalists and opposition activists based in Europe, whose experiences were detailed in its May 2024 joint report with Access Now.
Although there were some known cases of MEPs being targeted with Pegasus before the European Parliament's panel was created, the lab stressed, "this is the first time a member of the PEGA Committee has been publicly identified as a victim" of this particular spyware while serving on it.
Reuters reported that while NSO did not respond to requests for comment, Apple said the vulnerability referred to in the Citizen Lab report has been patched. The European Parliament told the news outlet that its spyware screening tools had been available to all lawmakers since 2022 and its information technology security services "constantly monitor cybersecurity threats as well as potential cyberattacks against its working environment."
However, that's not enough for critics like In 't Veld, who is also no longer an MEP and pointed out to Politico that hundreds of politicians, including European Parliament President Roberta Metsola, have been targeted by various tech.
"If attempts to target the phone of the president of the European Parliament, or members of the European Commission, does not trigger sufficient reaction, [and] is not enough to break the deadlock, then what is?" she asked
The coalition of groups and tech experts similarly said in their Monday statement: "These incidents all point to a structural failure to adequately and seriously respond to the spyware crisis in Europe. This latest revelation should be treated as a rule of law emergency, threatening the very foundations of our society."
"Europe cannot continue moving from scandal to scandal without consequence. The targeting of a member of the European Parliament involved in investigating spyware abuse should mark a turning point," the coalition said. "The EU must act now to defend independent oversight, protect fundamental rights, and ensure that spyware abuse in Europe is met with accountability, not impunity."
John Scott-Railton, a senior researcher at the lab, told The Guardian last week that "this case is the ultimate irony of Europe's spyware crisis. Someone on the very committee tasked with investigating Pegasus gets infected by it. And what has happened since? The parliament looks the other way when new European spyware abuses emerge."
"I can tell you how the next chapter will go: more hacked parliamentarians," he warned. "In fact, I suspect there are members voting and attending high-level meetings with no idea that their phone has been turned into a spy in their pocket."
Scott-Railton welcomed Monday's vote to hold a debate later this week, and listed some key questions on social media:
In addition to urging investigations by European Union institutions, the Citizen Lab recommended that other members and their staff immediately seek forensic screening of their devices, exercise vigilance for state-sponsored attack warnings, and enable Lockdown mode on iPhones and Advanced Protect for Android.