Priyanka Gandhi's WhatsApp also spied on: Congress spokesperson
On Sunday, the Indian National Congress alleged that the WhatsApp account of senior party leader Priyanka Gandhi Vadra was also hacked by the Israeli spyware. Recently, WhatsApp had claimed in a lawsuit that Israeli firm NSO Group helped governments across countries spy on human rights activists, journalists, politicians, et al, with the help of malicious spyware called Pegasus. Here are more details.
'Priyanka Gandhi also received message from WhatsApp regarding breach'
Speaking at a press conference on Sunday, Congress spokesperson Randeep Surjewala announced, "When WhatsApp sent messages to all those whose phones were hacked, one such message was also received by Priyanka Gandhi Vadra." Thus far, the names of 20 people have been confirmed to have been contacted by WhatsApp regarding the privacy breach. However, Gandhi's name had not surfaced until now.
BJP government deployer & executor of Pegasus spyware: Surjewala
Calling the ruling BJP the 'Bharatiya Jasoos Party', Surjewala said the right to privacy has become a joke to the Modi government. He also alleged that the BJP government is the "deployer & executor" of the Pegasus spyware. He said, "Modi government is relying upon the ignominity (sic) of 'unnamed sources' to shirk its clear role and responsibility in the illegal spying racket."
Surjewala cited disappearance of WhatsApp's breach notice from government website
In his statement, Surjewala also referred to the disappearance of a WhatsApp vulnerability note from the website of Cert-In, the IT Ministry's nodal agency dealing with cybersecurity threats. Earlier, Indian authorities had claimed that WhatsApp failed to alert them about the privacy breach. However, WhatsApp produced evidence of issuing two vulnerability notifications—in May and September. The May notification from Cert-In's website has now disappeared.
'BJP government was fully aware of cellphones hack'
Further, Surjewala said, "It is, thus, clear that the BJP government, including Ministry of Information, was fully aware of the cell phones hack in April-May 2019." He added, "Facebook has now gone on record to state that it sent a second written warning vis-a-vis the illegal Pegasus software in the first week of September 2019. Yet, the government decided to remain mum."
Spyware could only be bought, deployed by governments, underlines Surjewala
Stating that the NSO Group exclusively sells its products to governments, Surjewala went on to say, "It is, thus, clear that the Government of India, and its agencies bought the spyware. It could neither be bought nor deployed by any private operator."
Surjewala presented a list of questions for the Modi government
In questions directed at the Modi government, Surjewala asked if the government was spying on citizens and political leaders in the run-up to the general elections, who in the government purchased and deployed the spyware, and who authorized it. "Is the government not liable to be punished," he further asked.
You can read the full statement here
Earlier, Sonia Gandhi criticized Modi government for 'unconstitutional' privacy breach
Incidentally, interim Congress President Sonia Gandhi had earlier criticized the privacy breach. She said on Saturday, "The latest shocking revelation that through the Israeli Pegasus software acquired by the Modi government, snooping and spying activities on activists, journalists and political persons have taken place." She added, "These activities are not only illegal and unconstitutional, but they are also shameful."
WhatsApp recently sued NSO Group for privacy breach
Although the privacy breach was first reported in May, it made headlines again when WhatsApp filed a lawsuit in a federal court in San Francisco against Israeli firm NSO Group on Tuesday. NSO Group allegedly injected malicious spyware, Pegasus, when a user received a WhatsApp voice call, even if it went unanswered. The spyware was used to snoop on 1,400 users, including Indians.
IT Ministry served WhatsApp notice, claiming it ignorance of breach
The Information and Technology Ministry then demanded an explanation from WhatsApp till November 4, asking why they hadn't been alerted sooner. WhatsApp first clarified that it sent an alert in May- which has been mentioned above- followed by another in September, where it notified that 121 Indians might have been targeted in the breach. The two vulnerability notes were attached in WhatsApp's response to the Ministry's notice.