For the past several years, international media and human rights organizations have been rocking with scandals linked to alleged disclosures of the targeting of various government officials, activists, journalists, and others by Pegasus software , develop by the Israeli company NSO Group. The lastoutrage sparked over allegations that the UK Prime Minister’s office was infected by Pegasus on July 7, 2020. Who made this assessment? None other than Citizen Lab, a Canada-based digital rights company, which has been working closely with Amnesty International and a number of social media/big tech giants, such as Facebook, in helping “expose” Pegasus attacks.
Citizen Lab has been the exclusive investigator of Pegasus related complaints over the last few years. It has given no access to anyone other than its preferred partners in the human rights world, which means there have been no independent evaluations of infected devices by outside experts. Citizen Lab has had a monopoly on shaping the narrative about alleged Pegasus attacks among leading big tech and phone companies, Western media, and NGOs. Another issue with this prevailing understanding of the role of Pegasus is that Citizen Lab has not fully revealed its methods or finding, only sharing small portions of its technical examination with no possibility of full verification of the process even in theory.
Most concerning is the fact that Citizen Lab and its partners have not been unbiased in their approach. Bill Marczak and another former fellow, Alexei Abrahams, have been linked to Qatar and Qatar-based activists; Abrahams in his writings, opposed the Abraham Accords and criticized Israel’scybersurveillance as repressive. His positions across a broad spectrum of commentary on digitaloperations inevitably favor Muslim Brotherhood, Hezbullah, Hamas, Qatar, and to malign Israel, Egypt,Bahrain, Morocco, UAE, and Saudi Arabia. Bill Marczak is a co-founder of Bahrain Watch, an NGO (linked to a number of its counterparts in various countries) with a single-minded focus on Bahrain. The organization has whitewashed assorted Iran-backed extremists and opposition, defended Hezbullah, and attacked Bahrain for the alleged violations of rights of these groups, including outlawing some of the more violent and revolution-minded opposition parties.
Other members of the Citizen Lab community share similar backgrounds and views. Citizen Lab has not criticized Qatar’s hacking and surveillance of its critics, nor has taken an active role in criticizing Iran’s digital operations such as hacking of Israel’s institutions and leaking of private data, online propaganda, social media campaigns, or the targeting of Iranian opposition with hacks, bot attacks, and mass reporting. That such a one-sided body would have so much control in shaping the discussion on digital rights and intelligence operation is problematic enough.
Worse, by relying on one-sided and inaccurate sources such as Haaretz and the rest of the media consortium involved in the NSOgroup investigation, Citizen Lab reveals its own biases. Haaretz has denied without evidence that NSOgroup implements safeguards against activization of the Pegasus software. In reality, however, NSOgroup is heavily regulated by Israel’s government; it sells its products only to government clients; there are procedures to establish the legitimacy of a threat; and the company can put a stop to the use of the software in the event of abuse.
However, Citizen Lab is not necessarily acting as an independent decisionmaker; rather, it should beviewed as an active part of a network of joint interests pursuing several goals with respect to Israel, NSOgroup, Pegasus and their client states. The blacklisting of the NSOGroup in the United States was preceded by a pressure campaign by DAWN MENA (Democracy for the Arab World Now Middle East and North Africa), best known for the “Khashoggi Working Group” partnership with the State Department, which allegedly worked to identify and sanction individuals linked to the death of the former Washington Post columnist. DAWN MENA is linked to assorted Muslim Brotherhood defenders and activists, Qatar-based professors such as Marc Owen Jones (who was one of the co-founders of Bahrain Watch along with Bill Marczak), and the son of the Saudi hate preacher Salman AlOudeh, the Georgetown-educated Abdulla Alaoudh, who has worked to whitewash his father’s reputation – which includes Holocaust denial, blood libels, and dissemination of antisemitism.
DAWN MENA frequently criticizes Israel, but also Egypt, Bahrain, Morocco, UAE, and Saudi Arabia, butdoes not have much to say about Qatar, Turkey, or Iran. Some of the characters linked to these twoorganizations are also linked to the very social media giants that have hired Citizen Lab and are alsosuing NSO Group for various alleged violations. The hostility towards Pegasus, however, is more than just about one product or one company. There are several likely underlying reasons for the concerted efforts to delegitimize NSOgroup and to undermine the use of its product. The first is banal; it’s competition. SOme of the social media giants wish to be the sole arbiters of online security. Apple, one of the parties suing NSO, is not particular happy about its vulnerabilities that Pegasus has successfully exploited, being exposed. The social media and tech companies have lent significant funding and media to advancing the common cause, but the reasons for the NGO participation in these campaigns are far more sinister.
First, there is an active effort to discredit and defame Israel. Amnesty International, for instance, has started independent anti-ISrael campaigns, in addition to joining Citizen Lab in its reports. Front Line Defenders, an Ireland-based human rights NGO, with a long history of anti-ISrael sentiment, who had partnered with Citizen Lab on one of the investigations, has expressly defended Hamas operatives, which are considered legitimate threats. Second, Qatar is not a client state of that particular company though it has reportedly employed other Western hackers in pursuit of its critics. NSOgroup has refused to sell its software; the critique from Doha based and funded activists such as Marc Owen Jones appears at the very least self-serving.
Finally, Pegasus revolutionized the methods of threat detection the Abraham Accord members and their security partners. That puts a significant strain on Iran and its proxies, as well as fellow travelers among assorted Islamist groups, leftist fellow travelers, and states that support and fund them, such as Qatar.
It is in Iran’s best interests to disrupt and monopolize intelligence gathering capabilities by itsadversaries, to undermine the Abraham Accords, to isolate Israel, to cripple the cybersecurity industry that has paved the way for defense cooperation with countries around the Arab world and helped create the initial foundation for the Abraham Accords. It is no wonder that this particular cause picked up steam and found success with the Biden administration in the midst of the Iran nuclear deal negotiations in Vienna.
Finally, there is the more traditional intelligence approach, promulgated by the Soviet Union playbook,of creating embarrassment for Western allies, and perpetuating media scandals as a form of distraction and dissemination of distrust. We have already seen how that played out with Edward Snowden’s data dump, one of the immediate and publicized effects of which was to cause all-around finger wagging among various European and US state officials who had discovered all of a sudden that allies spies on each other. Alas, all of these developments distract from the fact that adversarial interests such as Iran, also successfully spies on these same allies – but while Western states waste time investigating each other, Iranian intelligence gets to enjoy the show from the shadows.