Traffic light politicians call for a ban on spy software

Berlin Traffic light coalition politicians have spoken out in favor of banning the use of Pegasus spy software in the EU. In doing so, they joined a request by the European Data Protection Supervisor Wojciech Wiewiórowski. Last week, in a twelve-page analysis, he described the use of the software as “incompatible with our democratic values”.

The deputy head of the Greens parliamentary group, Konstantin von Notz, told the Handelsblatt: “Pegasus is something like the neutron bomb in the digital world.” The current use of such programs can hardly be reconciled with applicable fundamental rights. “It endangers fundamental rights, democracy and the rule of law.”

The FDP parliamentary group leader Konstantin Kuhle also sees a need for action. He justified this with “numerous cases of abuse” through the use of the software outside and within the EU. The cases are evidence of “how democracy and the rule of law are damaged when confidential communication is no longer possible,” Kuhle told the Handelsblatt.

The FDP MEP Moritz Körner also considers a Pegasus ban to be justified. “The state should not use everything that is technically possible, otherwise it could investigate the citizens to the last corner,” Körner told the Handelsblatt.

Top jobs of the day

Find the best jobs now and
be notified by email.

Pegasus is a surveillance software developed by the Israeli company NSO, which is offered to state actors such as law enforcement agencies and secret services. The company itself emphasizes that the use is only intended to combat crime and terrorism. However, its customers also include authoritarian regimes from countries such as Azerbaijan and Saudi Arabia.

Cyber ​​security authority BSI classifies threat potential as high

After IT experts found traces of attacks with the Pegasus software on the smartphones of journalists, human rights activists, their families and entrepreneurs last year, the German cyber security authority, the Federal Office for Information Security (BSI), intervened and classified the threat potential as high one.

The Israeli company used a vulnerability in the iPhone operating system iOS to install Pegasus unnoticed. With the software, attackers gain complete control over the smartphone and can also monitor encrypted chats and conversations. The program can also access files and photos and secretly activate the cell phone’s camera and microphone. The gap has now been closed.

>> Read also: Former cyber pioneer on the brink? NSO becomes a liability for Israel

However, the BSI emphasizes that even if the vulnerabilities used have been eliminated, a further threat from Pegasus cannot be ruled out, since the NSO Group is “constantly looking for new exploits for different platforms”.

The chairman of the Bundesverband IT-Sicherheit TeleTrust, Norbert Pohlmann, shares the assessment. “When companies like NSO put a lot of money, energy and know-how into finding vulnerabilities, they are successful and can spy on and manipulate our IT systems,” he said. “For this reason, we still have to do a lot more to protect the important IT systems much better with modern IT security architectures and concepts.”

The EU Commission had sharply condemned the known spy attacks. EU Justice Commissioner Didier Reynders spoke of a criminal offense throughout the European Union. Germany is also said to own the software, although former Chancellor Angela Merkel had stated in this context that the federal government was acting “on the basis of law and order”.

“Perfect tool for total uncovering of our personality”

The SPD domestic politician Sebastian Fiedler also emphasizes: “It is ensured that software can only do what is permitted, that it is only used if it is legally permissible, and that no third party accesses data inadmissibly.” The Federal Criminal Police Office ( BKA) does not use the standard version of the Pegasus software, but a version that is adapted to the legal situation in Germany.

Fiedler emphasized: “We urgently need such investigation options, for example to ward off terrorist threats or to investigate serious criminals.” They used messenger services and communicated in encrypted form.

graphic

Baden-Württemberg’s data protection officer, Stefan Brink, warns that Pegasus is “the perfect tool for completely revealing our personality”. “The existing data protection instruments do not provide sufficient help against this,” said Brink. “Therefore, our state has a more far-reaching protection obligation to legally ban such software and take it out of circulation.”

>> Read also: NSO’s software can be used to hunt down terrorists – and to put opposition members under pressure

The digital association Bitkom warns not to use everything that is technically feasible in practice. “In addition to state institutions, it is above all the highly innovative, knowledge-driven and often internationally oriented German economy that must be able to rely on secure, cryptographic methods and tap-proof means of communication,” said Sebastian Artz, Head of Cyber ​​and Information Security at Bitkom, the Handelsblatt .

The Green politician von Notz announced that the traffic light coalition would put cooperation with companies like the NSO Group to the test. “Especially in this constitutionally sensitive area, we need a very clear legal basis, comprehensive parliamentary control and improved export regulations,” he said.

The FDP politician Kuhle sees Federal Interior Minister Nancy Faeser (SPD) as responsible for closing security gaps. “The Federal Ministry of the Interior should quickly launch guidelines for a new vulnerability management.”

In this context, Bitkom expert Artz proposed an obligation to report discovered security gaps – including for government agencies. In his view, the aim of such “vulnerability management” should be to close vulnerabilities as quickly as possible and prevent illegal exploitation.

More: Amazon suspends security firm NSO’s accounts after Pegasus leaks

source site-13