Tough EU rules to protect victims of spyware activities are essential, Catalan foreign and EU affairs Minister Meritxell Serret told EURACTIV in an exclusive interview.
Serret also criticised the Spanish government’s lack of collaboration with EU institutions in investigating spy activities which targeted Catalan leading figures between 2017 and 2020.
The scandal was revealed in April 2022, when an article in The New Yorker reported on 65 Catalan pro-independence activists being victims of the Israeli spyware Pegasus.
A wide range of politicians, activists and lawyers, including current Catalan President Pere Aragonès, his predecessors since 2010, and Meritxell Serret herself, were targeted. In the case of Serret, the espionage against her took place between 2018 and 2021 when she was the Catalonian government’s representative to the EU.
According to National Intelligence Centre data, there were at least 80 breaches of security.
“How can you rely on the same institutions that have been spying on you?,” asked Serret, who considers the spyware activities to be a “systemic” act with strong “political reasons” covered by national security concerns.
“It is the Spanish government who has done all the illegal surveillance and espionage, and it is the same institutions who should be protecting our rights,” she said.
“The officials that should have been protecting us, are the ones that have been threatening us. So, in this situation, it is necessary that the EU gives us protection and guarantees,” the Catalan politician argued, adding that there is a lack of collaboration by Spain with the EU institutions.
To the question of whether the Spanish government is collaborating with the Commission in providing information about cases, a Commission source told EURACTIV that the EU executive sent a letter to member states in late December, including Spain to collect information “concerning the reported use of spyware […] and the possible interplay between the EU data protection rules and national security framework”.
The Commission did not specify whether the Spanish government is collaborating with the EU executive.
However, the executive told EURACTIV that “any attempts by national security services to illegally access data of citizens, including political opponents, if confirmed, is unacceptable” and expects “national authorities to thoroughly examine any such allegations and to restore citizens’ trust”.
The Catalan government restricted “the export, sale, transfer, and use” of spyware “such as Pegasus” in early April, “until there is proof that it is complying with human rights.”
The United States was the first to sanction Pegasus and promote a “multilateral approach” at global level to fight against espionage in politics.
The Catalan minister commented that such a multilateral perspective is a way to align “with several recommendations of the UN that call for setting up regulation to control and limit the use of these tools and to put human rights at the forefront.”
As reported by EURACTIV, the Commission launched a consultation on guidelines for cyber-surveillance items under the Dual Use Regulation in early April about whether to prevent companies from selling spyware abroad and to avoid the software being used against Europe’s interests. Such an export ban, however, could mean a loss of contracts in third countries for European companies.
“A country may say that they need [spyware]” while another country “is banned from using it”, said the minister. “So, it’s a tricky situation,” she added.
“That is why it’s so necessary to at least have a common agreement at the European level and then push for a global framework. We consider it a good step, the engagement of the US government with their ban on surveillance tools,” Serret explained.
“The UN said how digital surveillance tools are threatening human rights in different countries. There is a wide range of countries with cases that are a real threat to activists and politicians. So, there are different voices that are asking for a common agreement. We should be using multilateral platforms to push for agreements and regulatory frameworks that engage as many actors as possible,” she said.
The European Parliament’s investigative committee on Pegasus and other surveillance tools (PEGA) will vote on its final report on Monday (8 May), which is set to include recommendations regarding how Pegasus or equivalent spyware tools should or should not be used.
Source : EuraCTIV