NEW DELHI: More than 300 verified mobile phone numbers, including of two serving ministers, over 40 journalists, three opposition leaders and one sitting judge besides scores of business persons and activists in India could have been targeted for hacking through an Israeli spyware sold only to government agencies, an international media consortium reported on Sunday.
The government, however, dismissed allegations of any kind of surveillance on its part on specific people, saying it “has no concrete basis or truth associated with it whatsoever”.
Asserting that “India is a robust democracy that is committed to ensuring the right to privacy to all its citizens as a fundamental right”, the government dismissed the media report as an attempt to playing “the role of an investigator, prosecutor as well as jury”.
The report was published by The Wire news portal from India as also 16 other international publications including Washington Post, The Guardian and Le Monde, as media partners to an investigation conducted by Paris-based media non-profit organisation Forbidden Stories and rights group Amnesty International into a leaked list of more than 50,000 phone numbers from across the world that are believed to have been the target of surveillance through Pegasus software of Israeli surveillance company NSO Group.
The Wire reported that forensic tests conducted as part of the media investigation project on a small cross-section of phones associated with these numbers revealed clear signs of targeting by Pegasus spyware in 37 phones, of which 10 are Indian.
The report came just a day before the start of the Monsoon Session of Parliament and could see the matter being raised in two houses, Lok Sabha and Rajya Sabha, beginning tomorrow. Some opposition leaders are also expected to give notices for adjournment or debate on this issue.
The Wire said the numbers of those in the database from India include over 40 journalists, three major opposition figures, one constitutional authority, two serving ministers in the Narendra Modi government, current and former heads and officials of security organisations and scores of businesspersons, as also a sitting judge.
Responding to the reports, the government referred to its reply given to the media consortium and said similar claims were made in the past as well regarding the use of Pegasus on WhatsApp by India and those reports also had no factual basis and were categorically denied by all parties, including WhatsApp in the Indian Supreme Court.
“This news report, thus, also appears to be a similar fishing expedition, based on conjectures and exaggerations to malign the Indian democracy and its institutions,” the government said.
It further said that there is a well-established procedure through which “lawful interception of electronic communication is carried out in order for the purpose of national security, particularly on the occurrence of any public emergency or in the interest of public safety, by agencies at the Centre and States” and the procedure ensures that any interception, monitoring or decryption of any information through any computer resource is done as per a due process of law.
NSO Group, the Israeli company which sells Pegasus worldwide, says its clients, are confined to “vetted governments”, believed to number 36, according to The Wire.
Forbidden Stories, which accessed the data, stated that it comprises records of phone numbers selected as targets by NSO clients, a claim the company formally denied while conceding that its clients might have used these numbers for “other purposes”.
A majority of the numbers identified in the list were geographically concentrated in 10 country clusters: India, Azerbaijan, Bahrain, Hungary, Kazakhstan, Mexico, Morocco, Rwanda, Saudi Arabia and the United Arab Emirates.
The leaked data includes the numbers of top journalists at big media houses like the Hindustan Times, India Today, Network18, The Hindu and Indian Express, The Wire said.
The mobile phone of a former Delhi University professor was also allegedly targeted, while the database also included at least nine numbers belonging to eight activists, lawyers and academics arrested between June 2018 and October 2020 for their supposed role in the Elgar Parishad case.
The Wire, however, added that the mere presence of a phone number in the leaked data does alone not reveal whether a device was infected.
“Indeed, it is not possible to know whether their phones were targeted by Pegasus spyware… without digital forensic analysis,” it said.
The government, in its response, said India is committed to ensuring the right to privacy to all its citizens as a fundamental right and for that, it has also introduced the Personal Data Protection Bill, 2019 and the Information Technology (Intermediary Guidelines and Digital Media Ethics Code) Rules, 2021, to protect the personal data of individuals and to empower users of social media platforms.
The commitment to free speech as a fundamental right is the cornerstone of India’s democratic system, it said.
“We have always strived to attain an informed citizenry with an emphasis on a culture of open dialogue. However, the questionnaire sent to the Government of India indicates that the story being crafted is one that is not only bereft of facts but also founded in pre-conceived conclusions,” it said, referring to the queries it had received from the media consortium.
“It seems you are trying to play the role of an investigator, prosecutor as well as jury. Considering the fact that answers to the queries posed have already been in the public domain for a long time, it also indicates poorly conducted research and lack of due diligence by the esteemed media organizations involved,” the government said in its response to the global media collective that worked on ‘Project Pegasus’.