The European “Watergate,” is how Sophie in ‘t Veld calls the espionage scandal that shook politics last year. Watergate was the biggest US wiretapping scandal to date. In the early 1970s, under Richard Nixon, the ruling Republicans wanted to bug the office of the Democratic Party. Since then, the eavesdropping technology has become a lot more sophisticated, today there are programs that turn cell phones into bugs.
The European wiretapping scandal is correspondingly complex, it is about the largely uncontrolled use of digital spy software by states in Europe. In July 2021, a consortium of investigative journalists, including the Southgerman newspaper was involved, a report on the misuse of the Israeli manufacturer NSO’s Pegasus spy software by states around the world. Several European heads of state were also found among those who were intercepted.
Rules are deliberately hollowed out
To clarify the allegations, the EU Parliament set up a committee of inquiry in March of this year, and the committee’s rapporteur, Sophie in ‘t Veld, presented the findings on Tuesday. As a result, almost all EU member states use spy software. The manufacturer NSO alone stated that it had 14 customers in the EU, two of whom had been terminated.
The report focuses on five countries. Many companies that produce spyware have settled in Cyprus because the rules there are comparatively lax. In contrast, spyware was used extensively in Spain, Greece, Poland and Hungary. In Spain, mainly against politicians in Catalonia who campaigned for independence from Spain, in Hungary and Poland, spy software was also found on the phones of opposition figures and journalists, a blatant violation of European values and the individual rights of those affected.
Actually, the use of surveillance software by investigative authorities is subject to strict rules. But in some member states, according to the report, these are deliberately formulated vaguely or deliberately undermined.
No cooperation between member states
The latest wiretapping scandal is currently plaguing Greece. There, the media published a list of 33 victims who were spied on with Intellexa’s Predator spyware, most of whom were politicians and journalists. According to the report, the EU Commission itself was also the victim of wiretapping attacks.
Nonetheless, the PEGA Committee had to rely largely on public sources for its work. The reason for this is, on the one hand, the lack of powers of parliamentary committees of inquiry, the committee cannot summon anyone. False statements are not punishable.
The other reason, according to in ‘t Veld, is a lack of cooperation on the part of the EU countries, which mostly did not want to answer the committee’s questions with reference to national security. In July, the committee sent member states a questionnaire on the use of spyware. The European Council’s extremely evasive answer came on Monday evening before the preliminary report was published.
According to in ‘t Veld, the Commission did not make any significant contribution to the clarification either, despite reports that around 60 Commission employees were attacked with spyware, including the Belgian Commissioner for Justice, Didier Reynders. The Commission refused to provide more detailed information, citing its own safety. Attackers could learn too much about the Commission’s defensive capabilities.
But it is precisely these defensive capabilities that in ‘t Veld, which sits in the EU Parliament for the Dutch party D66, is questioning. The EU is quick to defend itself when the threat comes from outside, be it fake news or the threat of hate speech on Twitter. But according to her, the European Union has a problem when it comes to fending off threats from within. “When the threat does not come from just anyone out there, but from national governments, the Commission suddenly takes the view that defending European values is not a European matter but a national responsibility,” says in ‘t Veld.
The use of spyware in the EU is anything but a national issue, especially when the victims are in the Commission and Parliament and the perpetrators are in the European Council. In ‘t Veld, the SZ said it hoped the findings from the preliminary report would encourage some states to take part in the investigation after all. The committee’s final report is expected in March.