- A US federal judge has permanently barred Israeli spyware maker NSO Group from accessing Meta’s WhatsApp platform using its spyware
- The court determined that Pegasus compromised the privacy of over 1,400 journalists, diplomats, and activists
- Judge Phyllis Hamilton reduced Meta’s damages award from $167 million (about KSh 21 billion) to $4 million (about KSh 517 million)
Elijah Ntongai, an editor at TUKO.co.ke, has over four years of financial, business, and technology research and reporting experience, providing insights into Kenyan, African, and global trends.
Israeli cyber intelligence firm NSO Group has been permanently barred from accessing Meta’s WhatsApp platform.
Source: Getty Images
A US federal judge ruled that its flagship spyware, Pegasus, had been used to infiltrate users’ devices, compromising the privacy of hundreds of journalists, diplomats, and activists worldwide.
Will NSO Group pay Meta?
The ruling, issued Friday by US District Judge Phyllis Hamilton, also slashed the $167 million (about KSh 21 billion) jury-awarded damages granted to Meta in May to just $4 million (about KSh 517 million).
Search option is now available at TUKO! Feel free to search the content on topics/people you enjoy reading about in the top right corner 😉
The judge deemed the amount as proportional under punitive damages law.
Hamilton said there was insufficient evidence to prove that NSO’s conduct was “particularly egregious”, capping the damages ratio at 9:1.
Why did Meta sue NSO?
Meta, the parent company of WhatsApp, sued NSO in 2019 for violating the US Computer Fraud and Abuse Act and California’s data protection laws after discovering that Pegasus had been used to hack 1,400 WhatsApp users.
The spyware, once implanted, can remotely activate microphones and cameras and extract private data, including contacts, messages, and location information.
“Today’s ruling bans spyware maker NSO from ever targeting WhatsApp and our global users again. We applaud this decision that comes after six years of litigation to hold NSO accountable for targeting members of civil society. It sets an important precedent that there are serious consequences to attacking an American company,” said Will Cathcart, Head of WhatsApp, in a statement.
Judge Hamilton’s permanent injunction prohibits NSO from attempting to bypass WhatsApp’s security systems or collecting any user data.
She noted that NSO’s continued efforts to circumvent platform protections, as revealed in trial testimony, justified the court’s intervention to prevent further “irreparable injury”.
“Part of what companies such as WhatsApp are selling is informational privacy. Any unauthorised access is an interference with that sale, defeating one of the service’s core purposes,” Hamilton wrote.
Source: Getty Images
How was Pegasus used to spy on WhatsApp?
Pegasus was developed for government and intelligence use and has been repeatedly accused of misuse by authoritarian regimes to spy on journalists, dissidents, and human rights defenders.
The spyware can infect devices through missed calls or “zero-click” attacks that require no user interaction, methods Judge Hamilton said made it impossible for Meta to anticipate or block all intrusion attempts without court protection.
NSO Group has maintained that it only sells Pegasus to “vetted government agencies” for counterterrorism and criminal investigations, but it has faced mounting international backlash and blacklisting over alleged human rights abuses tied to its clients.
Meta had sought to extend the injunction to Facebook, Instagram, and Threads, but Hamilton limited the scope to WhatsApp, saying evidence did not show comparable harm on the other platforms.
The case, which has been one of Silicon Valley’s most high-profile cybersecurity lawsuits, has dragged through multiple courts for over half a decade, even reaching the Ninth Circuit Court of Appeals and narrowly avoiding collapse ahead of trial.
Were activists targeted with pegasus?
In 2022, Dozens of Thai pro-democracy activists were targeted by the Pegasus spyware during the height of Bangkok’s anti-government protests between October 2020 and November 2021.
The investigation identified around 30 activists, lawyers, academics, and NGO workers whose mobile devices were infected, including prominent figures such as lese majeste lawyer Arnon Nampa, protest leader Panusaya Sithijirawattanakul, and activist Jatupat Boonpattararaksa.
Pegasus, developed by Israel’s NSO Group, can extract data and activate a phone’s camera or microphone once installed, and though NSO insists it only sells to vetted governments, the report suggested that the Thai government likely benefited from its use against dissidents.
Amnesty International condemned the hacking as a disturbing attack on peaceful dissent, warning that the true scale of surveillance could be even greater.
Source: TUKO.co.ke
