Greece, Hungary, Poland and Spain: EU member states all accused of using Pegasus spyware against citizens, journalists and members of opposition parties. Where they differ, is the level of scrutiny they are under from the European Parliament.

The Pegasus Committee of the European Parliament has organised or is organising fact-finding missions in these member states – with the exception of Spain. This was ruled out by other members of the committee, despite revelations of hacking in both Madrid and Barcelona. 

On Monday 24 October, a delegation from The Left in the European Parliament is travelling to Spain for a fact-finding mission to investigate the use of spyware. Evidence gathered will feed into the committee’s overall inquiry. 

On the mission, The Left will meet journalists, politicians, lawyers and NGOs that have all been victims of the spying software. In Madrid, they will meet with Spanish Parliamentary groups, Podemos and Izquierda Unida. In Barcelona, the delegation will meet with representatives from the Catalan government, including members of the Pegasus Committee, members of Esquerra Republicana and the Catalan National Assembly. 

Invitations sent to Fernando Grande Marlaska, Spanish Minister of the Interior, Félix Bolaños, Minister of the Presidency, Relations with the Cortes and Democratic Memory of Spain, and María Gámez Gámez, the General Director of the Guardia Civil, were, however, rejected. 

Cornelia Ernst MEP (Die Linke, Germany) said: “At least 65 mainly Catalan opposition members, lawyers and journalists were spied on by the Spanish state with Pegasus – this number is unprecedented and likely to be the tip of the iceberg. We are very disappointed that the secretariat of the Pegasus Committee didn’t organise a fact finding mission to Spain – making our work on this mission with victims and witnesses more vital than ever.”

In March 2022, the European Parliament set up the Pegasus Committee to investigate alleged infringement or maladministration in relation to the use of Pegasus and equivalent spyware surveillance software. In particular, the Committee is gathering information on the extent to which EU member states or third countries are using intrusive surveillance in violation of the rights and freedoms enshrined in the Charter of Fundamental Rights of the European Union.

In April 2022, researchers at the University of Toronto’s Citizen Lab revealed that at least 65 individuals connected with the Catalan independence movement had been targeted with spyware between 2017 and 2020. A fortnight later, the Spanish government announced that the phones of the prime minister, Pedro Sánchez, and the defence minister, Margarita Robles, had been hacked with Pegasus in May and June 2021. CatalanGate is the largest case of mass espionage accredited to date through the Pegasus and Candiru software, against pro-independence politicians, journalists, lawyers and social activists.