Today, the European Parliament voted overwhelmingly to adopt the Pegasus Committee of Inquiry’s report and recommendations. MEPs condemned the illegal use of spyware by governments in Poland, Hungary, Greece and Spain. 

The report found that spyware was illegally used to monitor, intimidate and discredit opponents, journalists and civil society.The report makes clear that this kind of interference is a breach of fundamental rights and a threat to democracy and that use of spyware should only be permitted when strict conditions are fulfilled. 

Governance structures were deemed ill-equipped to deal with attacks and the report clearly states that reforms are needed. Finally, the report is critical of inaction by member states as well as the failure of the Commission and Council to properly investigate these violations. 

Cornelia Ernst (Die Linke, Germany) said: “The results of our in-depth inquiry are an important signal for all victims of surveillance, whose rights violations are now recognised for the first time at EU level. For us it is clear: Surveillance software like Pegasus cannot be compatible with fundamental rights and cannot be reformed. It’s that simple. It also became crystal clear during our investigation that neither the Commission nor the member states care about a real investigation into these violations of EU law, which is a disgrace to democracy.”

Stelios Kouloglou (Syriza, Greece) added: “The PEGA Special inquiry Committee’s impartial investigation identified serious cases of spyware abuse against politicians, journalists, civil rights defenders and led to this comprehensive Recommendation to the member states and the Commission. From now on it is important to apply the Rules of Procedure and instruct the Committee to monitor the implementation of the Recommendation by the member states.”

The vote follows a year of investigations by the European Parliament’s committee, set up in the wake of the Pegasus wiretapping scandal. In July 2021, a collective of investigative journalists, NGOs and researchers – the Pegasus Project – published a report estimating that 50,000 phone numbers may have been the target of Pegasus spyware. 

Most, if not all, EU member states have bought spyware, in principle for law enforcement and security purposes. However, there is ample evidence of abuse of spyware in several member states for purely political purposes, targeting critics and opponents of the parties in power, or in connection to corruption.

“National security” is usually invoked by member states to justify the deployment and use of spyware. Due to this secrecy, victims of spyware are often left without judicial redress or access to justice and information.

Today’s vote is a clear signal that the EU must act. The evidence of abuse is well-documented. What are the Commission and Council waiting for?