The NSO Group, the controversial developer of the Pegasus spyware, has been held liable in a lawsuit filed by Meta’s WhatsApp over cyberattacks targeting approximately 1,400 devices, according to The Record. The lawsuit, initiated in 2019, has brought to light the misuse of Pegasus spyware to compromise the phones of activists, journalists, and government officials.
In today’s ruling, the NSO Group was found guilty of violating several laws, including the Computer Fraud and Abuse Act, the California Comprehensive Computer Data Access and Fraud Act, and breaching contractual agreements. While the court has established the company’s liability, the trial will now proceed to address the damages to be awarded.
The NSO Group has consistently argued that it should not be held accountable since Pegasus was allegedly operated by clients conducting investigations related to crimes and national security. However, the judge dismissed this defense, signaling a potential precedent for other companies in the spyware and surveillance industry.
Will Cathcart, the head of WhatsApp, hailed the decision as a landmark victory for privacy rights. In a statement posted on Threads, Cathcart emphasized the importance of holding surveillance firms accountable for their illegal activities.
“This ruling is a huge win for privacy,” he stated. “We spent five years presenting our case because we firmly believe that spyware companies should not hide behind immunity or avoid accountability for their unlawful actions. Surveillance companies should be on notice that illegal spying will not be tolerated.”
The ruling underscores a growing global concern over the misuse of spyware and the urgent need to enforce stricter regulations on companies operating in this space.
The Pegasus spyware, developed by NSO Group, has faced intense scrutiny in recent years due to its role in enabling unauthorized access to devices. Investigations have revealed that the software has been weaponized against vulnerable groups, including human rights activists, investigative journalists, and political figures. These revelations have fueled debates about the ethical implications of commercial spyware and the responsibility of its developers.
NSO Group has consistently maintained that its software is sold exclusively to government agencies for legitimate purposes, such as combating terrorism and addressing serious crimes. However, repeated instances of abuse have called into question the company’s oversight and ethical standards.
Today’s ruling could have far-reaching consequences for the spyware industry, setting a legal benchmark for how companies like NSO Group are held accountable for their products’ misuse. By rejecting NSO’s claims of immunity, the court has sent a strong message that technological innovation cannot be used as a shield for violating privacy and human rights.
NSO Group has yet to respond to the ruling, but the outcome of the upcoming trial on damages could further define the legal landscape for surveillance technology and its misuse. This decision reinforces the need for vigilance and advocacy in protecting digital privacy, especially as surveillance tools become increasingly sophisticated and pervasive.