News

Spanish deputy PM urges investigation into Catalan spyware claims

The Spanish deputy prime minister, Pablo Iglesias, has become the most senior political figure to call for a parliamentary investigation into the use of spyware to target prominent members of the Catalan independence movement, saying such practices are “unacceptable in a democracy”.

A joint investigation this week by the Guardian and El País has revealed that Roger Torrent, the speaker of the Catalan parliament, and former regional foreign minister Ernest Maragall are among at least four pro-independence activists who have been targeted using Israeli spyware that its makers said is sold only to governments.

Speaking to the Guardian on Thursday, Iglesias said the targeting of political figures because of their convictions or positions could not and should not be tolerated. “For me, as well as being obviously a judicial matter, it’s a political one,” the Podemos leader said.

“These people who were spied on were spied on because of their political responsibilities and we’re talking about the speaker of the Catalan parliament – so that’s the political aspect. I believe that a parliamentary commission needs to investigate all the instances of spying that have taken place in our country because it’s part of the job of cleansing and democratic regeneration.”

He said people in a democracy could not consent to spying, adding: “This kind of practice is unacceptable in a democracy.”

Podemos and eight other leftwing or nationalist parties, including Torrent and Maragall’s Catalan Republican Left, are calling for a new parliamentary commission to investigate the targeting as part of an inquiry into the so-called “sewers of state” and allegations of police corruption and media collusion.

For too long, Iglesias said, opponents of the right in Spain have been targeted and smeared to political ends. “This can’t be allowed to be part of the present; it has to be relegated to the past,” he said. “When you have a situation like the one we’ve seen, I think it needs to be investigated and I have full faith in the interior ministry and the security forces.”

Iglesias said the Spanish congress had already confirmed the existence of strategies to generate fake news stories and needed to look into the use of the spyware.

“We’re obviously very worried by what we know so far about these spying programs and the matter must be investigated so that we can get rid of this once and for all,” he said.

Spain’s justice minister, Juan Carlos Campo, said the matter was “very serious”, adding: “The actions of the state are clear when it comes to rigour and abiding by the law, and if there has been any breach it will need to be looked into and investigated.”

Torrent and Maragall have announced they are to take legal action against Félix Sanz Roldán, who was head of Spain’s National Intelligence Centre (CNI) when their phones was targeted in spring 2019. The Guardian has approached Roldán for comment.

“The acts that took place constitute offences under criminal law. The offence of unauthorised intrusion and of computer espionage or illegal eavesdropping,” Torrent and Maragall said in a statement. They added that the offences were punishable with prison sentences.

They said they had decided to take action after reports emerged that Spanish intelligence services had used Pegasus spyware from the Israeli NSO Group, despite denials from the interior ministry.

Recent articles in El País and Público suggested both the CNI and the national police force may employ the spyware, which, according to NSO Group, is only available to governments to help them track terrorists and criminals.

The interior ministry denied such claims on Monday, saying: “Neither the interior ministry, nor the national police, nor the Guardia Civil have ever had any relationship with the company that developed this program, and, as such, have never contracted its services.”

It added that the actions of state security forces were always conducted “with the utmost respect for the law”.

The CNI, meanwhile, said in a statement that it acted “in full accordance with the legal system, and with absolute respect for the applicable laws”. It said its work was overseen by Spain’s supreme court. It did not respond to specific questions about the alleged use of Pegasus spyware.

NSO Group has denied it has any role in operating its hacking software and has said it has no knowledge of who its government clients target.

The company said it operated under “industry-leading governance policies” and that it could not confirm or deny which authorities used its technology because of confidentiality constraints.

WhatsApp said that 1,400 users were targeted in a mass attack in April and May last year. The incident is the subject of a lawsuit by the messaging app against NSO Group in the US. NSO Group has denied allegations that it bore any responsibility in the targeting of individuals and said it did not operate the technology itself.

According to the lawsuit, the spyware exploited a previous vulnerability in WhatsApp software that would have given the operator potential access to everything on the target’s mobile phone. This included emails, text messages and photographs. It could also have switched on the phone’s recorder and camera, turning it into a listening device.

The California company has claimed 100 members of civil society – including journalists in India, human rights activists in Morocco, diplomats and senior government officials – are alleged to have been affected.

John Scott-Railton, a senior researcher at Citizen Lab, who has closely monitored the use of NSO Group’s spyware and collaborated with WhatsApp to engage members of civil society targeted by the 2019 attack, described the targeting as disturbing.

“This case is extremely troubling because it suggests that possible domestic political espionage was taking place,” he said.