Warsaw, 21/09/2022 – Today, the mission of the European Parliament’s PEGA committee to investigate the use of Pegasus spyware in Poland concluded. The committee and its Pirate Party member Marcel Kolaja, Member and Quaestor of the European Parliament, registered accounts of serious breaches of national and EU law in the purchase, use and oversight of the spyware. The PEGA committee regrets that the Polish government refused to answer any questions relating to these serious allegations. Pegasus was acquired illegally by the Polish government, spending at least €5 million from the Justice Support Fund dedicated to victim support.
“According to the hearings of the last few days, it‘s clear that the Polish government has purchased the spyware illegally. Unfortunately, the Polish government refused to cooperate, so we don’t know the total number of victims and the number of devices infected. The PEGA committee is also investigating in how many Member States the Pegasus spyware was used. Only a few Member States have come forward, so we cannot even say whether they are still using it,” Pirate Party MEP Marcel Kolaja concludes after his three-day mission.
According to meetings during the mission, the Pegasus software was used in more than 60 cases. The software itself is capable of leaving hardly any traces, making it almost impossible to be discovered. According to the investigation, victims were spied on even during most intimate moments or election campaigns.
Lack of steps by Polish government
“There is a lack of concrete steps by the Polish government to address the issue. We also need to put pressure on the European Commission and it must act. It‘s also important to involve the Council of the European Union, in which Czechia holds the presidency through the end of the year. I‘m also worried about the integrity of the elections in Poland next year,” Kolaja explains the next steps in the investigation of the scandal.
When asked by the PEGA committee, the vast majority of the Member States have not commented on whether they purchased and used, or are still using Pegasus or similar spyware. None of the members of the Polish government participated at the investigation.
Pegasus is a spyware developed by the Israeli cyber-espionage company NSO Group. It has been purchased by 14 European governments in the last few years. Now, politicians from governmental parties are accused of using the spyware on opposition politicians and journalists. Exploiting security vulnerabilities, Pegasus can be used covertly to control mobile devices with iOS and Android systems. The spyware is capable of reading text messages, recording calls, collecting passwords, controlling the device, track location and even using the camera.