Former RAW Official: Allegations of Pegasus Misuse Serious, Govts Must Enquire
The Citizen interview
Vappala Balachandran, former special secretary in the Cabinet Secretariat, speaks with The Citizen on the ongoing Pegasus spyware allegations, which he says point to a possible deviation from the intended use of surveillance technology.
Pegasus—how lethal is it in the world of surveillance today?
It would appear from the report published in the Washington Post as a result of an investigation done by a media consortium of 16  partners that it is a highly efficient tool, which they call a “military grade spyware”, licensed by the Israeli firm NSO Group, originally supplied to governments to penetrate terrorist modules.
Surveillance is a time-tested method of all governments—what makes this different?
Change of methods of operations (called MECOPS) by modern terrorists, especially the Islamic State, in their methods of electronic communications to their hit groups through commercially available but encrypted channels had forced global counter-terrorist [CT] agencies to try to break into these highly efficient and unbreakable clandestine channels by getting the best technology in the world.
This was also partly because commercially available mediums like WhatsApp were unwilling to share the details of suspected terrorist leadership with governments to enable them to take preventive action and save lives.
In my lecture to the Singapore Police on November 9, 2017 I had given details of all the 16 Islamic State terrorists who were responsible for seven vehicle mowing incidents all over the world starting from Nice, France on July 14, 2016 till New York on November 1, 2017, killing 140 innocents.
The tragedy was that all these 16 terrorists were on the law enforcement radar in some form or another. This had demoralized CT agencies, who were not able to explain why they were unable to prevent such forms of innovative terrorism.
This helplessness was responsible for searching for new solutions. “Pegasus” was one of them, used to penetrate terror suspects by infecting their smartphones.
The result is for all to see. In those days terrorists were 10 steps ahead of CT agencies. Now they are not.
It has been demonstrated that Pegasus was used to infect telephones of Jamal Khashoggi’s wife shortly before he was killed. Do you think there was a link or was he under surveillance anyway?
If this story is true, it is certainly a deviation of the main purpose of buying this software.
Authoritarian countries do try to keep political dissidents under watch, but in my opinion that is not the reason why the Israeli firm NSO Group might have officially sold it to Saudi Arabia. If true, it is a deviation of the original purpose for which it might have been sold.
40 journalists have been named from India and traces of Pegasus infiltration found in some of the mobiles that were examined. How seriously do you view this?
I have no means to test the veracity of this report. If there was any deviation, it needs to be enquired into. Our government spokesperson has already denied it.
Does it indict the government, considering the NSO Group says it deals only with governments?
It is a serious matter if any government, directly or indirectly was responsible for deviation of the purpose of this software, as described in the Washington Post report of July 18.
How does it feel to see India clubbed together with tiny little autocracies, and Saudi Arabia?
I am not able to comment on this as I have no personal knowledge.
The western countries are not included really—is it because they do not follow their journalists and others, or because their surveillance methods are more evolved, perhaps they do not feel the need to hire the likes of Pegasus?
Similar allegations were levelled against the US government agencies too before the advent of Pegasus software.
For example, the American ProPublica [media outlet] had published a report on August 5, 2013 alleging massive domestic electronic surveillance in USA.
Can we say that apart from this list of 40, the other journalists are free of surveillance?
I am not able to comment on that.