David Yambio, an Italian activist, alerted the ICC about spyware surveillance during communications regarding torture victims in Libya. Confirmed by Citizen Lab, the attack raises concerns over potential government interference in ICC proceedings. Italian Prime Minister Giorgia Meloni faces increasing scrutiny over spyware use, while broader calls for stronger regulations to protect activists emerge in response to the situation.
A prominent Italian activist, David Yambio, has reported to the International Criminal Court (ICC) that his mobile phone was subjected to surveillance while he relayed crucial information regarding torture victims in Libya. A report from the University of Toronto’s Citizen Lab confirmed that Yambio, founder of the organization Refugees in Libya, was targeted by mercenary spyware during his communications with the ICC, with at least one attack occurring in June 2024.
Following the confirmation of the spyware attack, Yambio urged ICC members to check their phones for similar surveillance. The ICC’s Office of the Prosecutor declined to comment on the issue, stating it pertains to ongoing investigations. This incident indicates the potential interference by government agencies with access to sophisticated spyware in ICC proceedings, raising concerns for advocates of torture victims.
The situation also pressures Italian Prime Minister Giorgia Meloni, who has faced scrutiny regarding spyware usage following reports in January about warnings given to several activists and journalists that their devices had been compromised. Meloni’s administration has been criticized after the release of Osama Najim, a Libyan citizen wanted by the ICC for war crimes, who was arrested in Italy and linked to severe human rights abuses.
The Citizen Lab’s report outlines that besides Yambio, several activists, including two close associates of Pope Francis, were targeted by hacking software meant for serious criminal investigations. Researchers are still determining the exact type of spyware used against Yambio; however, they confirmed other targets were attacked using software developed by Paragon Solutions, an Israeli firm now under US ownership.
Luca Casarini and Giuseppe Caccia from an NGO dedicated to aiding migrants conducted the study and stated, “We found clear indications that spyware had been loaded into WhatsApp, as well as other apps on their devices.” While the Italian government has acknowledged its relationship with Paragon, it denies responsibility for the surveillance incidents against activists.
Paragon has suspended its contract with Italy due to a violation of its terms prohibiting the use of spyware against journalists or civil society. WhatsApp earlier reported that approximately 90 of its users, including journalists, were targeted by clients of Paragon. The spyware, known as Graphite, can infiltrate devices, gaining access to messages and conversations.
Yambio was first alerted to a potential attack in November, and his phone underwent analysis by Cyber Hub-AM and Citizen Lab experts. Apple confirmed the sophistication of the spyware used against Yambio, revealing that it cost millions to develop, and released a fix in its iOS 18 to safeguard users from similar attacks. The Citizen Lab revealed that other countries, such as Australia, Canada, and Denmark, may also be clients of Paragon, but specific details on their relationships were not disclosed.
John Scott-Railton from Citizen Lab emphasized the need for accountability regarding who deploys spyware and how the collected data is used. Paragon’s executive chair, John Fleming, stated the company adheres to a zero-tolerance policy for violations of their terms. Hannah Neumann, an MEP investigating spyware abuse, called for stronger European regulations, noting, “It is Groundhog Day for spyware abuse, and unless we fix the loopholes in regulation… these violations will continue unchecked.”
The recent report by Citizen Lab highlights significant concerns about spyware surveillance targeting activists and its potential interference with ICC proceedings. This situation raises essential questions about the accountability of governments and private companies involved in deploying such technology. The implications of these incidents underline the urgent need for comprehensive regulations to prevent further abuses and protect the rights of individuals advocating for justice and human rights.
Original Source: www.theguardian.com
