By Ty Joplin

The latest story surrounding Israeli surveillance tech firms being hired by strongmen to coerce dissidents into silence involves Saudi Arabia. The now-notorious inventors of the Pegasus spyware, the NSO Group, was reportedly hired by Saudi to hack the phones of prominent Saudi critics, including Jamal Khashoggi.

That Saudi would rely on an Israeli tech firm to spy on those it deems threatening should come as no surprise. Countries throughout the Middle East now depend on Israeli companies like the NSO Group to secure their grip on power, mirroring the growing security partnerships between Israel and these same countries.

Another Israeli company hired by regimes around the world is Black Cube, whose services and product include intimidating people into silence by digging for dirt in their past.

As Israeli firms’ surveillance technology evolves, so too does its usefulness for governments looking to monitor the activities of whomever they find to be troublesome: journalists, activists, bloggers, artists — they are being targeted, their phones hacked, their conversation recorded and logged, and their movements watched.

But a profoundly more threatening trend is developing. It’s not just that tech firms and states are colluding to bolster state power, it’s that revealing these dangerous relationships doesn't appear to be arresting the development of these practices.

Indeed, these scandals are functioning more like promotional material for the firms involved.

The NSO Group’s Pegasus

Visual of Pegasus’ scale and customers (Citizen Lab)

Citizen Lab revealed that the Israeli surveillance firm, the NSO Group, had been hired by Saudi Arabia to track and monitor Jamal Khashoggi before his planned murder in Oct.

After their bombshell report dropped, several Saudi dissidents discovered that they too had their phones infected by the NSO Group’s Pegasus spyware technology.

Prominent Saudi activist Yahya Assiri and YouTube comic and satirist Ghanem Almasarir, both based in London, have been targeted by Pegasus. Omar Abdulaziz, a Saudi dissident based in Montreal, told Vice he had been hacked as well.

Pegasus reportedly allows a user to crack into a phone just by knowing the phone’s SIM number, giving the hacker private information on the phone including texts, calls, WhatsApp messages, photos, emails, contacts and other data. It also lets hackers listen to the phone’s microphone and see through its cameras.

According to a Haaretz investigation of the NSO Group’s deal with Saudi, Abdullah al-Malihi, an associate of Prince Turki al-Faisal, a former head of Saudi Arabia’s intelligence services, and Nasser al-Qahtani, the former right-hand man of current crown prince Mohammed bin Salman, met with NSO representatives and agreed to get access to Pegasus for a whopping $208 million.

Saudi isn’t its only customer. Citizen Lab’s report finds evidence of Pegasus’ software use, and thus circumstantial evidence of states or entities buying the software for surveillance usage, in tens of countries.

Countries with Pegasus software detected (Citizen Lab)

According to the report, “At least six countries with significant Pegasus operations have previously been linked to abusive use of spyware to target civil society, including Bahrain, Kazakhstan, Mexico, Morocco, Saudi Arabia, and the United Arab Emirates.”

In the case of Mexico, NSO said its software was being used by the government to combat the drug cartels there. Instead, it was being used solely to surveill and harass critics of the government and journalists, a 2016 New York Times investigation found.

Famous whistleblower Edward Snowden called the NSO "the worst of the worst in selling these burglary tools that are being actively currently used to violate human rights."

Black Cube

(Black Cube website)

Black Cube, another Israeli surveillance firm, has been deeply involved in propping up regimes and was even hired by Hollywood mogul and alleged sex predator Harvey Weinstein.

Black Cube was hired to smear proponents of former U.S. president Barack Obama’s nuclear deal in an attempt to delegitimize them. Trita Parsi, President of the National Iranian American Council, was one of those Black Cube tried to discredit by digging up dirt into his personal and professional history.

Parsi told Al Bawaba in an interview that he wasn’t exactly sure who had hired Black Cube, but it was told to him and to investigators that Black Cube was representing the interests of the Trump Administration.

Black Cube then found itself in another scandal of a similar sort, when it was found to be engaging in a smear campaign to discredit individuals and non-governmental organizations opposed to Viktor Orban’s rule over Hungary.

Not to outdo itself, Black Cube was also hired by Harvey Weinstein to silence his sexual assault accusers. Again, it tried to dig up dirt in the targets’ personal and professional histories to discredit their claims.

As a series of individual case studies, they portray states’ increasing reliance on private firms to do their bidding in secret, which presents a series of conundrums for democracy and transparency.

But they actually present a more profound problem: revealing these firms to be spying on dissidents ought to be a problem for the state and the firm, but they aren't.

A Deeper Problem

It seems likely that, once it’s revealed that a state hired a tech firm to spy on its own people or surveill dissidents, that they would have to end the program, sever its business relations, and have some kind of investigation into the matter. The firm, for its part, should have to recant its program and take a massive hit in its revenues as investors and clients shy away from a firm associated with oppression.

That's not what is happening.

In fact, these revelations seem to be helping the states and the companies. These scandals appear to be functioning like commercials for the companies: they show other repressive regimes that this company’s tech is powerful, and the states looking to silence its critics get to hire them.

Saudi’s hiring of the NSO Group in 2017 came a full year after the New York Times outed the tech’s use by Mexico to spy on dissidents and journalists; the same types of people Saudi was after.

The NYT investigation on Pegasus may have well been a multiple-page ad for the invasive technology.

One UAE-based firm, DarkMatter, was revealed in 2016 to be operating a massive and invasive surveillance state inside the country, which involved ‘offensive hacking’ and widespread wiretapping, thanks to a lucrative deal with the government.

In 2018, two years after the revelation, DarkMatter’s profits are soaring as are its deals with the UAE. From 2017 to 2018, DarkMatter’s revenue doubled to $400 million.

Black Cube’s operations and list of clients continue to swell despite its myriad controversies. The NSO Group reported its revenue to be around $150 million in 2015. Now, it’s up well past $1 billion.

These are not the growth numbers expected from companies constantly embroiled in scandals that relate to developing systems designed to violate civil and privacy rights en masse. But here we are.

These firms are often portrayed as ‘shadowy’ organizations submerged in secrecy and opaqueness, but after so many of these investigations, we actually have a pretty good understanding of what they do and who contracts them. They make and deploy invasive surveillance tech, at the request of a state that gives them a lot of money, to crack down on dissidents.

Digital rendering of CloudWalk’s facial recognition technology (liangjiang.gov.cn)

Other examples are emerging.

Al Bawaba has documented Chinese tech companies’ involvement in the detention and surveillance of millions of ethnically Uyghur and Kazakh Muslims, such as Huawei and CloudWalk.

Huawei’s state-sponsored development of security technology and CloudWalk’s slow perfection of facial recognition have both helped China crackdown on its Muslim minority.

Both companies are now actively exporting the technology they made in Xinjiang to other countries: Huawei to Germany, Cloudwalk to Zimbabwe.

Another Chinese firm, ZTE, is exporting elements of China’s social credit system, that scores its citizens based on trustworthiness, to Venezuela. Venezuela reportedly plans to use the ZTE-made tech to track citizens’ purchases and tie their loyalty to whether they receive critical social welfare.

Not only has nothing changed since these companies have been outed as servicers of oppressive power, it seems like it’s servicing their visibility and thus their profits.

In short, the exposure is actually helping them.