What you need to know
- Google and Microsoft have joined Facebook's legal battle against Israeli hacking company NSO.
- Facebook had filed a lawsuit against NSO Group last year after it exploited a bug in WhatsApp to surveil over 1,400 people around the world.
- An amicus brief filed by the companies in support of Facebook warns that NSO's tools are both powerful and dangerous.
Google, Microsoft, Cisco, GitHub, LinkedIn, VMWare, Dell, and the Internet Association have filed an amicus brief supporting Facebook's legal action against Israeli spyware maker NSO Group. Facebook had filed a lawsuit against the company in October last year, after it found that NSO Group had exploited an undisclosed vulnerability in WhatsApp to surveil over 1,400 individuals – including journalists and human rights activists.
As reported by Reuters, NSO Group has argued that it should benefit from "sovereign immunity," as it sells its digital tools to foreign governments. However, it lost that argument in the Northern District of California July and has appealed to the Ninth circuit to overturn the ruling.
Microsoft has argued in a blog post titled "Cyber Mercenaries Don't Deserve Immunity" that granting immunity to NSO would encourage the surveillance industry to grow and the tools could be incredibly dangerous if they fall into the wrong hands.
The expansion of sovereign immunity that NSO seeks would further encourage the burgeoning cyber-surveillance industry to develop, sell and use tools to exploit vulnerabilities in violation of U.S. law. Private companies should remain subject to liability when they use their cyber-surveillance tools to break the law, or knowingly permit their use for such purposes, regardless of who their customers are or what they're trying to achieve. We hope that standing together with our competitors today through this amicus brief will help protect our collective customers and global digital ecosystem from more indiscriminate attacks.
A report published by Citizen Lab last week alleged that NSO's hacking tools had been used to hack nearly three dozen devices belonging to employees of Qatar-based broadcaster Al Jazeera. NSO, however, continues to insist that its tools are only used by law enforcement agencies to combat crime.
