A month after reports first surfaced that the Israeli police used NSO-developed spyware to hack the phones of Israeli citizens, there are still many questions about what the police did or did not do, what technology they used, and who approved or disagreed the full scope. for its actions, and what legal consequences, if any, may arise.
In addition, the persistent chasm between Calcalist's claims and the findings of public sector-led investigations has raised questions about the authenticity of the reports.
The Times of Israel interviewed experts and compiled the latest available information to clear things up when possible, and unravel confusion when not possible, around eight of the biggest questions at the heart of the spyware controversy.
Get the Times of Israel daily newsletter in your inbox and don't miss out on exclusive articles. Sign up for free!
1. Did the Israeli police use the “Pegasus” spyware developed by the NSO Group to gain access to citizens' phones?
The police likely acquired a more primitive NSO product than Pegasus. Pegasus is a very powerful tool that provides a zero-click phone hack - no user intervention required - allowing the spyware operator to remotely access all device data and functions.
We know that the police used the NSO tool because the Department of Justice's investigation into police actions accessed NSO data to draw conclusions. But police rhetoric, media reports, and experts indicate that the tool used by the police is less powerful than Pegasus, and is likely another NSO product called Saifan.
Deputy Attorney General Amit Marari, who is leading one investigation into police use of the spyware, included NSO databases in her investigation.
Former Commissioner General of Police Ronnie Sheikh denies illegal use of spyware by police during his tenure, in a video statement from February 9, 2022. (Channel 12 screenshot)A letter sent by the Jerusalem District Attorney’s Office on February 13 stated that “Marari’s team is verifying the information contained in the internal NSO database, which the company made available to the team [Marari].”
The Marari report, whose preliminary conclusions were delivered on Wednesday, refuted some of the allegations identified in Calcalist's latest report, including the use of Pegasus against three high-ranking government employees.
According to Tehilla Shwartz Altshuler, head of the Project on Democracy in the Information Age at the Israel Democracy Institute, her own research indicates that the police did not use Pegasus, but rather another, less sophisticated NSO product.
“I believe former Commissioner-General of Police Roni Alsheich, who says the Israel Police does not own Pegasus,” Schwarz Altshuler said. But the sheikh is only telling half the truth, because the Israeli police own or have already owned another product of NSO that no one knows about and it is called Sevan.”
Hebrew media also reported that the sheikh described the tool as “Sivan,” which they claimed was partially neutralized to fit restrictions on police activity, such as the need to prevent wiretaps from obtaining information that existed before the wiretapping went into effect.
While Schwarz Altshuler doesn't know the details of the Sevan - or any tool other than NSO's "Pegasus" development - but she said, "Comparing this system to a Pegasus is like comparing a very old car to a Tesla."
Therefore, Schwarz Altshuler says that the use of the phrase “NSO use” or “Pegasus use” is misleading, and suggests that things be framed correctly, and that “using a 'tool for NSO’ is the right framework.”
2. Under current Israeli law, is it illegal for the police to use spyware?
Spyware is not expressly covered by current laws, but in past cases where technology has conflicted with privacy in the absence of a clear law, the police obtained interim opinions from the attorney general that enabled them to use the new technology.
According to Schwarz Altshuler, an expert on technology's interference with privacy, there appears to be a national consensus on the need to update laws relating to wiretapping and police searches.
Smartphones, for the purposes of eavesdropping and searches, are computers. Laws on computer eavesdropping or searching were updated in 1995, and minor fixes were made later in 2005 — two years before the first iPhone hit shelves.
Among the scenarios unimagined by the current legal framework is the central value proposition of spyware: getting into someone's device remotely and covertly and taking the materials on that device.
Tehilla Shwartz Altshuler is a research fellow at the Israel Democracy Institute. (Courtesy)“This is a question that does not have an answer in the Israeli legal framework,” Schwartz Altshuler said. Wiretapping laws allow law enforcement to secretly listen to conversations — including messages — between computers, but only from the date the order was issued. Searches laws allow for retroactive searches, but require the police to declare their intent to search and actually obtain the device.
When the NSO case exploded about a month ago, lawmakers were quick to call for these laws to be amended to fit the new technological realities, as they do not address smartphones, eavesdropping, or search software, including NSO products.
Schwarz Altshuler says that although it is not known whether former Attorney General Avichai Mandelblit gave police a legal opinion on the use of NSO tools, past overlaps between police technology and privacy have prompted the attorney general to provide an interim opinion to bridge the gray areas in matters Legal and reality.
She adds: “The [former] attorney general said up until now 'I did not agree to use Pegasus' but as I said, it is possible that the police did not use Pegasus. I can say they used a less intrusive technique. Here, we do not know if the attorney general has provided any kind of legal framework for such uses.”
“What we do know is that in other cases things are going like this: the police have bought or started using new technology. [The police then] go to the attorney general to ask for general instructions on how to use it. The attorney general's staff knew that the police were not authorized by law to use such techniques, but they also knew that legislative procedures take a long time in Israel. So they said, 'Okay, we'll give you this kind of interim guidance. You're going to use it until Christ comes or until we pass legislation, we'll see what happens first.” How do I know this for sure? Because that's exactly what happened with the use of another highly intrusive monitoring system called 'Hawk Eye'."
Eagle Eye is a system used by the police to track vehicles and passengers across the country using fast cameras to identify and identify license plates. The information — collected collectively, rather than targeting a specific crime and suspect — is stored in a data bank.
“It's just like Pegasus; It's a mass data collection system that you can use to phish,” says Schwarz Altshuler, referring to the strength and privacy challenges posed by the Eagle Eye system.
The Ein Al Saqr system was scrutinized for overstepping the current legal authority granted to the police, but before it reached the public debate, Ein Al Saqr was at the attorney general’s table.
Schwarz Altshuler said: "What happened with Hawk's Eye is that the police weren't sure if it was legal to use it. Therefore, she approached the Public Prosecutor and the Public Prosecutor gave her temporary directions to use Eagle Eye. And it continued like this six years later, until [Israeli privacy rights groups petitioned] the Supreme Court.”
Israel's new Public Security Minister, Omer Bar-Lev, arrives at the President's Residence for the sworn-in government group photo in Jerusalem, June 14, 2021. (Yonatan Sindel/Flash90)Following the petitions by Israel Privacy and the Association for Civil Rights in Israel, the High Court of Justice — the Supreme Court’s forum for petitions against the state — eventually asked the police to limit use of the system.
“The court issued an order to the police to immediately stop using the [Ear Falcon] system,” Schwarz Altshuler said. She told them, "You don't have any permission to start using a mass data collection system."
Proposed legislation — which went beyond traffic control and paved the way for the deployment of facial recognition cameras in public places — was submitted for public comment in July 2021, but the Department of Homeland Security has yet to bring it up.
Despite the Supreme Court's ruling that police cannot use Hawk's Eye until legislation that enables them is passed, as of January 2022, police were still using the system, according to court documents.
Before leaving office, the outgoing attorney general reportedly ordered police to suspend their use of the NSO program.
3. How does the court approve police wiretapping and search warrants?
Wiretapping and search warrants are governed by different laws, the Wiretapping Act 1979 and the Criminal Procedures (Stop and Search) Act 1969, respectively.
The chief judge or her deputy handles judicial orders that allow wiretapping, while a search warrant can be obtained from the lower court of the Magistrate.
Wiretaps must also be carried out by a police officer of the rank of commander or higher, which is a relatively high rank. Inspection requests do not carry this requirement.
Avigdor Feldman, a lawyer and expert in criminal and human rights law who has dealt with numerous cases involving wiretapping and searches, describes both requests as trivial.
“The police come in, they show the intelligence, and sometimes the judges actually ask questions, and usually the court agrees to the request,” Feldman says. “There is no protocol for this,” meaning there is no specific text to be followed in interrogation.
In line with Feldman's account, Schwarz Altshuler says her research has found that wiretaps and search warrants are routinely approved by courts.
"All of the unilateral applications to the court were approved at very high rates, which are above 90%," she said. Unilateral requests are made by one party without input from the aggrieved party, including requests for wiretaps, searches and arrests.
According to Schwarz Altshuler, when its scope has been narrowed down to include wiretapping and searches, approval rates have risen to more than 95 percent in the past decade, “which means that courts in general are not an effective police oversight body,” she puts it.
One limitation on the court's ability to oversee this type of request is as innocuous as it is insidious: digital ignorance.
“I think most judges don't know how to ask the right questions," Schwarz Altshuler says. [Many] judges are considering wiretapping the old-fashioned way.”
Getting to the heart of the matter involves asking about the technology being used; how intrusive it is and how it intends to gain access to the device; And what you want to withdraw from the device.
4. If evidence collected through spyware is improperly obtained, can it be used at trial?
The related legal concept, “fruit of a poisonous tree” describes the question posed: If the evidence - the fruit - is obtained from an illegal source - the poisonous tree - is the fruit itself contaminated, ie not allowed in court?
Many countries are doing yes, but the answer in Israel is less clear than that - and may only have been more confusing lately.
In mid-January, the Supreme Court issued a ruling in a case involving former Prime Minister Benjamin Netanyahu's advisor, Yonatan Urich, saying that evidence obtained against Urich by searching a cell phone without a warrant could be used by the court, provided it was The court held that the evidence was obtained illegally. In other words, information from improperly obtained cell phones could still be used at trial, at the judge's discretion.
According to Schwarz Altshuler, “This decision gives the police a huge incentive to break the law and illegally obtain evidence.”
While the implications of the decision in the Urich case have yet to emerge, the dominant opinion prior to this decision was the Issacharoff Doctrine. Issacharoff instructed the judges in finding improperly obtained evidence, as is often the case. In its 2006 decision, the Supreme Court ruled that courts have the discretion to invalidate improperly obtained evidence, if recognition of it would violate the defendant's right to a fair trial, or rights enshrined in the Basic Law on Human Dignity and Liberty.
Then-Likud spokesman Yonatan Urich outside the prime minister's office in Jerusalem, April 16, 2019. (Yonatan Sindel/Flash90)In May 2021, Justice Minister Gideon Sa'ar proposed legislation to formalize the court's power to exercise a discretion similar to Issacharoff in law. The proposal is currently being discussed in the Knesset's Constitutional Committee.
This question has major implications for the trial of Netanyahu, who faces graft charges in three cases. Calcalist alleged that the police were using spyware in their investigation against Netanyahu, including against key witness Shlomo Filber.
Marari's report reportedly concluded that of the seven names related to Netanyahu released by Calcalist, only Felber's phone was hacked in a manner that exceeded the permission granted to the police, and that evidence obtained from the phone hack was not passed on to investigators.
5. How many times have the police used the NSO tool against citizens?
It is not clear how many times the police have used the NSO tool against citizens. A Channel 12 report on February 12 claimed that Pegasus was activated 90 times during the Sheikh's tenure between 2015-2018, and in 150 cases during the reign of Sheikh Khalifa, Moti Cohen between 2018-2020.
But concrete numbers about the full scope of police spyware or use of the NSO tool are still not available.
Significant gaps remain between media allegations and police statements and government support.
Despite the many parallel checks that public institutions perform, each check focuses on a slightly different part of the problem.
On February 13, public prosecutors participated in Netanyahu's trial for corruption in the results of a police investigation into 1,500 phone numbers linked to the investigations and found that all of the phones wired had at least an accompanying court order. This investigation looked at both traditional wiretapping and more sophisticated methods, but focused only on whether the targets had been spied on without any level of court intervention, and did not comment on the methods used against the targets and whether investigators had gone too far. Their competence approved by the court or not.
Prosecutors told the court on Wednesday that among the names linked to the trial published by Calcalist newspaper, only Felber, the state witness and former director general of the Communications Ministry, had been hacked. A wiretapping order was issued against Felber, as well as against one of the defendants in Netanyahu's cases, Iris Elovitch, whose phone was targeted but not successfully hacked.
Marari, the deputy attorney general who is leading the investigation launched by outgoing Attorney General Mandelblit, has reportedly found that one of Calcalist's most sensational allegations - that the phones of three government employees were hacked - has not been proven.
Two of those three - former directors general of the Transportation Ministry and Finance Ministry Keren Turner Eyal and Chai Babad, respectively - handed over their phones to a private company last week that allegedly found evidence that their phones had been tampered with.
State Comptroller Netanyahu Engelman and Internal Security Minister Omer Bar-Lev also announced the opening of two investigations, but without results so far.
6. Why does he attach so much importance to privacy?
The right to privacy underpins the ability to exercise basic democratic values, and an attack on privacy can turn into an attack on civil liberties and democratic rights.
According to Noa Satath, executive director of the ACRI, the hallmarks of open societies — the ability to protest and speak freely and a free and open press — all require the right to privacy.
“The right to privacy is a fundamental right,” Satath said. If we do not have this right, our ability to use our speech and protest is limited… If journalists and activists can be tracked, the threat to democracy in Israel is severe.”
"And that's what was going on here: There was an attempt to limit these rights by abusing our right to privacy."
Noa Satath, executive director of the Association for Civil Rights in Israel. (Courtesy ACRI)The use of spyware challenges citizens' right to privacy, constitutionally enshrined in the 1992 Basic Law: Human Dignity and Liberty.
Satath believes that there is a direct relationship between privacy and democratic values, and that the assault on privacy represented by the unrestricted police use of spyware is very clear: "I can't think of a democratic right that this program does not infringe."
In addition to rhetoric and protest, privacy is at the core of the right to assembly and due process of law. “Given the wide access Pegasus has to all of our information and the different systems we use, it enables profiling and harassment, interferes with due process, and has broad implications, some of which we cannot even imagine at this time.”
7. If the worst allegations against the police and the NSO are true, what does this mean for Israeli democracy?
Amir Kahane, an expert on surveillance law at the Israel Democracy Institute, says the abuse of police power in the privacy scandal does not in and of itself indicate an erosion of democracy.
“In general, I'm not sure if the revelations in particular say anything about Israeli democracy as a whole,” Kahana said. On the face of it, [the revelations] tell the story of long-awaited legislation, long-awaited legal amendments, over-zealous investigative authorities that have outstripped their powers to the point of being potentially illegal, and perhaps tell a story of a lack of oversight.”
“This is not an indication that democracy is at risk here. It doesn't sound like a police state. These things have been brought to light and we will see how they unfold in the political arena.”
But the real test, Kahane says, of Israel's democratic values will be how the country responds to the scandal.
“The resilience of Israel’s democracy can be measured by its reactions to what was revealed — whether what was revealed would eventually lead to the kind of legal reform that would lead to better oversight and better guarantees of such basic civil liberties.”
Amir Kahane is a researcher at the Israel Democracy Institute. (Courtesy)8. Who is the source of the Calcalist newspaper?
Calcalist stresses the need to protect its source and has not identified any names or supporting evidence. We do not know the source of these allegations.
On Saturday, the reporter behind the allegations reaffirmed their veracity and his determination to protect his sources.