More than 300 verified mobile phone numbers, including that of two serving ministers, over 40 journalists, three Opposition leaders and one sitting judge, scores of businesspersons and activists, could have been targeted for hacking through an Israeli spyware sold only to government agencies, an international media consortium reported on Sunday.
The Centre, however, dismissed allegations of any kind of surveillance on its part on specific people, saying it “has no concrete basis or truth associated with it whatsoever”.
The report was published by The Wire news portal from India and publications including The Washington Post, The Guardian and Le Monde as media partners in an investigation conducted by Paris-based media non-profit organisation Forbidden Stories and rights group Amnesty International into a leaked list of more than 50,000 phone numbers from across the world. The global media collective worked on an initiative called Project Pegasus.
The numbers are believed to have been the target of surveillance through Pegasus software of Israeli surveillance company, NSO Group.
The Wire reported that forensic tests conducted as part of the media investigation project on a small cross-section of phones associated with these numbers revealed clear signs of targeting by Pegasus spyware in 37 phones, of which 10 are Indian.
The report came a day before the start of the monsoon session of Parliament. Some Opposition leaders are expected to give notices for adjournment or debate on this issue.
The Wire said the numbers of those in the database from India include that of over 40 journalists, three major Opposition figures, one constitutional authority, two serving ministers in the Narendra Modi government, current and former heads and officials of security organisations, businesspersons and a sitting judge.
NSO Group, the Israeli company which sells Pegasus worldwide, says its clients are confined to “vetted governments”, believed to number 36, according to The Wire.
Forbidden Stories, which accessed the data, stated that it includes records of phone numbers selected as targets by NSO clients, a claim the company formally denied while conceding that its clients might have used these numbers for “other purposes”.
A majority of the numbers identified in the list were geographically concentrated in 10 country clusters: India, Azerbaijan, Bahrain, Hungary, Kazakhstan, Mexico, Morocco, Rwanda, Saudi Arabia and the United Arab Emirates.
The leaked data includes the numbers of senior journalists with the Hindustan Times, India Today, Network18, The Hindu and The Indian Express, The Wire said.
The mobile phone of a former Delhi University professor was also allegedly targeted, while the database also included at least nine numbers belonging to eight activists, lawyers and academics arrested between June 2018 and October 2020 for their supposed role in the Elgar Parishad case.
The Wire, however, added that the mere presence of a phone number in the leaked data does alone not reveal whether a device was infected. “Indeed, it is not possible to know whether their phones were targeted by Pegasus spyware... without digital forensic analysis,” it said.
Working together with the technical lab of Amnesty International, a team of over 80 journalists coordinated by Forbidden Stories sought to identify and verify the individuals to whom these numbers belong and then conduct a forensic examination of the phones in use by them for the period covered by the data, which, in the Indian case was approximately mid-2017 to mid-2019, it said.
In its response, the Centre sought to dismiss the media report as an attempt at playing “the role of an investigator, prosecutor as well as jury”.
The government referred to its reply given to the media consortium and said similar claims were made in the past as well regarding the use of Pegasus on WhatsApp by India and those reports also had no factual basis and were categorically denied by all parties, including WhatsApp in the Indian Supreme Court.
“This news report, thus, also appears to be a similar fishing expedition, based on conjectures and exaggerations to malign the Indian democracy and its institutions,” the government said.
There is a well-established procedure through which “lawful interception of electronic communication is carried out in order for the purpose of national security, particularly on the occurrence of any public emergency or in the interest of public safety, by agencies at the Centre and States” and the procedure ensures that any interception, monitoring or decryption of any information through any computer resource is done as per due process of law, it added.
The government said India is committed to ensuring the right to privacy to all its citizens as a fundamental right. The commitment to free speech as a fundamental right is the cornerstone of India's democratic system, the government said.
“We have always strived to attain an informed citizenry with an emphasis on a culture of open dialogue. However, the questionnaire sent to the Government of India indicates that the story being crafted is one that is not only bereft of facts but also founded in pre-conceived conclusions,” it said, referring to the queries it had received from the media consortium.
“Considering the fact that answers to the queries posed have already been in the public domain for a long time, it also indicates poorly conducted research and lack of due diligence by the esteemed media organisations involved,” the government said.