Serbian Spyware Scandal: Civil Society Under Siege
In an era increasingly defined by digital surveillance, a recent incident in Serbia has thrown a stark light on the use of invasive spyware to suppress civil society. Access Now, SHARE Foundation, the Citizen Lab at the Munk School of Global Affairs & Public Policy at the University of Toronto, and Amnesty International have uncovered that two Serbian civil society members were targeted by spyware, highlighting a worrying trend in the misuse of surveillance technology.
The incident surfaced on October 30 when two civil society representatives in Serbia, opting for anonymity due to security concerns, received Apple threat notifications about potential state-sponsored attacks on their iPhones. They approached SHARE Foundation, a Serbian digital rights NGO, which subsequently involved Access Now’s Digital Security Helpline and Amnesty International’s Security Lab to scrutinize the devices for spyware traces.
Assisted by the Citizen Lab, Access Now’s Digital Security Helpline detected signs of spyware attacks, approximately one minute apart, on August 16, 2023. These attacks exploited iOS HomeKit iPhone functionality, a method akin to those used by NSO Group’s Pegasus spyware. While the exact type of spyware remains unconfirmed due to limited forensic indicators, NSO Group’s history of deploying exploits targeting iPhone’s HomeKit, including the PWNYOURHOME exploit, is notable.
Amnesty International’s Security Lab independently analyzed the two devices, affirming Access Now and the Citizen Lab’s findings. The targeted individuals, known critics of the Serbian government, find themselves in a long line of those subjected to digital surveillance tools by the state. The Serbian Information Security Agency (BIA) has been identified as a customer of various spyware tools, including FinFisher, Circles, Hacking Team’s RCS, and Pegasus.
This case in Serbia is part of a broader, alarming global trend. From Putin’s critics in the European Union to activists in countries like Armenia, Thailand, Mexico, and Morocco, invasive spyware is increasingly being used against civil society members with little accountability. Governments are starting to respond, with the U.S. barring federal agencies from using foreign commercial spyware linked to human rights abuses and European institutions advancing efforts to tackle the spyware issue.
Despite international commitments to curb spyware proliferation, a robust global framework to regulate targeted digital surveillance technologies is conspicuously absent. Access Now advocates for an immediate moratorium on the export, sale, transfer, use, and servicing of targeted digital surveillance technologies until comprehensive human rights safeguards are established. They also call for banning invasive commercial spyware and its vendors found complicit in human rights violations.
The revelation of spyware use in Serbia is a chilling reminder of the ongoing battle for digital rights and privacy. It underscores the urgent need for global cooperation and stringent regulation to protect civil society from the shadows of digital surveillance. As long as companies involved in these human rights violations continue to operate unimpeded, the threat to civil liberties and freedom of expression remains a pressing concern.
