Amnesty International Spyware Investigation Reveals Outdated View of Morocco

Amnesty International’s latest investigation into the use of NSO Group’s Pegasus spyware in Morocco revealed more about myopia and political bias within the organization than about alleged human rights abuses in Morocco.

The NGO’s focus on Morocco in the investigation into Israel’s NSO Group and the international use of its spyware ended up shining the spotlight on the NGO itself and its myopia when it comes to human rights violations in certain countries. The report also revealed that, while the rest of the world has kept turning, Amnesty International appears to be stuck in the early 1990s as far as its view of Morocco is concerned.

The investigation views Morocco as frozen in time, still making the same mistakes and living the same struggles as it was 30 years ago. However, Morocco has made significant, tangible progress in its human rights record over the past decades.

This said, no country is beyond reproach. Setbacks happen, as we have seen in the US over the past weeks. Morocco, though by no means perfect in its human rights record, deserves to be seen through the contemporary, impartial lens Amnesty claims it uses to evaluate all countries.

Damning rhetoric

On June 22, the human rights group released the findings of an investigation into Morocco’s alleged use of NSO spyware to “harass” journalist and activist Omar Radi.

“The organization found that Omar Radi’s phone was subjected to multiple attacks using a sophisticated new technique that silently installed NSO Group’s notorious Pegasus spyware,” the report reads.

Amnesty International then outlines how and when Moroccan security services allegedly hacked Radi’s phone using the NSO spyware, specifically through “network injections” which allow cyberattackers complete access to the victim’s calls, camera, microphone, messages, emails, and other applications.

The NGO states that: “Forensic data extracted from Omar Radi’s phone indicates network injection attacks occurred on 27 January, 11 February, and 13 September 2019.”

Within the June 22 report, there are no gray areas: Amnesty International is clear that Moroccan authorities used the Israeli spyware, claiming that the evidence speaks for itself. However, the report also states that the malware leaves few traces and is “notoriously difficult to spot.”

Meanwhile, a source within the Moroccan security services told Moroccan newspaper Le360 that “The Moroccan [security] services have no relationship with the Israeli company NSO and do not use the Pegasus software. The entire Amnesty International report on this subject was erroneous and without foundation.”

The document quotes Deputy Director of Amnesty Tech, Danna Ingleton. Illustrating Amnesty International’s outdated view of Morocco, Ingleton sees the investigation as an open and shut case.

“The Moroccan authorities are increasingly using digital surveillance to crack down on dissents. This unlawful spying, and the wider pattern of harassment of activists and journalists must stop,” she said, sharing no evidence to back up the allegations.

She classed the “forensic data” cited in the report to prove one alleged hacking incident as “chilling evidence” that Morocco consistently uses the spyware to “attack” and “harass” journalists and activists.

On top of this damning rhetoric, the report makes the unsubstantiated claim that Morocco continues to “use the [Pegasus] technology to track, intimidate and silence activists, journalists, and critics.”

Despite the fact that Morocco categorically denies the allegations and, as a rule, does not share diplomatic relations with Israel which would complicate any government contract, for Amnesty International Morocco’s guilt is “chilling” and unquestionable.

The NGO wasted no time in harking back to 1990s Morocco, roundly condemning the Moroccan government, not only for the Omar Radi hacking, but for “continued” abuses for which they provided no evidence.

Morocco World News contacted Amnesty International’s media office by telephone and email for comment but has not yet received a response.

Moroccan newspaper Le Desk quoted a Moroccan security services official who clarified Morocco’s current position on the use of spyware.

“For us, citizens like the one cited in the report [Omar Radi], who are not radicalized, and do not represent even a tiny threat to the security of the country do not justify the money or technology such surveillance would require,” the source said.

The source also emphasized the Moroccan government’s opinion of journalist Radi, saying: “We do not consider his [Radi’s] public expressions of opinion as an act of subversion meant to stir social unrest, it represents diversity in opinions.”

Blurred lines and inaccuracies

In the June 22 report, Amnesty International claims that: “For network injections, the attacker requires either physical proximity to the targets or access over mobile networks in the country which only a government could authorize, a further indication that the Moroccan authorities were responsible for the attack against Omar Radi.”

Experts in the tech field argue that tracing the origins of network injections is far from as simple as Amnesty International suggests in the report. The process of tracking and identifying both the presence and use of Pegasus spyware is liable to inaccuracies, meaning that Amnesty International’s claims that the Moroccan government had any involvement in, or even awareness of, the hacking of Omar Radi’s cell phone are unsubstantiated.

A tech expert explained to Francophone news outlet Le360 that “each move leaves a trace to identify it. IP is the equivalent of the certificate of residence for this act,” meaning that Amnesty International researchers could have traced messages infected with spyware that Radi received prior to 2018 through the telephone operator, thus proving whether or not the Moroccan government was behind the hack. The Amnesty International report makes no mention of this and its links between the Moroccan government and the hack are largely unsubstantiated.

A 2018 investigation by researchers at the University of Toronto in Canada revealed that Pegasus spyware was active in 45 countries. Use of the spyware was prevalent in the Gulf states, the UK, the US, France, Greece, and a number of other countries.

The report emphasizes that the “findings are based on country-level geolocation of DNS servers, factors such as VPNs and satellite Internet teleport locations can introduce inaccuracies.”

The research found that operators using spyware were active in several Gulf states: “In total, we identify at least six operators with significant GCC operations, including at least two that appear to predominantly focus on the UAE, one that appears to predominantly focus on Bahrain, and one with a Saudi focus.”

Saudi Arabia, according to the research by the Canadian university, was using the spyware on targets across the Middle East and in Europe and was actively “seeking to execute five nonviolent human rights activists accused of chanting slogans at demonstrations and publishing protest videos on social media.”

Meanwhile, an operator in North Africa appeared “to focus on Morocco” but “may also [have been] spying on targets in other countries including Algeria, France, and Tunisia.”

The research report suggests that, while it is possible to identify the location of operators, it is not possible to confirm with any accuracy who is behind the use of the malware. Furthermore, one operator can target information sources in different countries and is not dependent on the government or authorities for access to mobile networks through the use of VPNs.

Myopia and bias

Considering the global prevalence of the use of Pegasus spyware, Amnesty International’s use of damning rhetoric in the June 22 report reveals a clear and concerning myopia and bias as far as Morocco is concerned.

The human rights NGO was quick off the mark to condemn the Moroccan government for allegedly using the spyware, but has been remarkably quiet on the subject of other states using the Israeli software.

After strongly criticizing the Moroccan authorities for their alleged involvement in the cyberattack on Radi, the Amnesty International report briefly cites other countries where the NSO Group’s software has been detected.

“Amnesty International and others have documented a pattern of NSO Group’s Pegasus spyware being used to target civil society. The spyware has been used in attacks on journalists and parliamentarians in Mexico; Saudi activists Omar Abdulaziz, Yahya Assiri, Ghanem Al-Masarir; award-winning Emirati human rights campaigner Ahmed Mansoor; an Amnesty International staff member; and allegedly, used in connection with murdered Saudi dissident Jamal Khashoggi,” the report reads.

There is no mention of the use of spyware in Israel, the US, the UK, or France. And, while the NGO is calling for Israel to control and curb the export of the spyware in order to stop the malware from being used to infringe human rights, there is no evidence that Amnesty International has investigated whether the Israeli government is using the NSO Group software outside counterterrorism. There have also been no specific country reports on the use of NSO Group malware in the UAE of Saudi Arabia.

Though Amnesty International has a very sharp vision in its assessment of Morocco and other “repressive” states, myopia has set in where certain other states are concerned. And, while the NGO claims to be independently funded and standing impartial, apart from international governments, an examination of the facts at hand indicates Amnesty International’s inherent bias is rooted in dollars.

Influence through funding

A 2017 report by the Reseau International unveiled the truth behind the NGO’s finances, and through them, the roots of Amnesty International’s selective blindness. The report shows that Amnesty International received funding from the “National Foundation for American Democracy (NED), which is officially funded by the United States Congress, through the budget of the United States Agency for International Development (USAID).”

The Reseau International report explains that the NGO is far from transparent in terms of access to information, and that information about donors is increasingly difficult to access. “Today, it is almost impossible to find direct evidence that in 2008, the Israeli branch of Amnesty International accepted a donation of NIS 130,186 from the State Department of the United States government,” the report notes.

The Royal Netherlands Embassy in Israel, the UK government’s Department for International Development (DFID), the US government, through other associations, and the Norwegian Telethon, among other Western government sources, all appear on the list of Amnesty International donors.

A June 2012 report by NGO Monitor documented Amnesty International’s finances and directly questioned the human rights NGO’s claims of impartiality.

Closer inspection of Amnesty International’s funding prompts a number of questions.

Which donor is behind the NGO’s anomalous lack of coverage of human rights violations in Egypt? Who benefited from Amnesty International’s position on NATO’s intervention in Libya in 2011? Why does mistreatment of migrant workers in Qatar warrant more scrutiny than the appalling treatment of domestic workers in other Gulf states?

While protecting and preserving access to human rights across the globe is a vital mission and one that every government should stand firmly behind, Amnesty International’s myopia when it comes to certain countries and crises and intense, outdated views where others are concerned undermines its goals.

Through condemning Morocco so openly in the recent Pegasus report, Amnesty International has shown all too starkly that a clear-sighted and impartial investigation is needed within its own ranks in order to rescue the remaining vestiges of its transparency and credibility.