Bindmans launches legal action in the United Kingdom on misuse of Pegasus spyware

Bindmans LLP, in partnership with the Global Legal Action Network (GLAN), a UK-based NGO which challenges injustice through international legal strategies, is pursuing potential claims relating to the alleged misuse of Pegasus spyware in the UK by foreign governments.

Pegasus is a form of surveillance spyware which is developed and distributed by Israeli technology firm NSO Group Technologies Ltd. It is installed covertly onto mobile phones (and can even be installed through a “zero click” exploit) without the owner of the phone being aware that this is happening. Once on the phone, it can be used to secretly and remotely record, modify and extract information stored on the phone, including messages, photos, videos, emails and other data, such as location data.

In 2020, a list of 50,000 telephone numbers of individuals believed to be targets of Pegasus spyware was leaked to Amnesty International and Forbidden Stories, media nonprofit organisation based in Paris, France. This led to an investigation dubbed the Pegasus Project which received widespread media coverage.

Following the publication of The Pegasus Project, in August 2021 Bindmans LLP was instructed by a group of claimants to proceed with investigating claims into the alleged misuse of NSO Group’s Pegasus malware by foreign governments.

The claimant group comprised human rights activists, academics, politicians and other prominent figures on behalf of whom a 6-month investigation was led by Bindmans LLP. The claimants are alleging that they have been hacked by Pegasus spyware whilst they were in the United Kingdom. This was an invasion of their privacy rights and therefore they are seeking to bring breach of privacy claims against the defendants. The breach of privacy claims will have to be issued in the High Court following the exchange of pre-action correspondence. The claims will be for breach of data protection laws; misuse of private information; harassment and trespass to goods. Because the hacking caused damage to the claimants’ phones, it is alleged that state immunity does not apply.

Funding for the pre-litigation work was sourced through crowdfunding and the Digital Freedom Fund.

Bindmans is now seeking to crowdfund the future costs of the case using CrowdJustice, a community fundraising platform.

Richard Hermer QC, Ben Silverstone and Darryl Hutcheon of Matrix Chambers are being instructed as Counsel.

“Orange” of Reckon Digital and Bill Marczak (Senior Research Fellow at Citizen Lab) are providing digital imaging and forensics support.