Skip to Content

The spyware industry has found a cozy home in the EU

In a press conference on Tuesday, PEGA, an EU committee set up to investigate the abusive use of spyware across Europe, presented the initial results of an extensive investigation it started back in April this year.

While there have been reports of spyware abuse across several EU member states—which led to PEGA’s creation in the first place—in a 159-page draft report shared with Risky Business, the committee said it found that spyware use and the surveillance industry are prevalent across EU member states.

“All member states have spyware at their disposal. All of them, even if they don’t admit it. They do!” PEGA Committee rapporteur Sophie In ‘t Veld said yesterday.

She added that while some countries use it responsibly, others have abused it to spy on political rivals, journalists, and government critics, but all use the cloak of “national security” to create an “area of lawlessness” where they operate without any accountability.

Unmatched in spyware abuse in the UE are Hungary and Poland, according to the PEGA Committee rapporteur.

“[In] Poland and Hungary, […] spyware is an integral element of a system; a system which is designed to control and even oppress the citizens—that is the critics of the government, the opposition, journalists, whistleblowers—and the whole system is very methodically set up. It’s not by accident. It’s not a random tool they are using,” In ‘t Veld said.

In other countries like Spain and Greece, In ‘t Veld said spyware was deployed “with no evident, imminent, immediate threat to national security” and that there are also reports of similar abuses in Cyprus.

But In ‘t Veld said that while some EU member states are consumers, others are guilty of providing a legal framework for surveillance companies to operate unhindered and sell their software all across the globe. According to the draft report, some vendors advertise themselves as “EU regulated,” using the term as a form of “quality label.”

“Certain EU countries are attractive as an export hub, as—despite the EU’s reputation of being a tough regulator—enforcement of export regulations is weak,” the draft report concluded. More below:

“Two Member States, Cyprus and Bulgaria, serve as the export hub for spyware. One Member State, Ireland, offers favourable fiscal arrangements to a large spyware vendor, and one Member State, Luxemburg, is a banking hub for many players in the spyware industry. The home of the annual European fair of the spyware industry, the ISS World’ Wiretappers Ball,’ is Prague in The Czech Republic. Malta seems to be a popular destination for some protagonists of the trade. A few random examples of the industry making use of Europe without borders: Intellexa has a presence in Greece, Cyprus, Ireland, France and Hungary, and its CEO has a Maltese passport and (letterbox) company. NSO has a presence in Cyprus and Bulgaria and it conducts its financial business via Luxemburg. DSIRF is selling its products from Austria, Tykelab from Italy, FinFisher from Germany (before it closed down).”

PEGA’s draft report proposes a series of measures the EU should take to address its spyware problem. The first one that the EU should apply, according to In ‘t Veld, would be an immediate moratorium on the sale and use of such tools.

The second would be to “enforce the [EU] export rules vigorously because that, frankly, friends, is a joke. We have Dual Use regulation but the enforcement is really not serious”—as In ‘t Veld eloquently put it yesterday.

Other proposals include states defining what “national security” is, the creation of a dedicated European Export Control Agency, a joint initiative with the US to create common standards and a blacklist of spyware vendors, the involvement of Europol in the investigation of abusive spyware use, and granting PEGA and other EU bodies actual powers to investigate spyware cases.

Alex Lim is a certified IT Technical Support Architect with over 15 years of experience in designing, implementing, and troubleshooting complex IT systems and networks. He has worked for leading IT companies, such as Microsoft, IBM, and Cisco, providing technical support and solutions to clients across various industries and sectors. Alex has a bachelor’s degree in computer science from the National University of Singapore and a master’s degree in information security from the Massachusetts Institute of Technology. He is also the author of several best-selling books on IT technical support, such as The IT Technical Support Handbook and Troubleshooting IT Systems and Networks. Alex lives in Bandar, Johore, Malaysia with his wife and two chilrdren. You can reach him at [email protected] or follow him on Website | Twitter | Facebook

    Ads Blocker Image Powered by Code Help Pro

    Your Support Matters...

    We run an independent site that is committed to delivering valuable content, but it comes with its challenges. Many of our readers use ad blockers, causing our advertising revenue to decline. Unlike some websites, we have not implemented paywalls to restrict access. Your support can make a significant difference. If you find this website useful and choose to support us, it would greatly secure our future. We appreciate your help. If you are currently using an ad blocker, please consider disabling it for our site. Thank you for your understanding and support.