Dutch MEP Sophie in ‘t Veld (Renew Europe), the European Parliament rapporteur on Pegasus spyware, presented her draft resolution on Tuesday 24 January on the use of spyware in the EU to the PEGA committee, the Parliament committee of inquiry set up on the matter.
After having presented a report on the subject in November (see EUROPE 13073/14) summarising the situation in the Member States most affected by the Predator software, such as Poland, Hungary and Greece, this time she presented a draft resolution containing a series of recommendations for the Member States.
However, the presentation took place in a tense context, with PEGA committee leaders attacking Member States “who, for the most part, do not want to cooperate with us”, PEGA Chair Jeroen Lenaers (EPP, Dutch) stated from the outset, and said he was starting to be “irritated”.
The Member States, but also the Commission, “do not respond” to the questionnaires sent, the Dutch MEP added.
“This attitude of the Member States is serious”, added Ms in ‘t Veld, as the abuse of spyware “echoes the attacks on democracy”. While the attacks in the EU are less dramatic than “those on the US Capitol on 6 January 2021 or those in Brasilia recently, they are just as serious”, and the attitude of the EU Council “is unforgivable”, she said.
However, she was contradicted by Greek MEP Elissavet Vozemberg (EPP), who said that Athens had played its role by welcoming a PEGA mission.
In terms of procedures, the resolution discussed on 24 January will be voted in plenary, while the report presented in November will only be voted in the PEGA committee, a parliamentary source explained.
The recommendations concern the misuse of spyware for political and non-security purposes or spyware export licences to dictatorial countries, with Member States being called upon to “terminate contracts that do not fall within the framework of EU rules on dual-use goods”.
The resolution also proposes a partial moratorium on the use of such software, which would only be allowed under specific and legitimate conditions.
All cases of misuse must also be investigated and Member States must cooperate with Europol on this matter when the EU agency decides to launch an investigation. The resolution also calls for the development of a European definition of national security.
“National security is used as a wild card whenever Member States do not want to be subject to European Parliament questions; they consider that the use of software is always justified, but the EU is not a lawless area”, the MEP added.
As regards recommendations to Member States, the resolution calls in particular on Poland and Hungary to urgently re-establish adequate institutional and legal safeguards, including effective ex ante and ex post checks and independent monitoring mechanisms.
Greece, which has been rocked by the Predator scandal, is called upon to “urgently restore and strengthen institutional and legal safeguards, including effective ex ante and ex post scrutiny as well as independent oversight mechanisms, and urgently repeal all export licences that are not fully in line with the Dual-Use Regulation and investigate the allegations of illegal exports, among others to Sudan.”
For Spain, where Pegasus was allegedly used against Catalan pro-independence activists, although the Spanish regulatory framework appears to be in line with treaty requirements, there is a need to “provide full clarity on all alleged cases of the use of spyware” and to ensure real and meaningful legal redress for all victims. Cyprus must thoroughly evaluate all export licences issued for spyware and revoke them if necessary.
Link to the draft resolution: https://aeur.eu/f/52d (Original version in French by Solenn Paulic)