SPYWARE’S repeated use to target journalists and those close to them poses an existential threat to the privacy required for press freedom to flourish. Without the ability to privately communicate with sources, conduct research, and compile information, journalists are hampered in their ability to keep the public informed and hold the powerful to account.
“The spyware attack revealed to me that regardless of where I am and what citizenship I hold, if the Moroccan government wants to gather surveillance, they will…It prevents you from being able to do your work because you don’t want to put people [you speak to] at risk,” said Samia Errazzouki, an editorial board member with the Moroccan Mamfakinch news site with U.S. citizenship. Errazzouki was based in the U.S. when she and 14 other Mamfakinch staff were targeted with spyware in 2012.
In March, the Committee to Protect Journalists mapped dozens of incidents where members of the media were targeted with sophisticated, secret surveillance on nearly every continent. The compiled reporting details how spyware products sold by companies based in Israel and Europe have been allegedly used by governments to reach across borders and oceans into the devices of journalists and their associates to monitor their lives without their knowledge.
“It’s not just the fear or anxiety,” said Errazzouki, who now considers the possibility of being unknowingly recorded by her devices’ cameras and microphones. “It’s real, the way it changes your everyday habits. Not changing your clothes in front of your computer. Putting your phone in a drawer to have a private conversation.…[There’s] some degree of paranoia.”
The evidence of spyware’s use against the press uncovered by investigators, including from the Citizen Lab at the University of Toronto, Amnesty International, and Reuters, outlines a chilling threat to the privacy required for journalists to work freely.
Unbridled use of technology to access and conduct surveillance on journalists’ devices promotes fear and self-censorship, often accompanied by physical intimidation or arrests.
In 2020, Moroccan journalists Omar Radi and Maati Monjib were arrested after being targeted with spyware. Monjib was granted provisional release on March 23 following a 19-day hunger strike, but Radi remains behind bars. Another journalist in India, Anand Teltumbde, was also jailed last year following similar spyware targeting.
How the efforts to hack these journalists’ phones may have contributed to their arrests remains unclear, but their experiences illustrate the familiar, tandem nature of digital and physical threats.
In Nigeria, for example, police used call record data to lure and arrest journalists and in Ghana reporters worry that digital forensics tools will be deployed to access information on seized devices. They have reason after the Washington Post reported that Myanmar police leveraged the same technology to search the phones of two jailed Reuters journalists and the Nigerian military sought a “forensic search” for sources on editors’ phones and computers.
Without a robust defense of privacy from governments, corporate leaders, and citizens, journalists’ phones will continue to be converted from useful tools into grave vulnerabilities.
*A shorter version of this report was also published in the April 2021 edition of The Washington Post Press Freedom Partnership newsletter.