A US judge on Friday ruled in favour of Meta Platforms' WhatsApp in a lawsuit accusing Israel's NSO Group of exploiting a vulnerability in the messaging app to install spyware for unauthorised surveillance, as reported by Reuters on Saturday.


COMMERCIAL BREAK
SCROLL TO CONTINUE READING

US District Judge Phyllis Hamilton in Oakland, California, granted WhatsApp's motion and found NSO Group liable for hacking and breach of contract.
The case will now proceed to trial only on the issue of damages, according to Hamilton, as reported by Reuters.


Head of WhatsApp, Will Cathcart, described the ruling as a "victory for privacy."


"We spent five years presenting our case because we firmly believe that spyware companies could not hide behind immunity or avoid accountability for their unlawful actions," Cathcart said in a social media post.


"Surveillance companies should be on notice that illegal spying will not be tolerated," she added as quoted by Reuters.
A WhatsApp spokesperson also expressed gratitude for the decision.


"We're proud to have stood up against NSO and thankful to the many organisations that supported this case. WhatsApp will continue to protect people's private communications," the spokesperson said as quoted by Reuters.


Cybersecurity experts also hailed the judgement. John Scott-Railton, a senior researcher at the Canadian internet watchdog Citizen Lab, which first exposed NSO's Pegasus spyware in 2016, called the ruling a landmark decision with major implications for the spyware industry, as reported by Reuters.


"The entire industry has hidden behind the claim that whatever their customers do with their hacking tools is not their responsibility," Scott-Railton said. "Today's ruling clarifies that NSO Group is indeed responsible for breaking multiple laws," he added.


According to Reuters, WhatsApp sued NSO in 2019, seeking an injunction and damages, accusing the company of accessing WhatsApp servers to install Pegasus spyware on victims' devices six months earlier. According to the lawsuit, 1,400 people, including dissidents, journalists, and human rights advocates, were able to be monitored as a result of the intrusion.


NSO argued that Pegasus was used by law enforcement and intelligence agencies to fight crime and protect national security, targeting terrorists, paedophiles, and criminals.
NSO appealed a 2020 trial judge's decision to deny it "conduct-based immunity," a legal doctrine protecting foreign officials performing official duties, Reuters reported.


In 2021, the 9th US Circuit Court of Appeals upheld the ruling, finding that NSO's role in licensing and providing technical support for Pegasus did not shield it from liability under the US Foreign Sovereign Immunities Act.


The US Supreme Court declined NSO's appeal of the lower court decision, allowing the lawsuit to proceed.