A joint investigation by Access Now and the Citizen Lab has identified the use of NSO Group’s Pegasus spyware against journalists and members of civil society organizations in El Salvador on a massive scale. Technical experts from the Amnesty International Security Lab have peer-reviewed the report and independently verified forensic evidence showing that Pegasus has been misused in the country.
“The use of Pegasus for the surveillance of communications in El Salvador reveals a new threat to human rights in the country. The authorities must stop any efforts to restrict freedom of expression, and conduct a thorough and impartial investigation to identify those responsible,” said Erika Guevara-Rosas, Americas director at Amnesty International.
“It’s unacceptable that reports of harassment and threats against journalists and human rights defenders, who work in a hostile environment and are at serious risk, are becoming more and more common in El Salvador. The international community must stand with human rights defenders and journalists in their demand for respect for human rights.”
Since President Nayib Bukele took office in 2019, the human rights situation in the country has deteriorated swiftly. Freedom of expression has been one of the rights facing the most obstacles, with state officials repeatedly publicly expressing their refusal to accept dissent and seeking to discredit those who expose practices by the authorities that violate or threaten human rights.
The authorities must stop any efforts to restrict freedom of expression, and conduct a thorough and impartial investigation to identify those responsible
Erika Guevara-Rosas, Americas director at Amnesty International
In this context, in November 2021, it was made public that several journalists and members of civil society organizations received an alert from Apple warning them that they were possibly being subjected to targeted surveillance by “state-sponsored attackers”.
The Amnesty International Security Lab independently analyzed technical data from a sample of individuals identified as Pegasus targets in the joint Access Now and Citizen Lab investigation. This sample included multiple journalists from two media outlets. The forensic analysis confirmed that each device was successfully infected with NSO Group’s Pegasus spyware. The earliest evidence of compromise from the sampled devices was on or around 30 July 2020. Signs of compromise or attempted targeting continue as recently as 15 November 2021.
“This investigation shows that, yet again, the Pegasus spyware continues to be abused in the world to unlawfully surveil journalists on a massive scale even after the groundbreaking revelations of the Pegasus Project,” said Erika Guevara-Rosas.
“So far not enough has been done globally to rein in unlawful targeted surveillance. We urgently need governments to implement a global moratorium on the sale, transfer, and use of spyware until human rights regulatory safeguards are in place.”