Most of the potential victims, who were contacted by CitizenLab researchers and WhatsApp, are people who are connected with Bhima Khoregaon controversy and other Dalit issues.
Mumbai: Over the last two years, Nagpur-based human rights lawyer Nihalsing Rathod has received receiving calls on WhatsApp from unknown numbers. These calls would be made from international numbers, and would invariably turn out to be a group call.
The moment Rathod answered them, the call would disconnect. He assumed these were innocuous calls made to his number but as a safety measure, reported each of the “suspicious calls” to WhatsApp.
On October 7, 2019, Rathod, however, was contacted by a senior researcher from the Toronto University’s ‘Citizen Lab’ informing him that he faced a “specific digital risk”.
“John Scott-Railton, the senior researcher told me that his lab had followed my work and during their research had found out that my profile was under a surveillance attack. All those calls made to me for two years suddenly began to make sense,” Rathod told The Wire.
The Citizen Lab was one of the first few research organisations to examine how Israeli surveillance firm NSO Group’s Pegasus spyware operated. In September 2018, it published a comprehensive study identifying 45 countries, including India, in which operators of the spyware may be conducting operations.
The NSO Group has been in the spotlight this week after WhatsApp filed a lawsuit against them, alleging that they exploited a vulnerability in its video-calling feature to specifically target and snoop on over 1,400 users including activists and journalists.
In its response to the legal suit, the NSO Group however has claimed that the Pegasus spyware has been sold only to government agencies.The conversation between a Citizen Lab researcher and Rathod. Credit: The Wire.After speaking to Citizen Lab, Rathod wrote to WhatsApp once again with newer information and this time he says he received a response on the same platform.
“In May we stopped an attack where an advanced cyber actor exploited our video calling to install malware on user devices. There’s a possibility this phone number was impacted, and we want to make sure you know how to keep your phone secure,” the message from WhatsApp read, along with further steps to be taken to ensure security protections on his phone.While WhatsApp’s message, which was sent on a verified business channel, didn’t specifically mention Pegasus or the NSO group, Rathod says the possibility of it is very high.
The Wire however has separately confirmed that this is indeed the message that was sent by WhatsApp to people it detected were targeted by Pegasus On Thursday, the Indian Express reported that the Facebook-owned platform said journalists and human rights activists in India have been targets of surveillance by operators using Pegasus.
WhatsApp recently made details of this clear in a broader disclosure before a US federal court in San Francisco. It is still unclear the extent of this threat and how many WhatsApp profiles were compromised.
Bhima Koregaon pattern?…Rathod is one of the lawyers handling the Bhima Koregaon case in which nine activists and lawyers have been arrested since June 2018. His senior legal mentor Surendra Gadling is among those arrested and was booked under several sections of the Unlawful Activities (Prevention) Act (UAPA) and the Indian Penal Code.
Rathod says that he is not the only one in his human rights activists circle who has complained of such calls. At least two other lawyers, both connected with the ongoing Bhima Koregaon trial and Gadling’s wife Minal Gadling have received similar calls.
One of them has confirmed having received a call and series of messages from CitizenLab informing her about a possible threat. She has, however, not received any email or message from WhatsApp.Going by the testimonies of several activists and lawyers, a clear pattern of an attack on the anti-caste activists across India has emerged.
Rupali Jadhav, a 33-year-old cultural and anti-caste activist from Pune shared screenshots of messages that she had received from both WhatsApp and Citizen Lab two days ago. Jadhav however says she had not received any WhatsApp call from an “unknown number” or had seen any suspicious activity on the application. Jadhav, who has been associated with an anti-caste cultural group Kabir Kala Manch (KKM) for over a decade has been handling the social media handles of several social movements in the state. She says that may have been one of the primary reasons why her profile has got compromised.
“I am the official administrator of the WhatsApp and Facebook pages of Kabir Kala Manch, Bhima Koregaon Shaurya Din Prerana Abhiyan, Elgaar Parishad, and the political party Vanchit Bahujan Aghadi. These spaces have been actively involved in confronting the state and have been asking uneasy questions. This is more to do with the organizations than me particularly,” Jadhav says.Most persons associated with the KKM has had cases of UAPA registered against them and have been released on bail bond after having been incarcerated for several years.
Degree Prasad Chouhan, a Dalit rights activist and lawyer from Chhattisgarh’s Raigarh district confirmed to The Wire that he too has received a call and chain of messages from both the Citizen Lab and WhatsApp informing him about the spyware attack.Chouhan, a 37- year old, first-generation learner, and a school teacher- turned-activist belonging to a Dalit community has been at the forefront fighting caste atrocity and land-grab cases in Raigarh district. In his over 15 years of public life, Chouhan has focused his work on forceful displacement and indigenous communities’ land rights.
Chouhan, talking to The Wire said, although he was concerned that his phone was compromised, he was not surprised at all. “Since Una uprising, the Dalit rights movement in the country has been growing. Most of us have been involved in several anti-caste and land rights movement and we have been running both social and political movements on a large scale. The state is clearly feeling threatened,” Chouhan claimed. He also pointed at Prime Minister Narendra Modi’s recent visit to Israel and the nature of this attack. “As far as I know, no PM has made such a visit to Israel. These attacks have a much deeper link. It needs to be probed,” he alleged.Human rights lawyer Bela Bhatia also confirmed to The Wire that she had recieved the same message that Rathod got from Citizen Lab, with their researchers claiming that the Indian government was behind the surveillance.
“We fixed a time and I had a long chat with the researcher about Pegasus. He explained the spyware to me and said that WhatsApp had reached out to Citizen Lab a few months back and gave them a list of people who were affected. He said that most of those targeted were human rights activists and human rights lawyers. While explaining everything to me, he said it very clearly that their studies and analysis made it very clear that it was our own government that has done it,” she said.
“He mentioned this very clearly. As far as the nature of the spying is concerned, he said that it’s like carrying a spy in your pocket. Even in the room where you are sitting, they can know exactly what’s happening in the room through this. He said that it can access my camera and microphone without me knowing. He offered me some safeguards like changing my phone. He has been calling me from time to time and offering similar advice. He told me WhatsApp would contact me two weeks later. WhatsApp did contact me three weeks after that call with the same message everyone else got.”Other people reportedly affected include Professor Anand Teltumbde and human rights lawyer Shalini Gera.
According to the Indian Express report, at least two dozen academics, lawyers, Dalit activists and journalists in India were contacted and alerted by WhatsApp that their phones had been under state-of-the-art surveillance for a two-week period until May 2019.Rathod, however, says that he had been receiving these calls much before – and after – this two-week window period as mentioned by WhatsApp.
The Nagpur-based lawyer also adds that he looks at the attack on his profile as a serious attempt to victimise and possibly target more human rights lawyers. “My WhatsApp profile was not chosen randomly but by design. We are a handful of human rights lawyers who are confronting the current dispensation and are in the process of exposing the different strategies used to arrest human rights activists in the country.”
“I have reason to believe that the Bhima Koregaon case is based on the letters which were planted through this route or some other route by government agencies itself. The ridiculous contents of those letters make it more apparent,” he told The Wire.Expressing concern over the development, Amnesty International India, in a statement, said, “This is a grave violation of the activists’ fundamental right to privacy enshrined in both national and international law.”
The human rights organisation has sought the NSO group’s license to be revoked. “On November 7, the Tel Aviv’s District Court is due to hear a legal case arguing that Israel’s Ministry of Defence (MoD) should revoke NSO Groups export license. The company’s Pegasus software has been used to target journalists and activists across the globe – including in Morocco, Saudi Arabia, Mexico and the United Arab Emirates. An Amnesty International staff member was also targeted using NSO malware,” the statement read
Responding to the threat faced by activists and journalist globally, Danna Ingleton, deputy director of Amnesty Tech said, “NSO says its spyware is solely intended to ‘prevent crime and terrorism’, but instead the firm’s invasive surveillance tools are being used to commit human rights abuses. The safest way to stop NSO’s spyware products reaching governments who plan to misuse them is to revoke the company’s export license.”Amnesty International has announced its legal support in the case in Tel Aviv District Court to force the Israeli Ministry of Defence to stop NSO’s spyware products.