Spain Spy Chief Admits Legally Hacking Some Phones

A senior Catalan separatist lawmaker claimed on Thursday that Spain’s top intelligence officer admitted that her agency had hacked into the smartphones of “several” of the dozens of politicians allegedly targeted by spyware, but that it had done so with valid court authorization.

Gabriel Rufián, a member of a pro-independence Catalan party, said after a closed-door meeting with the director of Spain’s National Intelligence Center, CNI, and a small group of Spanish legislators.

According to a recent investigation by Citizen Lab, a Canadian-based digital rights organization, scores of pro-independence advocates in Spain’s northeastern Catalonia region were spied on using the controversial Pegasus spyware.

When questioned by The Associated Press about the meeting with CNI head Paz Esteban, Spain’s Defense Ministry refused to comment because the meeting’s contents are classified. However, leading Spanish media stated that the director had presented committee members court authorizations for hacking some Catalan separatists’ telephones.

“They (the CNI) admit to surveillance, but claim that it was done on a much smaller scale than Citizen Lab claims,” Rufián stated.

The rest of the over 60 politicians, attorneys, and activists named by Citizen Lab as hacking targets, Rufián claimed, “point(ed) to two possibilities: one, that it was a foreign government; or two, state agents eavesdropping beyond their legal limitations.”

The highly anticipated conference took place in Madrid at the Spanish Parliament building.

Catalan separatists, who want to carve out an independent state in northeastern Spain around Barcelona, had accused the CNI directly of being behind the hacking that were revealed two weeks ago when the Citizen Lab report was released.

The Spanish government has stated numerous times that the CNI cannot tap phones without prior judicial approval. Meanwhile, the government claims that the confidentiality rule that protects all CNI activities forbids the agency from verifying whether it has Pegasus, the spyware sold by Israeli firm NSO Group.

While members from Prime Minister Pedro Sánchez’s Socialist Party and the opposition Popular Party said they were satisfied with Esteban’s explanations after the meeting on Thursday, Rufián was not alone in urging more action.

“We demand that the information we received today be declassified and made public since it affects fundamental rights,” said Albert Botran, one of the legislators allegedly spied on by Citizen Lab.

The Spanish government has stated that the Citizen Lab study will be investigated by both CNI and the country’s ombudsman.

Amnesty International, which has condemned the use of the Pegasus malware in a number of nations, called on Spain to be more transparent on Thursday.

“This committee, known for its secrecy and obscurantism, cannot be deemed the suitable venue to investigate suspected human rights violations,” said Esteban Beltrán, Amnesty International’s Spain director.

In addition to the Catalan hacking issue, another example of Pegasus hacking has put Spain’s intelligence service in the limelight. Spain disclosed earlier this week that both Prime Minister Sánchez and Defense Minister Margarita Robles’ telephones were infected with Pegasus malware last year.

Although Spain has refused to point a finger at Morocco, the dates the phones of Sánchez and Robles were hacked last year match up with a diplomatic crisis between the two countries.
Amid the back-to-back scandals, plans for a public ceremony to observe CNI’s 20th anniversary were postponed.

Robles has encouraged the Catalans to take their hacking case to court, just like the Spanish government has, to determine who is responsible.

“Only the judiciary can determine who is responsible,” Robles said Thursday. “We can only take our cases to court, and in the meantime refrain from accusations.”

Robles has appeared to justify the crackdown on the Catalan separatists for their role in Catalonia’s illegal secession bid in 2017 and the mostly peaceful pro-secession street protests organized via a secretive social media platform. The events sometimes spiraled out of control and led to clashes with police, the blocking of roads and train lines, and the closure of Barcelona’s airport in 2019.

The CNI, which oversees Spain’s cybersecurity, only discovered that Sánchez’s and Robles’ phones had been hacked after the devices underwent deep scans following the revelations of the breaches into the phones of the Catalans. Previous checks found no evidence of the hacks in May and June 2021, the government has been forced to admit.

The hacking scandals, coming in quick succession, have left many Spaniard’s wondering how widespread the spying is, and which actor, or actors, are behind it. Some Catalan separatists accuse Spain of using the revelation of the hacking of top officials to detract attention from their cases.

“Being a victim does not preclude you from being a perpetrator when it comes to Pegasus,” John-Scott Railton, senior researcher at Citizen Lab, told The AP on Thursday. “NSO’s objective is to proliferate this spyware, not to protect the security of countries.”

“This will not be solved quietly. This will not be solved with partial truths,” Railton said. “There has been some partial confirmation here, and the only road forward here is more transparency.”

The European Parliament opened an investigation into Pegasus’ use in the European Union, initially intended to focus on Hungary and Poland. The list of Catalans allegedly hacked also includes European Parliament members.

Digital break-ins of phones with Pegasus have been reported and denounced in several countries. French President Emmanuel Macron was included on a list of heads of state that Amnesty International suspected were targeted last year