Sun. Jun 26th, 2022

EN E-000713/2022

Answer given by Mr Breton on behalf of the European Commission

While surveillance technologies, used ethically and in accordance with law, can be effective law enforcement tools, the EU is deeply concerned about the risk that spyware, including NSO software, may be misused against human rights defenders, journalists and politicians, also in the EU. The EU takes the reports on the misuse of spyware very seriously and is analysing, inter alia, the European Data Protection Supervisor’s ‘Preliminary Remarks on Modern Spyware’.

On the blacklisting of the NSO Group, the Commission observes that there are no equivalent provisions under EU export control regulation. The Commission has raised the issue with the export control authorities of the Member States and with Israel, with a view to mitigating the risks associated with trade in these sensitive products.

The EU has instruments on unlawful surveillance and data privacy, as well as illegal system access and illegal interception and the use of tools to commit those offences, e.g. the General Data Protection Regulation /1 Law Enforcement Directive /2 , ePrivacy Directive /3 and the Directive on Attacks against information systems /4 . The monitoring and enforcement of the EU data protection and privacy rules fall primarily under the competence of national authorities and the courts.

The Commission is currently working on a proposal for a European Cyber Resilience Act, which would mainly focus on setting out horizontal cybersecurity requirements for digital products and ancillary services.





Answer to a written question – Pegasus’ continued interference in European democracy and challenge to human rights – E-000713/2022(ASW)

Further EU Commission answers on Pegasus ->