As per a forensic analysis of activist Rona Wilson’s phone done by Amnesty International, Wilson’s phone was infected with the Pegasus spyware three months before he was arrested under the Unlawful Activities (Prevention) Act (UAPA) in June 2018, for his alleged role in the violence at the Bhima Koregaon memorial, The Guardian reported.
Pointing out that the Amnesty report "comes in the backdrop of a report by a firm called Arsenal Consulting, which has previously also provided reports of the existence of malware in the phones of the other Bhima Koregaon accused", Apar Gupta, lawyer and Executive Director of the Internet Freedom Foundation told The Quint that it is likely to have material consequence on the case.
"The implication which arises from this is that the evidence which has been gathered from digital devices, not only of Rona Wilson, but several of the Bhima Koregaon accused is questionable given that these devices were compromised with sophisticated spyware."Apar Gupta, lawyer and Executive Director of the Internet Freedom Foundation
Pegasus, a spyware product of Israeli cyberweapons company NSO Group, had made headlines earlier this year, when reports published by a consortium of news organisations in July revealed that the spyware was believed to have been used to snoop on at least 300 Indian phone numbers, including those of over 40 senior journalists, opposition leaders, government officials and human rights activists.
Amnesty International, which was a part of the ‘Pegasus Project’ investigation, found evidence after forensic analysis that Wilson's phone was infected with Pegasus, between July 2017 and March 2018.
This Amnesty report comes days after lawyer-activist Sudha Bharadwaj was granted default bail in the Bhima Koregaon case, while 13 activists and academicians are still in jail.
'Amnesty Report Likely to Have Material Consequence on The Case': Expert
On being asked what kind of an impact do revelations like this Amnesty report have on ongoing cases, Apar Gupta told The Quint:
"Presence of any kind of factors which introduce a level of doubt into the existence, or the quality of digital evidence, will in fact have a material consequence on the case if that digital evidence is the very basis of the prosecution. And from what it appears, as per press reports, at least with respect to the Bhima Koregaon case, digital evidence plays a very significant role in the accusations which have been made for the prosecution of the accused."
"So yes, it will have an impact in which the quality of the evidence itself will come into question," Gupta said, further explaining:
"Then depending on these reports and the forensic examination, further witness examination will take place."
Further, as per Gupta, depending on the legal arguments that are placed either by the prosecution or the defence, the admissibility of digital evidence is evaluated — "the report is ruled to be either inadmissible, admissible but cannot be relied upon, or taken to be accepted".
The Arsenal Consulting Report & What Came After
Earlier as well, a report by Arsenal Consulting – a Massachusetts-based digital forensics firm – had found that key evidence against activists and intellectuals arrested in the Bhima Koregaon case was planted using a malware on a laptop seized by the police.
Following Arsenal Consulting’s report, Wilson had moved the Bombay High Court seeking the formation of a Special Investigation Team (SIT) to inquire into the alleged planting of fabricated documents on his computer over a course of about 22 months.
However, Jaya Roy, a spokesperson of the National Investigation Agency (NIA), which is probing the case, had told The Washington Post that the analysis by a government forensic laboratory did not indicate any compromise and stated that the NIA cannot revisit “any evidence based on a private lab’s report.”
Once a phone is infected with Pegasus, the attackers have total access, ability to intercept phone calls, read text messages, and infiltrate encrypted apps. What's more, the spyware can also turn a mobile into a listening device.
‘Targeted With 15 SMS Messages Containing Pegasus Attack Links’: Amnesty
According to Etienne Maynier, who is a technologist at Amnesty International’s Security Lab, their analysis has confirmed Arsenal’s findings that Wilson’s phone was compromised by Pegasus in July 2017, and again in February and March 2018.
During this time, Amnesty found that Wilson’s phone was targeted with 15 SMS messages containing Pegasus attack links. Clicking on any one of these could also have compromised the phone.
Maynier added, "This case adds to the evidences revealed during the Pegasus Project about unlawful surveillance against human rights defenders in India using NSO Group’s products," The Guardian reported.
Meanwhile, while the Indian government has neither confirmed nor denied that it is a customer of NSO, the NSO Group has repeatedly said that it only sells its products to government entities.
In October, the Supreme Court had ordered the setting up of an expert committee overseen by a retired Supreme Court judge to examine the use of Pegasus spyware against Indian citizens, including whether the right to privacy has been violated.
(With inputs from The Guardian.)