Responding to the reports of Apple sending a new round of threat notifications globally, including to Indian opposition leaders and journalists, noting that their iPhones may have been targeted by “state-sponsored attackers”, Likhita Banerji, Amnesty International’s Researcher and Advisor on technology and human rights, said:
“This latest round of Apple threat notifications confirm that the abuse of highly invasive spyware by state-actors around the world continues unabated, targeting human rights defenders, journalists, and politicians. Despite repeated scandals and revelations, a shameful lack of accountability and transparency has contributed to an atmosphere of impunity, leading to what appears to be yet another surveillance scandal.
Apple threat notifications confirm that the abuse of highly invasive spyware by state-actors around the world continues unabatedLikhita Banerji, Amnesty International’s Researcher and Advisor on technology and human rights
“In India, civil society organizations, journalists, and activists have previously faced unchecked and unlawful surveillance. Spyware technology has been used to clamp down on human rights and stifle freedom of assembly and expression. In this atmosphere, the multiple reports of prominent journalists and opposition leaders receiving the Apple notifications are particularly concerning in the months leading up to state and national general elections. Unlawful surveillance cannot be allowed to continue.
“Amnesty International reiterates its call that all governments must immediately ban the use of highly invasive spyware which cannot be independently audited or limited in its functionality. The Apple security notifications need to be promptly and impartially investigated by relevant independent authorities. The abuse of spyware technology must come to an end.”
On 31 October 2023, threat notifications were sent by Apple to at-risk individuals around the world in multiple countries, including in India, warning that their Apple devices and accounts were targeted by “state-sponsored attackers”. Apple has sent multiple rounds of such threat notifications since November 2021. In previous instances, subsequent forensic investigations have confirmed that many individuals notified by Apple have indeed been targeted and infected by spyware such as Pegasus.
In 2020, Amnesty International and Citizen Lab revealed how human rights defenders were targeted in a coordinated malware operation using commercial off-the-shelf malware.
In 2021, as part of the Pegasus project Amnesty International revealed how civil society and journalists in India were targeted and infected using NSO Group’s Pegasus spyware. Following the revelations in the Pegasus Project , the Supreme Court of India set up a technical committee to investigate abuses involving the software.
In 2022, the committee concluded their investigation, but the court has not made the findings of the report public. The court further noted that the Indian authorities “did not cooperate” with the technical committee’s investigations.
Amnesty International’s Security Lab will continue to monitor and provide support to civil society around the world who have received these latest security notifications from Apple. If you are a human rights defender, activist or journalist who has received such an alert, contact us for digital forensics support.