Tech

The Washington Post’s New Columnist Consults for Spyware Firm That Helps Saudi Arabia Surveil Journalists

The new Washington Post columnist consults for NSO Group, which is currently being sued for helping Saudi Arabia surveil Washington Post columnist Jamal Khashoggi, who was murdered.
GettyImages-460492708
Image: MOHAMMED AL-SHAIKH/AFP/Getty Images

Just over a year ago, Washington Post columnist Jamal Khashoggi walked into a Saudi Arabian consulate in Turkey. He never walked out. He was murdered and dismembered; American intelligence agencies believe the Saudi royal family ordered the assassination.

Monday, the Washington Post announced that it hired Juliette Kayyem, a columnist who is a senior advisor to NSO Group, a spyware company suspected of helping the Saudi government spy on Khashoggi.

Advertisement

NSO Group is an Israeli spyware company that sells malware known as “Pegasus” that has been used to surveil journalists and human rights activists for authoritarian regimes around the world.

According to an email from The Washington Post, Kayyem recently helped NSO Group create its recently-released "Human Rights Policy," an attempt to launder its image as a company that helps authoritarian governments spy on civil rights leaders and journalists.

The Human Rights Policy she worked on was slammed in a letter to the company just four days ago by David Kaye, the United Nations Human Rights Special Rapporteur on the promotion and protection of the right to freedom of opinion and expression.

“The Human Rights Policy raises many questions about how NSO Group plans to prevent or mitigate human rights abuses committed with the technology it makes available to governments worldwide,” Kaye wrote.

NSO Group’s spyware has been used by Saudi Arabia to surveil Saudi dissident and Khashoggi friend Omar Abdulaziz, according to a detailed study by Canada’s Citizen Lab, which has become the world’s most important NSO watchdog. Abdulaziz told the Committee to Protect Journalists that while he was being surveilled, he and Khashoggi had exchanged negative text messages about the Saudi government. In December, Abdulaziz sued NSO Group, alleging that it was illegally used to spy on him and Khashoggi.

NSO Group, for its part, has denied any involvement in surveilling Khashoggi, but time and time again, Citizen Lab, Amnesty International, Motherboard, and other groups have shown that NSO Group has been tied to authoritarian governments spying on journalists and activists.

Advertisement

“The NSO Group’s Pegasus technology has been used by governments to track civil society, journalists, political dissidents, and others across the world,” the UN's Kaye said in the letter, which specifically noted the allegations that Pegasus was used to target Khashoggi. “How will NSO Group confirm that its clients are complying with human rights law?”

The Washington Post's decision to hire Kayyem, who will "help make sense of how the U.S. approaches its most challenging national security issues," is deeply weird, considering that Washington Post editors have previously said that Saudi surveillance has gotten people killed.

“People are losing their lives over [surveillance] … that’s how you try to go after ideas—it’s through surveillance,” Karen Attiah, Khashoggi's editor at The Washington Post told the Committee to Protect Journalists.

1571767625145-Screen-Shot-2019-10-22-at-12331-PM

Image: NSO Group

Kayyem’s specific role at NSO Group isn’t listed on its website, and Kayyem, who is also faculty chair of Harvard University’s Kennedy School of Government and a former Assistant Secretary of Homeland Security under President Obama, did not respond to a request for comment.

An NSO Group spokesperson told Motherboard in a statement, "NSO has sought the guidance and expertise of Juliette Kayyem as a senior advisor to help the company enhance its policies and guidelines that would balance the vital needs of governments to counter terrorism and crime while protecting other fundamental human rights, such as freedom of expression. With Juliette’s counsel, we established new human rights governance, whistleblower and transparency standards – and became the first company in the cyber technology sector to align its governance with the UN Guiding Principles on Business and Human Rights."

Advertisement

Post editorial page editor Fred Hiatt told Motherboard that Kayyem “was contacted to assist the company solely to establish and implement a governance framework to ensure the company was in alignment with UN Guiding Principles on Business and Human Rights (these principles are voluntary and NSO is the first company in the security and cyber arena to do so).”

“She helped establish, besides the principles, procedures around internal and external whistleblower protections, and transparency to ensure the company had such policies and procedures in place given the nature of their business,” he added. “She has no involvement with day-to-day management of the company. Her work is limited to providing guidance on the compliance principles.”

The problem here is that NSO’s “Human Rights Policy” is exactly what caused the United Nations to write its letter to NSO. The letter is, quite literally, a “non-exhaustive assessment of a number of areas where the policies may undermine the overall object and purpose of the UN Guiding Principles and the broader corpus of human rights law.”

In its policy, NSO Group says “we license our products only to vetted and legitimate government agencies for the sole and exclusive use in preventing and investigating serious crime, including terrorism […] we are fully aware that if a customer misuses one of our products it could lead to the harm of the human rights of an individual.”

Advertisement

The UN notes that NSO Group’s new policies “neither references the legacy of harm perpetuated as a result of NSO Group’s failure to ensure that its technology is used responsibly nor articulates why its new policy will necessarily lead to improved outcomes for victims of surveillance harassment.”

There’s also a complete lack of transparency as to how the policies were developed, how they will be enforced, and whether they will be followed at all. NSO Group has always said that what it’s doing is legal, but Citizen Lab has uncovered 30 cases where NSO spyware has been used against human rights activists and journalists all over the world.

This is all to say that it is a bizarre decision for the Washington Post to hire a columnist who advises for a company that has helped authoritarian governments surveil journalists, a year after its own journalist was killed by an authoritarian government that used software made by that same company.

Update: This piece has been updated to include a statement from NSO Group.

Joseph Cox contributed reporting.