US Judge Finds Israel’s NSO Group Liable for Hacking in WhatsApp Lawsuit
A U.S. judge has ruled in favor of Meta Platforms’ WhatsApp in a lawsuit against Israel’s NSO Group, finding the company liable for exploiting a vulnerability in WhatsApp’s messaging app to install spyware, enabling unauthorized surveillance. U.S. District Judge Phyllis Hamilton of Oakland, California, granted WhatsApp’s motion and found NSO liable for hacking and breach of contract. The case will now proceed to trial, but only to determine the amount of damages.
WhatsApp’s head, Will Cathcart, hailed the ruling as a victory for privacy, stating that spyware companies could no longer hide behind immunity or avoid accountability for unlawful actions. A spokesperson for WhatsApp expressed their gratitude for the decision, reaffirming the company’s commitment to protecting users’ private communications.
Cybersecurity experts, including John Scott-Railton from Citizen Lab, welcomed the ruling as a landmark decision with significant consequences for the spyware industry. He noted that the ruling clarifies that NSO Group is responsible for violating numerous laws, as the company could no longer evade accountability for its actions.
WhatsApp sued NSO in 2019, accusing it of using a vulnerability to access WhatsApp’s servers and install Pegasus spyware on users’ devices. The lawsuit claimed the intrusion enabled the surveillance of 1,400 individuals, including journalists, human rights activists, and dissidents. NSO had defended itself by arguing that its technology was intended to help law enforcement and intelligence agencies combat crime and terrorism.
Despite this defense, NSO failed in its attempt to secure “conduct-based immunity,” which protects foreign officials acting in their official capacity. The 9th U.S. Circuit Court of Appeals upheld the decision in 2021, and the U.S. Supreme Court declined to hear NSO’s appeal, allowing the lawsuit to move forward.