Israeli spy firm NSO Group ordered to pay WhatsApp a staggering $168 million after secretly hacking phones of journalists, activists, and world leaders through their messaging service.
Key Takeaways
- A California federal jury has ordered NSO Group to pay $168 million to WhatsApp for violating anti-hacking laws
- NSO’s Pegasus spyware exploited a “zero-click” vulnerability that compromised approximately 1,400 devices without requiring any user action
- The spyware can secretly activate smartphone cameras and microphones while accessing all information from installed apps
- NSO claims their technology is used by government agencies to fight terrorism and serious crime
- Meta (WhatsApp’s parent company) plans to donate any collected damages to organizations fighting against spyware threats
The Verdict: A Major Win for Digital Privacy
In a landmark decision after a six-year legal battle, a federal jury in California ordered Israeli spyware firm NSO Group to pay approximately $168 million in damages to WhatsApp. The jury determined NSO violated U.S. anti-hacking laws by deploying its Pegasus spyware against the messaging platform’s users. The award includes $444,719 in compensatory damages and $167.3 million in punitive damages, delivering a substantial financial blow to the surveillance company. Before the jury’s decision, Judge Phyllis Hamilton had already ruled that NSO Group violated both anti-hacking laws and WhatsApp’s terms of service.
“Today’s verdict in WhatsApp’s case is an important step forward for privacy and security as the first victory against the development and use of illegal spyware that threatens the safety and privacy of everyone. Today, the jury’s decision to force NSO, a notorious foreign spyware merchant, to pay damages is a critical deterrent to this malicious industry against their illegal acts aimed at American companies and the privacy and security of the people we serve,” said Meta.
Dangerous Surveillance Capabilities Exposed
The trial pulled back the curtain on NSO’s secretive operations, revealing how the surveillance-for-hire system functions. NSO’s Pegasus spyware exploited a “zero-click” vulnerability that affected approximately 1,400 WhatsApp users globally. This sophisticated technology could compromise devices without requiring any action from the target, making it virtually undetectable. Evidence presented during the trial showed NSO spent millions developing methods to install spyware through various technologies, creating a powerful surveillance tool that governments were willing to pay handsomely for.
“This trial put spyware executives on the stand and exposed exactly how their surveillance-for-hire system – shrouded in so much secrecy–operates,” said Meta.
Once installed, Pegasus allows operators to covertly access all information from apps and remotely activate smartphone cameras or microphones. The spyware has allegedly been used against journalists, human rights defenders, and political figures. The technology was reportedly used in 2016 against Emirati rights activist Ahmed Mansoor by UAE authorities, and evidence suggests it has been deployed in numerous countries with questionable human rights records. The case detailed how attackers reverse-engineered WhatsApp to transmit malicious code to targeted devices.
NSO’s Defense and Future Implications
NSO Group, founded in 2010 by Shalev Hulio and Omri Lavie, has consistently defended its technology as vital for national security. The company maintains that its products are exclusively sold to vetted government agencies for legitimate law enforcement purposes. Despite these claims, the jury’s decision represents a significant blow to the commercial spyware industry and establishes a precedent for holding surveillance technology vendors accountable for privacy violations.
“We firmly believe that our technology plays a critical role in preventing serious crime and terrorism and is deployed responsibly by authorized government agencies. This perspective, validated by extensive real-world evidence and numerous security operations that have saved many lives, including American lives, was excluded from the jury’s consideration in this case,” said Gil Lanier, NSO vice president for global communication
NSO has announced plans to appeal the verdict, claiming the jury wasn’t allowed to consider evidence about legitimate uses of their technology by government agencies. “We will carefully examine the verdict’s details and pursue appropriate legal remedies, including further proceedings and an appeal,” stated Gil Lainer, NSO’s vice president for global communication. Meanwhile, Meta has declared its intention to donate any damages collected from NSO to organizations dedicated to defending against spyware threats, reinforcing their stated commitment to cybersecurity.
A Significant Precedent for Tech Privacy
This verdict represents a critical moment in the ongoing debate about surveillance technology, individual privacy rights, and the responsibilities of technology companies. Legal experts view this decision as establishing important precedent for holding spyware vendors accountable. The case highlights the growing tension between national security interests and digital privacy rights, placing new scrutiny on the largely unregulated commercial spyware industry that has operated in the shadows for years.
For conservative Americans concerned about government overreach and privacy rights, this case raises important questions about the balance between security and liberty. While tools like Pegasus may have legitimate uses in tracking terrorists and criminals, the potential for abuse against journalists, political opponents, and everyday citizens represents a serious threat to constitutional freedoms. The verdict stands as a reminder that even in the digital age, Americans must remain vigilant against technologies that could undermine their fundamental right to privacy.
