The Pegasus scandal will potentially undermine businesses environment in India and could drive up India-Pakistan tensions

In India, over 140 individuals including leading journalists, lawyers, government ministers, and opposition party members have appeared on the Pegasus list. Some of these individuals include opposition Congress Party head Rahul Gandhi and Ashok Lavasa, the former election commissioner of India who had accused Prime Minister Narendra Modi of violating the model code of conduct before the 2019 general election. In the wake of this discovery, opposition party members have accused Modi of “treason”, alleging that his government purchased and used the Pegasus spyware against opposition members, and have demanded the resignation of Home Minister Amit Shah. The Supreme Court has begun hearing petitions that demand the government initiate a probe into the scandal from 4 August, although it is unlikely the Modi government will face significant repercussions.

The Pegasus scandal, coupled with ongoing farmers' demonstrations and civil unrest related to the Covid-19 pandemic, does hold the potential to instigate wider unrest across India. More specifically, growing public discontent with the Modi government's ongoing crackdown on dissident voices may compound new revelations that the government has subjected political opposition members to surveillance. An increasing number of students, comedians and activists have been arrested under anti-national and terrorism laws since the Modi government came to power in 2014, with the recent death in custody of activist Stan Swamy sparking protests in several cities. Additionally, the Modi government has been criticised by civil liberties groups internationally for tightening its internet regulatory laws in a perceived attempt to curtail independent media. Most recently, Delhi demanded earlier this year that social media platforms Facebook and Twitter take down hundreds of posts, divulge sensitive user information and submit to a regulatory regime and threatened the firms' executives with potential jail terms in the case of noncompliance.

The Pegasus scandal, therefore, further highlights operational risks posed to firms – particularly those unaligned ideologically or politically with the Modi government – operating in India, with little clear recourse available to individuals or entities targeted by government-sponsored surveillance. Whilst interruptions to business operations due to public protests remains a potentiality, firms operating in India will have to assess the risk that their operations may be subject to state-sponsored surveillance. While it is unlikely this scandal will result in any immediate government instability, it will likely be an important issue over the coming years as India heads into its next general election in 2024.

Elsewhere, in Pakistan, Prime Minister Imran Khan has been named as an alleged target of the Pegasus spyware, and it is currently understood other Pakistani government officials are also present on the Pegasus list. Pakistani authorities have said that they will investigate if the alleged surveillance attempts originated from India, terming these attempts “cyber attacks”.  If the allegations of the Pakistani government turn out to be merited, India-Pakistan bilateral relations will be negatively impacted, heightening the risk of cross-border shelling or drone attacks along the highly militarised India-Pakistan border in coming months. While Pakistan has so far opted to call on the United Nations to “thoroughly investigate the matter, bring the facts to light, and hold the Indian perpetrators to account”, there will, nevertheless, remain a latent threat of Islamabad launching some form of retaliation – cyber or otherwise – if the UN-led investigation does not produce a result that is considered satisfactory to the Pakistani government.

Fears over phone surveillance allegations spark investigations in France and Hungary, but little recourse available for affected individuals in Eurasia

In Eurasia, it is understood that the number of individuals affected by the Pegasus scandal may number in the hundreds, with journalists, activists and opposition politicians in Azerbaijan and oligarchs and governmental officials in Kazakhstan confirmed at present to have been subjected to surveillance. Several affected individuals have claimed that government security agencies were behind the alleged spying efforts. US-based NGO Freedom House has suggested that some of the 'most powerful' oligarchs in Kazakhstan, including high-profile opposition members living in exile, were likely targeted by Kazakh security agencies at the behest of President Nursultan Nazarbayev. However, while these revelations are likely to increase opposition activity in both Azerbaijan and Kazakhstan against the government, it is unlikely that the Pegasus scandal will have a meaningful impact on human rights norms and media freedoms in the region, with few real remedies available to groups or individuals affected by alleged spying.

In Europe, the advent of the Pegasus surveillance scandal has most visibly been seen in allegations made that Pegasus spyware was used to monitor French President Emmanuel Macron, as well as at least 15 current and former members of the French government. Moreover, an unspecified number of French journalists and politicians are also believed to have been monitored from 2019. French national newspaper Le Monde found that a Moroccan intelligence agency had registered President Macron's phone alongside those of other French governmental staff on a 'watch list' for potential spyware targeting in 2019. Although an NSO official has stated to Israeli news that the French president was never a direct target, the revelations have heightened the French government and security services' scrutiny of France's cyber capabilities.

Further afield, this incident has also instigated an investigation into the allegations that Moroccan intelligence services could have spied on French politicians, governmental ministers and journalists. The French media firms targeted are believed to include major outlets including Agence France-Presse, France 24, Mediapart and Le Monde. As a result, regional tensions with Morocco are expected to increase in the coming weeks as the investigations continue, with serious questions raised over the extent to which NSO Group was aware of the targets and methodology employed by the clients to whom it sold the spyware.

Elsewhere in Europe, according to a joint international investigation coordinated by the French non-profit organisation Forbidden Stories, a wide range of individuals in Hungary in particular were targeted with the Pegasus spyware. According to leaked documents containing over 300 Hungarian telephone numbers, potential targets of the spyware include Zoltan Varga, a wealthy investor and owner of the Central Media Group operating one of the last remaining independent outlets in Hungary; at least 10 lawyers; an economist; a former state secretary of the Orbán government who was in charge of the Paks II nuclear plant expansion project awarded to Russia; a Canadian-Belgian PhD student at the expelled Central European University; and a regional mayor in longstanding opposition to the Orbán government.

The Pegasus revelations not only raise concerns about human rights and lax legislative frameworks for surveillance in Hungary but also point to potential future operational risks for international or domestic businesses that might be perceived as ideologically opposed to the Hungarian government. While the findings of the Forbidden Stories investigation indicate that Hungarian surveillance through Pegasus was mostly domestic in scope, potential surveillance of foreign businessmen and lawyers could pose significant security risks to international business stakeholders, including foreign nationals, operating in Hungary. Moreover, this could potentially increase the risk of regional tensions between Hungary and the European Union, and could negatively impact Hungary’s foreign relations with countries that are considered to have good working relations with the Orbán government, including Germany and Israel.

Spying allegations escalate Morocco’s tensions with the EU and will reflect negatively on recent Israel relations

In addition to accusations of bugging the phones of French President Macron, the Moroccan government has also been accused of monitoring thousands of individuals based in Algeria through the Pegasus spyware. The revelation that Morocco’s security services used Israeli Pegasus spyware only months after signing a partial normalisation agreement with Israel could shine a negative light on the agreement and therefore Israeli efforts to sign further such accords with other Arab states. Notably, there has been some speculation that the governments of Morocco, Bahrain and the UAE, the three Arab states to have normalised ties with Israel, would seek to boost defence and technology cooperation with Israel as a priority given Israel’s expertise and well-developed sectors. Nonetheless, the sharing of such technology raises reputational and security concerns not only for Israel but also for governments of the likes of the UAE and Morocco who may use such technology against own populations, especially considering the elevated risk of unrest in Morocco and Bahrain. Morocco in particular has become increasingly intolerant of dissent in recent years amidst challenges including high youth unemployment and bouts of socio-economically driven unrest, such as teachers protests. Morocco is known for targeting journalists and activists, frequently reporting their arrests.

In a similar vein, the recent disclosure will raise concerns for businesses and entities that could be perceived as targets for a government, such as Morocco’s, which is increasingly hostile to opposition and criticism, particularly over its claim to sovereignty over Western Sahara. This is currently a highly sensitive issue for Rabat which has already flared tensions with European partners such as Spain and Germany. Notably, a recent spat resulted in Morocco allowing thousands of migrants to enter the Spanish enclave of Ceuta in May in response to Spain’s hosting of the leader of Western Sahara’s pro-independence Polisario Front.

As a result, the allegations against the Moroccan government are the latest episode of escalating tensions between Morocco and another European partner. France is a key ally of Morocco, with close business ties and cooperation in the fight against Islamist terrorism. This development, therefore, underscores Rabat’s current anxieties as it seeks to consolidate its claim over Western Sahara, risking good relations with some of its closest partners. The alleged targeting of French officials crucially comes ahead of a European Court of Justice ruling, likely in September, on the EU-Moroccan Association Agreement’s application to disputed Western Sahara. Rabat will therefore seek to maintain pressure on European actors in the coming weeks.