The European People’s Party (EPP) and the European Conservatives and Reformists (ECR) group – which includes Giorgia Meloni’s Brothers of Italy far-right party – have blocked efforts to hear testimony from spyware victims, even as the number of confirmed cases continues to grow and spyware activity is detected in more European countries.
“Before the start of the meeting, some material was distributed — I believe by a colleague from the Greens — relating to the Paragon spyware case,” protested Italian MEP Alessandro Ciriani, of Giorgia Meloni’s Brothers of Italy party, during yesterday’s session of the European Parliament’s civil liberties committee (LIBE). “I don’t think it’s particularly appropriate.”
“I am the person responsible for handing out these flyers,” said irritatedly Hannah Neumann, a Green MEP from Germany. “These flyers show victims of the Paragon spyware scandal in Italy. For reasons that I don’t understand, they can’t be present onstage,” she added.
“If we brought pictures of [the victims] today, it’s because they are real. They exist, and they also need to testify the consequences for their lives to be have been spied on,” added Saskia Bricmont, a Green MEP from Belgium. “It’s a real disgrace this house.”
The European People’s Party (EPP) and the European Conservatives and Reformists group (ECR) have been blocking a testimony from spyware victims in the European Parliament’s civil liberties committee, confirmed Bricmont on Bluesky.
This move comes after it was revealed earlier this month that an Italian journalist—whose news organisation uncovered young fascists within Italian Prime Minister Giorgia Meloni’s far-right party—had been targeted with sophisticated “mercenary spyware,” according to a notification received from Apple.
Ciro Pellegrino is the sixth individual in Italy believed to have been targeted with spyware reportedly deployed by state actors, following his editor-in-chief, Francesco Cancellato and four other members of civil society and activists.
The others include Luca Casarini and Beppe Caccia, Italian co-founders of the NGO Mediterranea Saving Humans, who have been outspoken critics of Italy’s alleged complicity in the abuse of migrants in Libya; Father Mattia Ferrari, a chaplain aboard one of the NGO’s migrant rescue vessels and known for his close ties to late Pope Francis; and David Yambio, a human rights activist based in Italy.
Revelations by WhatsApp in January confirmed that the spyware used in Italy and elsewhere targeted at least 90 individuals, including journalists and activists, sparked a scandal that has shaken the Mediterranean country.
A report published in March by Citizen Lab, a human rights organisation that has investigated spyware abuses since 2012, found that Paragon Solutions – the Israeli company behind the Graphite spyware used to target Luca Casarini – appears to be active in more EU countries than was previously known, including Denmark and Cyprus.
“I counted at least 10 MEPs that have been targeted with spyware and I can tell you the number is larger, likely, much larger. We do not know the true number of member state officials that have been hacked either, only a fraction of those places is public,” said John Scott-Railton, a senior researcher at Citizen Lab during yesterday’s LIBE session.
“European governments are, of course, paying the price for this inaction in the erosion of their own national security, and making it worse, many of the official targets have never been notified and have no idea that they were targets,” he continued.
Helen Charles, Public Policy Director at WhatsApp, highlighted that the EU has yet to take any decisive regulatory action, despite consistently emphasising the importance of data privacy.
“This has allowed spyware companies to operate in a grey area with minimal safeguards – often insufficient to prevent human rights abuses, let alone comply with data protection law,” she said.
“We believe it is essential that EU data protection standards are enforced and that an appropriate lawful basis is required before companies can collect, store or transmit the data of EU citizens.”
She added that the EU should demand transparency regarding spyware clients – including requiring spyware firms to retain information about their customers, and to audit and provide logs of the targeting carried out through their products.
