Rona Wilson's Phone Had Pegasus: Amnesty; Expert Explains What it Means for Case

As per a forensic analysis of activist Rona Wilson’s phone done by Amnesty International, Wilson’s phone was infected with the Pegasus spyware three months before he was arrested under the Unlawful Activities (Prevention) Act (UAPA) in June 2018, for his alleged role in the violence at the Bhima Koregaon memorial, The Guardian reported.

Pointing out that the Amnesty report "comes in the backdrop of a report by a firm called Arsenal Consulting, which has previously also provided reports of the existence of malware in the phones of the other Bhima Koregaon accused", Apar Gupta, lawyer and Executive Director of the Internet Freedom Foundation told The Quint that it is likely to have material consequence on the case.

Pegasus, a spyware product of Israeli cyberweapons company NSO Group, had made headlines earlier this year, when reports published by a consortium of news organisations in July revealed that the spyware was believed to have been used to snoop on at least 300 Indian phone numbers, including those of over 40 senior journalists, opposition leaders, government officials and human rights activists.

Amnesty International, which was a part of the ‘Pegasus Project’ investigation, found evidence after forensic analysis that Wilson's phone was infected with Pegasus, between July 2017 and March 2018.

This Amnesty report comes days after lawyer-activist Sudha Bharadwaj was granted default bail in the Bhima Koregaon case, while 13 activists and academicians are still in jail.

'Amnesty Report Likely to Have Material Consequence on The Case': Expert

On being asked what kind of an impact do revelations like this Amnesty report have on ongoing cases, Apar Gupta told The Quint:

"So yes, it will have an impact in which the quality of the evidence itself will come into question," Gupta said, further explaining:

"Then depending on these reports and the forensic examination, further witness examination will take place."

Further, as per Gupta, depending on the legal arguments that are placed either by the prosecution or the defence, the admissibility of digital evidence is evaluated — "the report is ruled to be either inadmissible, admissible but cannot be relied upon, or taken to be accepted".

The Arsenal Consulting Report & What Came After

Following Arsenal Consulting’s report, Wilson had moved the Bombay High Court seeking the formation of a Special Investigation Team (SIT) to inquire into the alleged planting of fabricated documents on his computer over a course of about 22 months.

However, Jaya Roy, a spokesperson of the National Investigation Agency (NIA), which is probing the case, had told The Washington Post that the analysis by a government forensic laboratory did not indicate any compromise and stated that the NIA cannot revisit “any evidence based on a private lab’s report.”

‘Targeted With 15 SMS Messages Containing Pegasus Attack Links’: Amnesty

According to Etienne Maynier, who is a technologist at Amnesty International’s Security Lab, their analysis has confirmed Arsenal’s findings that Wilson’s phone was compromised by Pegasus in July 2017, and again in February and March 2018.

Maynier added, "This case adds to the evidences revealed during the Pegasus Project about unlawful surveillance against human rights defenders in India using NSO Group’s products," The Guardian reported.

Meanwhile, while the Indian government has neither confirmed nor denied that it is a customer of NSO, the NSO Group has repeatedly said that it only sells its products to government entities.

In October, the Supreme Court had ordered the setting up of an expert committee overseen by a retired Supreme Court judge to examine the use of Pegasus spyware against Indian citizens, including whether the right to privacy has been violated.

(With inputs from The Guardian.)