The latest spying scandal among EU Member States has seen a political storm engulf the Greek government, which has been exposed as having targeted journalists and opposition politicians using Predator spyware.
The scandal has now blown over to Brussels, where on Thursday the European Parliament’s Pegasus Inquiry Committee (PEGA) heard testimonies from the people affected, with the case potentially having legal ramifications at the EU level.
EU Member States’ use of spyware to target critics and political opponents continues to threaten the rule of law and democratic standards across the bloc.
Thursday’s meeting of the PEGA committee, which was set up in the European Parliament to investigate the use of Pegasus and equivalent surveillance spyware, revealed the extent of the use of spyware by the Greek government to suppress critical journalists and opposition figures.
The Mitsotakis government has now acknowledged running surveillance operations on politicians and journalists, but insists on their legality, and categorically denies purchasing the commercial Predator spyware.
Spyware used against politicians
The scandal implicates the ruling right-wing government and the Greek intelligence services for having spied on the Member of the European Parliament, Nikos Androulakis, leader of the centre-left PASOK party.
After running a routine cybersecurity check at the EP in July, Androulakis was informed that he had been the victim of an unsuccessful wiretapping attempt through the use of Predator software, a spyware similar to the NSO’s Pegasus software.
Spyware can circumvent encryption of internet communication services and directly exfiltrate communication data processed by the target system. Predator, developed by Cytrox and based in North Macedonia, requires its targets to open a link in order to infiltrate their devices.
It was also revealed by the European Parliament IT services that Greece’s National Intelligence Service (EYP) had surveilled the Greek MEP from September 2021 until December 2021, after he was elected leader of PASOK. After the revelations, which saw the head of the EYP and Prime Minister Mitsotakis’ chief of staff resign, Mitsotakis tried to distance himself by blaming the intelligence services.
“Everything was done in accordance with the law; it was wrong. I didn’t know about it, and I would never allow it. The Greek intelligence services underestimated the political dimension of this action.” However, the fact that one of Mitsotakis’ first moves as PM was to bring the intelligence services under his control casts doubt on the veracity of these claims.
For reasons not immediately clear, Androulakis was not invited to the PEGA inquiry, but stated that "The monitoring of an MEP is illegal & unconstitutional. I will fight up to the end in revealing the truth and I will not allow any shadows in my life.”
Furthermore, the government has not yet explained why they tapped Androulakis, and he is not the only one to have been targeted by Greek authorities and the Predator software.
On Thursday, it was revealed that Christos Spirtzis, an opposition lawmaker from the leftist Syriza party, had also received the same text on his phone, and he informed prosecutors about his case on Friday. “Mr. Mitsotakis, did you listen to my conversations with Mr. Tsipras, the Syriza MPs and my family?” Spritzis commented outside the Supreme Court.
Freedom of the press?
Greek journalists Thanasis Koukakis and Stavros Malichudis were also targeted for investigating sensitive topics such as financial crime cases or migration. Both addressed the European Parliament inquiry in Brussels last week.
Koukakis, who has written revealing reports about Piraeus Bank, among other things, told the European Parliament’s PEGA committee that it had been their journalistic work that led to their targeting. Koukakis also noted that his surveillance would not have been properly scrutinised without the Pegasus Inquiry committee.
Malichudis was spied on for a report he was preparing about a 12-year-old Syrian child who was being held at a detention centre on the island of Kos, as well as the monitoring of lawyers active in refugee issues. Malichudis told the Pegasus inquiry that at the time of his surveillance he was setting up an international network of journalists covering refugee issues and that sensitive information about journalists in other countries may also have been revealed.
Brussels vs Athens?
According to Greek law, targets of state surveillance are always informed, but a recent amendment introduced an exemption when it “occurs exclusively on grounds of national security. Unless the Greek government believed the two opposition politicians were spies, this could escalate up to the European level, with further involvement of Brussels and the European courts.
Representatives of the Greek government told the inquiry that the strict statutory limitations on disclosing classified information were preventing them from making public comments which could “impact ongoing investigations and judicial independence.”
Belgian MEP Saskia Bricmont, from the European Greens, criticised the Greek authorities at the inquiry for “denying illegal spying allegations and putting press revelations into doubt.” Adding that the response by the Greek authorities was “largely insufficient if the objective of the Greek government is to be transparent.”
MEPs also called for greater transparency, particularly in the context of the various alleged reports of national intelligence service dossiers of people under surveillance being illegally destroyed, as the new EYP Director has implied with regard to Androulakis's surveillance file.
In response to a letter from the European Commission, Greece’s Permanent Representative to the EU, Ioannis Vrailas, said it was “highly debatable” that any of the accusations being levelled at the Greek government fell under the EU’s competency.
However, Brussels could indeed get involved if the Greek government were found to have violated the General Data Protection Regulation (GDPR), especially since an increasing number of MEPs and EU Commission officials have been targeted by spyware.
Questions remain as to whether the current EU legal framework is suited for investigations into digital communications, amid the growing cases of spyware being used by governments for political reasons in Hungary, Poland, Spain, and now Greece, with many more cases likely to be revealed unless firm action is taken at the EU level.
