David Brown, The Times
October 7, 2021

Cherie Blair faces scrutiny about her work for a secretive company behind a spyware system despite exposing its use in the hacking of a Conservative peer.

The wife of Tony Blair, the former Labour leader, is an ethics adviser to NSO, the Israeli intelligence company behind Pegasus spyware.

She called Baroness Shackleton of Belgravia in August last year saying that the divorce lawyer and her client, the former wife of the ruler of Dubai, appeared to have been victims of hacking. Blair, 67, a QC, told the High Court that she had been contacted “at nearly midnight Israeli time” by NSO and informed that “their software may have been misused to monitor the phone of Baroness Shackleton and her client, Her Royal Highness Princess Haya”.

“The NSO senior manager told me that NSO were very concerned about this and asked me to contact Baroness Shackleton urgently so that she could notify Princess Haya,” she added.

Six days later Blair called Shackleton again and “confirmed it was the Emirate of Dubai, not [the United Arab Emirates] in general, who she was talking about,” the High Court was told.

Hours before Blair’s initial call Shackleton’s law firm, Payne Hicks Beach (PHB), had received a warning from Martyn Day, a human rights lawyer. He said that a Canadian computer expert who was assisting a UAE activist who had been targeted using Pegasus had found evidence that PHB had also been targeted.

NSO later confirmed that Shackleton had been targeted. Its London lawyers, Schillings, initially told PHB that Blair was not privy to the identity of any of the company’s clients.

NSO has faced international criticism after Amnesty claimed it had evidence that people of “interest” to its spyware clients included Roula Khalaf, editor of the Financial Times, and Hanan Elatr, wife of the murdered dissident Saudi journalist Jamal Khashoggi.

Blair set up Omnia Strategy in 2007. NSO hired the company to act as an external ethical adviser and highlighted the role of Blair and Omnia three times in a report published last month to demonstrate its “preservation and protection of human rights”.

Blair did not respond to a request for comment yesterday. She has previously issued a statement saying she was “encouraged by [NSO Group’s] recent progress on human rights matters”. She said: “NSO Group’s commitment to implementing the UN guiding principles on business and human rights is critically important for the company, the sector in which they operate, and our society.”

Sir Andrew McFarlane, president of the family division of the High Court, said Blair’s evidence was “entirely compatible with, and is not contrary to, a conclusion that the source of the hacking was the [United Arab Emirates]”. He added: “It is clear from Mrs Blair’s account that, from day one, NSO had sufficient information that its software had been used against Baroness Shackleton and [Princess Haya] to cause the senior management to take steps to make contact, during the night, to alert PHB.”

Israeli system designed for intelligence services and police

The spyware used by the ruler of Dubai to hack into the mobile telephone of a Tory peer and others is officially designed for intelligence agencies and police.

The Pegasus system can record calls, copy messages and photographs and secretly film users. It can also access address books, call history, calendars, emails and internet browsing histories.

The software can infect billions of phones running iOS or Android operating systems without users having to do anything like opening a message or clicking on a rogue link.

During one attack linked to Sheikh Mohammed bin Rashid al-Maktoum, 265 megabytes of data (equivalent to 24 hours of voice recording data or 500 photographs) was taken from the mobile telephone of his former wife.

Pegasus was created by NSO Group Technologies which was reportedly founded by former members of Unit 8200, specialists in the Israeli Intelligence Corps responsible for collecting signals intelligence and code breaking.

President Macron is among 14 serving or former national leaders to have allegedly been spied on by the software. Others include President Ramaphosa of South Africa and Imran Khan, the Pakistani prime minister, according to research by Amnesty International. Clients of NSO are reported to have identified 50,000 mobile telephone users since 2016, the group says.

NSO insists it provides the spyware to governments and their intelligence services for use in tackling serious crime and terrorism only. The company claims Amnesty’s technical report on the widespread use of Pegasus is a “compilation of speculative and baseless assumptions”.

The London law firm Bindmans is investigating alleged misuse of Pegasus by foreign governments to target Baroness Uddin, Madawi al-Rasheed, a professor at the London School of Economics, and Raghad Altikriti, president of the Muslim Association of Britain.

David Haigh, a human rights lawyer, in August became the first confirmed British victim of Pegasus. He had represented Mohammed’s daughter, Princess Latifa, after she was seized on the sheikh’s orders from a yacht in the Indian Ocean in 2018.

NSO said in a statement to the High Court that on August 4 last year it received information “that raised the possibility that Baroness Shackleton of Belgravia’s mobile phone, that of another unnamed member of her firm and that of her client may have been compromised”.

The company said the hacking appeared to end on September 15 and after the investigation the contract with the unidentified customer was terminated. It did not respond to requests for comment yesterday.