The European Data Protection Supervisor (EDPS) Tuesday published preliminary remarks about the Pegasus spyware and called for a European Union-wide ban.

The controversial Pegasus spyware has been used by governments for the purpose of surveillance of journalists, activists and politicians in several EU member states and various other jurisdictions.

The EDPS preliminary remarks recognise that the Pegasus spyware provides unlimited access to personal data and violates the right to privacy. According to EDPS, Pegasus surveillance is disproportionate, interferes blatantly with privacy and deprives an individual completely of it. EDPS acknowledged that certain features are disabled during surveillance to limit intrusiveness issues. However, EDPS states that Pegasus must only be utilised for the purposes of imminent terrorist attacks and not for wider or systematic surveillance. If used for regular surveillance, then it will be incompatible with the EU legal order.

EDPS further remarked that surveillance with advanced hacking will affect the right to a fair hearing. It suggested that the EU can amend the EU Dual Use Regulation to strengthen the current cyber-surveillance regime and protect the fundamental rights of each individual. Also, EDPS recognised that Pegasus is a highly advanced military-grade spyware and violates fundamental rights, especially the right to privacy, therefore, making its application incompatible with EU’s democratic values. Hence, it suggested a complete ban on spyware with steps and measures provided to curb this kind of surveillance.