Bill Marczak was in the midst of a phone-hacking investigation involving a political activist from the United Arab Emirates when he came across something he never expected.
Mr. Marczak is a senior researcher with the University of Toronto’s Citizen Lab and he’s a leading expert in Pegasus, a sophisticated spyware that’s commonly used by repressive regimes to monitor political opponents and journalists.
Pegasus is unique in that it doesn’t require the target to be tricked into clicking a link to download a subversive program. Instead, it connects the phone to servers that allow someone to read text messages, e-mails and access everything from Facebook accounts to Skype, WhatsApp and even the phone’s microphone and camera.
As Mr. Marczak was analyzing a Pegasus hack on the UAE dissident’s phone, he noticed that a British law firm called Payne Hicks and Beach had also been targeted. A quick Google search revealed that one of the firm’s lawyers, Fiona Shackleton, who is a member of the House of Lords, represented the ex-wife of Sheik Mohammed Bin Rashid Al Maktoum, the Prime Minister of the UAE and the ruler of Dubai, one of the seven emirates.
“I was quite surprised when I saw that,” Mr. Marczak recalled in an interview from his home in California. “The immediate possibility that popped into my head was, well, there is spying potentially going on against lawyers in that case. I’d better contact them.”
He alerted the firm on Aug. 5, 2020, and offered to find out who was behind the spying. The lawyers agreed and within weeks Mr. Marczak had uncovered a sweeping Pegasus surveillance operation aimed at Baroness Shackleton and another PHB lawyer, Nicholas Manners. The targets also included the Sheik’s ex-wife – Princess Haya Bint Al Hussein – and three of her staff who all live in Britain.
In a 42-page report, Mr. Marczak found that the hacking was so extensive that UAE agents had downloaded 265 megabytes of data from Princess Haya’s phone, which is the equivalent of 24 hours of digital voice recordings or 500 photographs.
His report only came to light last week when British courts unsealed hundreds of pages of filings related to the divorce battle between Sheik Mohammed, a billionaire friend of Queen Elizabeth, and Princess Haya, the daughter of the late King Hussein of Jordan. The Citizen Lab’s findings have raised new questions about the nefarious use of Pegasus and prompted calls for Britain to rethink its relationship with the UAE.
“It is quite scary that this stuff can be deployed at the click of a button and there’s really not effective oversight or regulation,” said Mr. Marczak. “These are well-respected members of British society that are being spied on.”
The breakup of Sheik Mohammed and Princess Haya dates back to April, 2019, when the Princess fled to England from Dubai with the couple’s two children; Jalila, 13, and nine-year old Zayed. Sheik Mohammed immediately sought a court order to have the children returned to Dubai and most of the proceedings had been held in private. It wasn’t until last week that it became clear just how far the Sheik was prepared to go.
According to the filings, a series of judges had established that Princess Haya, 47, had good reason to fear for the safety of herself and the children. Sheik Mohammed, 72, had already abducted his two adult daughters, Shamsa and Latifa, after they tried to flee. In 2000, Shamsa was taken by UAE operatives in England while Latifa was snatched off a yacht in international waters off the coast of India in 2018. Both were imprisoned in Dubai for years and their movements remain controlled.
The court filings showed that Sheik Mohammed had waged a protracted media campaign against Princess Haya after she left and that he’d written poems calling for her to be killed. “It feels as if I am being stalked,” Princess Haya told the court. “It feels like the walls are closing in on me, that I cannot protect the children and that we are not safe anywhere.”
Princess Haya became so concerned about her security that Judge Andrew McFarlane agreed to impose a limited no-fly zone over the Princess’s home in Berkshire to stop surveillance drones and prevent helicopters from swooping down and nabbing the children.
He also approved a 100-metre “no-entry cordon” around her home and banned Sheik Mohammed from acquiring any neighbouring property. Sir Andrew’s order came after Princess Haya’s lawyers discovered that the Sheik had secretly tried to buy a 70-acre estate next door for £30-million ($51-million).
The phone hacking was further proof of Sheik Mohammed’s abuse of power, the courts ruled. The surveillance “was not only another example of [Sheik Mohammed] being prepared to use the arm of the UAE state to achieve his own aims in relation to the women in his family, but also further evidence of harassment and intimidation,” Judge Julian Flaux said. Sir Andrew added that the Sheik was “prepared to countenance those acting on his behalf doing so unlawfully within the U.K.”
The revelations have put pressure on the British government to review its relationship with the UAE. “Some of us have worried for some time about foreign states taking an interest in MPs’ phones and e-mails, and I hope this will act as a wakeup call,” said Chris Bryant, a Labour Member of Parliament. The House of Commons foreign affairs select committee is also planning to take up the issue.
Britain’s Foreign Office has yet to comment on the hacking in detail but it described the “U.K.-UAE bilateral relationship as strong.” The government is also pressing ahead with trade negotiations with the Gulf Co-operation Council, which consists of six countries including the UAE.
In a statement last week, Sheik Mohammed said the findings were based on an “incomplete picture” and an unfair disclosure of evidence. “These matters concern supposed operations of state security,” he added. “As a head of government involved in private family proceedings, it was not appropriate for me to provide evidence on such sensitive matters either personally or via my advisers in a foreign court.”
The company that developed and sells Pegasus, Israel-based NSO Group, said in a court filing that it created the technology to help law-enforcement agencies go after terrorists and criminals. “Human-rights protections are integrated in all aspects of NSO’s work,” the company said. NSO added that it conducted an investigation of the hacking and terminated a customer contract, although it didn’t specify the client.
Mr. Marczak said he doubted that NSO had cancelled all of its contracts with the UAE, because the country is a major client. But he said Sheik Mohammed’s actions should be a warning to the company and others.
“Any sort of rational person even conducting a basic Google search of the UAE would understand that this is not a place where you want to sell spyware because they have a long track record of abusing spyware,” he said. “Spying on your ex-wife and her lawyers, you really can’t make the case that’s in any way linked to terrorism.”
Our Morning Update and Evening Update newsletters are written by Globe editors, giving you a concise summary of the day’s most important headlines. Sign up today.