NSO Group Adopts Human Rights Policy

The Israel-based spyware company is pledging to adhere to the United Nation’s Guiding Principles on Business and Human Rights

The Israel-based NSO Group, whose software is alleged to have been used in controversial government surveillance, said on Tuesday that it would abide by UN guidelines to prevent rights abuses.

The spyware company said it would institute a series of oversight measures to ensure adherence and would henceforth evaluate potential clients’ “past human rights performance.”

According to the company, the policy will be underpinned by internal processes and operating procedures, including an External Whistleblowing Policy that will allow individuals to report concerns about potential misuse of NSO products.

In a press release, the company listed several key aspects of its human rights policy:

  • The integration of human rights due diligence procedures to identify, prevent and mitigate the risks of adverse human rights impact;
  • A thorough evaluation throughout the company's sales process of the potential for adverse human rights impacts arising from the misuse of NSO products, including the past human rights performance and governance standards of the country involved;
  • Contractual obligations requiring NSO's customers to limit the use of the company's products to the prevention and investigation of serious crimes, including terrorism, and to ensure that the products will not be used to violate human rights;
  • Specific attention to protect individuals or groups at elevated levels of risk of arbitrary digital surveillance and communication interception on grounds such as their race, color, sex, language, religion, political or other opinions, national or social origin, property, birth or other status, or their exercise or defense of human rights;
  • The provision of grievance mechanisms to enable reporting of suspected misuse of NSO products by the company's agency customers;
  • A renewed commitment to investigate whenever the company becomes aware of alleged unlawful digital surveillance and communication interception of NSO products;
  • Public reporting on the effectiveness of the NSO Human Rights Policy, taking into consideration the regulatory, legal, contractual, security and commercial constraints that limit the company's freedom to disclose specific information; and
  • Periodic review of the company's human rights governance framework by compliance experts, coupled with a commitment to ongoing dialogue with all relevant stakeholders.

“NSO’s products provide governments with the tools to help stop the world’s worst terror attacks and most dangerous criminals. We are incredibly proud of our products’ record of helping intelligence and law enforcement prevent serious crimes and save lives, but also understand that misuse could represent human rights violations. This new policy publicly affirms our unequivocal respect for human rights and our commitment to mitigate the risk of misuse,” said Shalev Hulio, co-founder and CEO of NSO. 

The NSO Human Rights Policy and governance framework will be overseen by a newly established Governance, Risk and Compliance Committee of the NSO Board, the company added. The Committee will review proposed sales of NSO products, providing recommendations and decisions after an in-depth, risk-based due diligence process including a full assessment of potential human rights impacts. The Committee will be empowered to reject sales or request investigations into potential misuse.