The controversial Israeli tech company NSO Group is trying to lure Western governments into software that it says can analyze the spread of COVID-19 using data from mobile phones.
The NSO group is currently being sued by Facebook for allegedly whatsapp hacking, an accusation that society denies.
He also denies having developed spyware that critics say sells to governments that use it to infringe human rights.
Although Sky News does not know if the company is in talks with the British government about its new technology, it appears to have contacted a number of Western countries to present their coronavirus– tracking software.
Although it is normally very secretive – often not responding to requests for comment when it comes to using its software to target human rights activists – NSO Group has offered to several media outlets, including Sky News, demonstrations of its new technology as part of a marketing campaign for Western governments.
So far, there has been no public information on the operation of this technology and the privacy protections it contains, despite a heated debate in Israel on the effectiveness of the software following the proposals of the Minister of Defense of the country to authorize NSO Group to analyze the mobile telephone data of the population.
According to the demonstration presented to Sky News, the platform will be hosted on government customers’ own systems, which means that the company will not have access to any data that is downloaded there – which is provided by the governments themselves.
Data governance and the decision on the granularity of this data would remain in the hands of customers.
Individuals are presented on the platform using a random identifier. Their whereabouts movements are time stamped, offering authorities the ability to trace where the infected were diagnosed and potentially to verify who may have been infected by them.
It is essential to reach these people early. A study published in March suggested that people who got the coronavirus are on their most contagious in those early days after being infected.
The re-identification of pseudonymized individuals on the platform would be possible if the government kept a separate correlation table, but this re-identification should occur outside the platform according to the demonstration.
For example, matching random identifiers to phone numbers would be possible, and potentially desirable if messaging at the individual level in response to potential exposure was something the government wanted to do, but transform the random identifiers into real people would happen off the platform.
Tweeting the project, Israeli Defense Minister Naftali Bennett described it as a “national AI surveillance system,” including an image that was a demonstration of the platform presented to Sky News.
“Every citizen will have a score of 1 to 10 at all times that measures the likelihood of being able to transmit the coronavirus,” said Bennett.
“A score of 3 indicates that they are probably not contagious; a score of 9.5 means they are probably contagious, then we will ask you to have a throat swab test by PCR. “
It is unclear how granular the location data used in Israel would be if deployed – it would be a decision for the authorities using the platform.
However, the demonstration suggested that if the government used GPS data from smartphones, it could then identify the individuals who had met, potentially transmitting the virus.
For others whose location could only be estimated by tower-cell triangulation, there was a risk of false positives being introduced if individual level messaging was attempted.
But whatever the level of granularity, the demonstration focused on demonstrating its ability to show an aggregated analysis of population-volume movements.
This feature of geo-analysis showed heat maps that included two categories – the movements of patients known to COVID-19 and those of people who had been potentially exposed to the virus after coming into contact with them.
NSO Group hopes that by using this tool on a nationwide view, its software could reveal areas where there were fewer people who had been potentially exposed to the virus.
This could be used to inform forecasts and allocate resources.
For example, the protest showed relatively low numbers in the southern Israeli city of Beersheeba, suggesting that the large hospital there could release ventilators for Tel Aviv where a large number of cases were turning on medical systems. tough test.
Despite Mr. Bennett’s claims that “every citizen” would be given a score, the NSO system is only able to analyze data for those who have a mobile phone, only about 70% of the Israeli population.
Communities where these devices are not present, especially ultra-Orthodox communities where transmission rates are significantly higher than the rest of the population, would require additional government efforts to monitor and treat patients.
Reports in Israel linking the company to government efforts to combat the epidemic have raised concerns among citizens complaining about what are considered anti-terrorist powers used in medical emergencies.
Politicians in the Knesset, the Israeli parliament, opposed Bennett’s suggestions that the NSO Group would have direct access to citizen data – although the company’s demo shows that this is not the way the platform is would work.
NSO Group has been criticized at the national level for its links with regimes considered to be involved in human rights violations, some expressing embarrassment that the company’s products were associated with the government’s efforts to combat the coronavirus epidemic.
Friends of murdered journalist Jamal Khashoggi said his phone was hacked by the Saudi government using an NSO group product called Pegasus, a tool that the Toronto-based Citizen Lab used to target activists rights, journalists and dissidents around the world. world.
The company has also been accused of developing a hack for the WhatsApp messaging app which was used to target dozens of its users, including human rights organizations and a UK-based lawyer, and is currently fighting a lawsuit brought by Facebook on this subject.
The company denied being responsible for targeting the UK-based lawyer: “Under no circumstances would NSO be involved in the operation or target identification of its technology, which is only exploited by intelligence and security forces.
“NSO would not use or could not use its technology on its own to target anyone or any organization, including that person. “