New Delhi: The smartphone of a British activist and lawyer who was involved in the campaign to release the daughter of Dubai’s ruler and is consulting with the legal team of his estranged wife was infected with Pegasus spyware last year, a new forensic investigation by the Pegasus Project has established.
He is one of five new confirmed infections – which include one Indian case – that have been detected after the international media consortium, including The Wire, had reported on a database of 50,000 phone numbers linked to government clients of the Israeli firm, NSO Group, best known for it flagship spyware, Pegasus.
The consortium, coordinated by Paris based non-profit Forbidden Stories with technical support from Amnesty International, had earlier found that phone numbers of Princess Latifa and her closest friends were added to a a list of probable surveillance targets just after she escaped Dubai on February 24, 2018. Latifa left by boat from the Omani coast for Goa, but was intercepted by Indian commandos in international waters and handed over to UAE security officials.
A year later, the number of Princess Haya bint Hussein – wife of UAE prime minister and vice president Sheikh Mohammed bin Rashid al-Maktoum – along with those her personal assistant and other associates were added to the list by an unknown Pegasus operator. Members of her legal and security team were also added as persons of interest. None of their phones could be accessed for forensic investigation.
The forensic examination of David Haigh’s phone and confirmation of Pegasus spyware infection is significant as it links him directly to both the Dubai princesses.
Amnesty International found that the Pegasus infected Haigh’s Iphone 12 Pro Max through a vulnerability in the iMessage app on August 3, 2020. There was evidence that there was an “execution of a Pegasus process” on August 3 and 4.
The military-grade spyware can not only collect all data, including photos, emails, chats, from a mobile phone, but also turn it into a eavesdropping tool by remotely turning on camera and microphone.
The forensic analysis could not determine if any data was taken from the phone.
Haigh’s phone was targeted just after he lost contact with Latifa, with whom he had been secretly communicating for over a year and half.
Under house arrest in Dubai, Latifa had made several video recordings in her bathroom, the only locked room in the residence. She had sent dozens of messages and recordings to Haigh through a secret phone that she had obtained.
These video messages were featured in a BBC Panorama programme broadcast in February this year. She claimed to have been kept captive in a villa and warned that she will be in prison and “never see the sun again”. The programme had led UN to seek concrete proof of her life.
Haigh had earlier on November 2019 been spotted and photographed outside the UK high court with Tinna Jauhiainen, who had accompanied Sheikha Latifa on her escape from Dubai. Jauhianen’s testimony had been crucial to the High Court’s fact-finding judgment of March 2020 which ruled that the Dubai rule had orchestrated Latifa’s kidnapping and campaign of intimidation against Haya.
The cluster of phone numbers related to Princess Haya was added months before she fled to UK with her two young children and initiated legal proceedings in a UK court for their formal custody. Princess Haya’s lawyers have also cited Sheikh Mohammed’s treatment of Latifa as a reason for him not to get custody of the two children.
Haigh was, however, not on the list of 50,000 numbers accessed by Forbidden Stories and Amnesty International as he was targeted in 2020. Nearly 400 UK numbers are on the database, which have been linked to UAE, based on an analysis of the list.
Earlier, Amnesty’s technical lab had examined 67 phones of individuals on the database and confirmed Pegasus infection on 37 of them. Ten of these confirmed infections were on Indian phones.
Haigh’s number is the first confirmed UK infection by the highly sophistical spyware.
When contacted for a response over Haigh’s phone, NSO group responded to an earlier statement that they will no longer answer queries from journalists. The company had previously stated that the database of 50,000 numbers have nothing to do with Pegasus spyware.
NSO has always claimed that it sells its spyware tool only to “vetted governments” to track down criminals and terrorists.
In June this year, NSO released a “Transparency and Reliability Report” in which it claimed to have withdrawn the use of Pegasus from five unidentified clients since 2016. The report also stated that it had “investigated and substantiated an instance of product misuse to target a protected individual” in 2020, following which the company “terminated the use of Pegasus”.
Sources have told the Washington Post and the Guardian, media partners of the Pegasus Project, that NSO terminated the contract with Dubai within the last one year over human rights concerns and the targeting of the two princesses.
Further, sources familiar with NSO operations indicated that phone numbers with UK country code (+44) were also blocked from targeting about six months ago. NSO has already publicly stated that numbers with the US country code (+1) cannot be technically hacked by their spyware.
The personal lawyers of the Dubai ruler declined to comment for this article. There was no response from Dubai on a request for comment from the Pegasus Project. The UAE foreign ministry had issued a statement last week that all allegations about the country surveilling journalists and individuals “have no evidentiary basis and are categorically false”.
A former managing director of Leeds United Football club, Haigh became a vocal critic of Dubai after being released in 2016 from a 22 month prison sentence, during which he was reportedly abused and raped. He had been sentenced for embezzling $5 million from his employer, the Dubai-based private equity firm GFH Capital. Haigh declared bankruptcy last year after GFH capital won a UK court case against him.
When informed about Amnesty’s findings, Haigh told the Pegasus Project he was “horrified” that his phone was targeted, especially when his phone had been filled with communication with Latifa.
“The hacking of my phone happened 10 days after we lost contact with Princess Latifa after having had communication with her for over a year and a half via a smartphone we managed to smuggle into the Dubai jail where she was being held against her will,” he said.
The 43-year-old lawyer shared a screenshot of a text conversation with Latifa. When she stopped responding, his messages became more desperate: “im worried … where are you young lady … next time u vanish for 24 hours ill get on a plane there. and i mean that … Ok. Now really relay worried … Hello … Hello …”.
The Pegasus spyware infection also took place before he was scheduled to attend a meeting related to Princess Haya’s court case. “In addition, it came at the exact time I was due to meet representatives of a supportive royal family member of Latifa in London,” Haigh added.
Stating that the infection amounted to “state sponsored harassment”, Haigh called on the UK government to probe this “attack on human rights by a despotic regime. He has also made a formal complaint to Devon and Cornwall police, who have already contacted Amnesty researchers regarding their findings.