Dubai ruler had ex-wife’s phone hacked – UK court
A senior member of NSO’s management team called Mrs Blair from Israel on 5 August 2020 to inform her that “it had come to their attention that their software may have been misused to monitor the mobile phones of Baroness Shackleton and HRH Princess Haya”.
The High Court has found that the ruler of Dubai, Sheikh Mohammed Al Maktoum, interfered with British justice by ordering the hacking of the phone of his ex-wife, Princess Haya of Jordan.
The phones of her solicitors, Baroness Fiona Shackleton QC and Nick Manners, were also targeted during their divorce custody case, according to the court.
Princess Haya said the discovery had made her feel “hunted and haunted”.
Sheikh Mohammed denied any knowledge of the hacking.
He said the court’s findings were based on evidence that was not disclosed to him, and that they were “made in a manner which was unfair”.
The judgments are a blow to the sheikh and a further revelation as to his treatment of female members of his family.
‘Serial breaches’
The High Court judgments, which were published on Wednesday afternoon, referred to the hacking as “serial breaches of (UK) domestic criminal law”, “in violation of fundamental common law and ECHR rights”, “interference with the process of this court and the mother’s access to justice” and “abuse of power” by a head of government.
The president of the Family Division of the High Court found that “the mobile phones of the mother (Princess Haya), two of her solicitors, her personal assistant and two members of her security staff had been the subject of either successful or attempted infiltration by surveillance software. The software used is called Pegasus software and was that of an Israeli company, the NSO Group.”
The court concluded that the surveillance was carried out “by servants or agents of the father (Sheikh Mohammed), the Emirate of Dubai or the [United Arab Emirates] and that the surveillance occurred with the express or implied authority of the father”.
Difficult to detect
The extent of the hack is shocking in what data it gave the hackers access to.
NSO’s Pegasus software, often referred to as “spyware”, is able to track the location of the individual using the phone, read their SMS messages, emails and messages in other apps, as well as eavesdrop on their phone calls and access their contact list, passwords, calendar dates and photographs. In other words, it gives the hacker complete access to all the data they want to see in their target’s phone.
It also allows the hacker to activate the target’s phone without their knowledge, recording their activity and even taking photographs and screenshots.
Similar spyware is alleged to have been deployed by Saudi government agents, working on the orders of the Crown Prince Mohammed Bin Salman, against dissidents living abroad, including associates of the murdered Saudi journalist Jamal Khashoggi.
It is extremely difficult for a victim of such spyware to even detect that their phone has been infected with Pegasus.
‘Very substantial amount of data’
In the ongoing custody case between Sheikh Mohammed and Princess Haya at the Family Division of the High Court, her legal team said the hacking took place with his “express or implied authority”.
The president of the court concluded that “in relation to the mother (Princess Haya), it is clear that the [hacking] attempt succeeded with a very substantial amount of data (265MB) being covertly extracted from her phone”.
Sheikh Mohammed denied any knowledge of the hacking and said he did not instruct anyone to use NSO “or any software in this way”. His legal team said he was not prepared to enter into any debate in relation to what security systems the UAE might have.
The allegations against Dubai’s ruler were supported by testimony given by an expert technology witness, Dr William Marczak, who is based in California and is a senior research fellow at the University of Toronto’s Citizen Lab, which researches digital surveillance.
He told the court he had no doubt the phones were hacked using NSO’s Pegasus software. He also concluded “with high confidence” that the phones were hacked by a single operator in a nation state. He concluded with medium confidence that it was most unlikely to be any state other than the UAE.
Alarm raised by Cherie Blair
Princess Haya’s legal team first became aware that they had been hacked after an urgent phone call made by Cherie Blair QC, the wife of former UK Prime Minister Tony Blair, to Baroness Shackleton. Mrs Blair acts as an adviser to NSO Group on business and human rights related issues.
A senior member of NSO’s management team called Mrs Blair from Israel on 5 August 2020 to inform her that “it had come to their attention that their software may have been misused to monitor the mobile phones of Baroness Shackleton and HRH Princess Haya”.