The Belgian courts are following up a criminal complaint by Plataforma per la Llengua against the Spanish State for having spied on various mobile phones of members of the organisation's executive board, some of them in Belgium. The complaint says the phones were infected with cyberespionage software like Pegasus or a version of it. The organisation has used experts to confirm that the various telephones of members of the executive board (all of which were analysed) had been infected. It has decided to take the case to the Belgian courts as some of the members had been spied on in Belgium and because the Belgian courts could be a new route for investigating this serious political attack.
"We now know that we not only have two States against Catalan, but also that at least one of them is against the Catalan NGO," said Òscar Escuder, president of Plataforma per la Llengua, during the press conference at the headquarters of the Official Association of Journalists of Catalonia where details of the case were revealed. Rut Carandell, director of the organisation, and Josep Jover, a lawyer specialising in European Union law, who has coordinated judicial strategy with the Belgian lawyer Catherine Forget, also spoke at the press conference.
The organisation is delighted that the Belgian courts are following up its complaint and hopes that the investigation will force the Spanish State to identify those responsible for the espionage and to clarify whether the legal procedures for tapping telephones in other European Union States have been ignored. It must be remembered that the expert investigation presented with the complaint was able to detect that the telephone responsible for the infection is Spanish and that the cyberespionage software detected can only be purchased by States.
Plataforma per la Llengua sees spying on the mobiles of members of its executive board, all of them volunteer activists, as an attack on the protection of Catalan representing a violation of the individual rights of citizens who disinterestedly devote their free time to defending the language. The organisation is an NGO with more than 25,000 members which has been working for 30 years to promote Catalan as a tool for social cohesion in all walks of life throughout the area where it is spoken. That is why, as well as defending the language at European and world level, it has a presence in the four States where Catalan is spoken: Spain, France, Andorra and Italy. The fact that a State should have decided to spy on an organisation dedicated to defending the rights of Catalan-speakers is evidence that language continues to be one of Spain's main battlegrounds. So, despite this attack, the organisation will continue to work as it has until now to defend the minority language.
The expert report proves that various mobile phones were spied on and that some of them were spied on in Belgium
Plataforma per la Llengua commissioned the report from an IT expert on various mobile phones belonging to members of the NGO's executive board in the summer of 2022, after suspecting that it might have been spied on. The expert report, which was completed in the autumn, confirmed that all the devices analysed had been infected. Where the mobile phone operating system allowed, it was even possible to identify the Spanish mobile phone responsible for the attacks.
The cyberespionage software used was Pegasus or one of its versions, allowing the attackers to access the victims' personal data and information, as well as communication channels like e-mails or texting apps. Considering that this software can only be bought by States, the organisation decided to take the case to the Belgian courts instead of the Spanish ones, to ensure an independent investigation outside Spain.
Belgium will investigate whether Spain has ignored European Union procedures for tapping telephones inside and outside Spanish territory
Following up the complaint, the Court of Instruction of the French-speaking Court of First Instance in Brussels has already begun to investigate the procedures followed to tap the mobile phones of members of the organisation and to identify those responsible. The investigation by the Belgian judicial police will demand that the Spanish police and judicial authorities identify those responsible for the mobile phone that the expert report says caused the infection.
The court has also been requested to ask the competent European body, Eurojust, to check whether the Spanish State made the necessary applications to tap telephones on Belgian territory. According to European regulations, if a State wants to tap a telephone legally, it must do so via making a specific written request to Eurojust, based in The Hague in the Netherlands. It must be borne in mind that telephones can only be tapped in specific circumstances and only for lawful purposes.
The organisation's complaint accuses the Spanish State of six offences under Belgian regulations
Plataforma per la Llengua is making its complaint against the Spanish State for having committed six offences against Belgian law: intruding into the IT system of mobile phones; arbitrary interference in the fundamental freedoms of the spying victims; intercepting mobile messages; and violating the privacy of computerised data, communications secrecy, and electronic communications secrecy in particular.
The organisation reminds the authorities that Article 550 of the Belgian criminal code punishes access to an IT system by anyone knowing they are not authorised to access it, and Article 314 of the same criminal code punishes the interception, recording or publication of communications not accessible to the public without the consent of all participants. In addition, Article 124 of the Electronic Communications Act of 13 June 2005 also provides criminal punishment for various behaviours contravening the secrecy of these communications, such as those reported by the organisation.
The Catalan NGO hopes the courts will act firmly and clarify all the facts related to the case. The organisation notes that both the privacy of citizens and data protection are fundamental rights recognised in Europe. They must be guaranteed in all circumstances and those who violate them must face the corresponding legal consequences.
