Read in Catalan

Concern in Europe. Following the revelations of the CatalanGate espionage, the European Parliament is taking action to revise the status of MEPs' mobile phones. The European chamber has offered its members a service to detect if the controversial Pegasus software has infected their devices, according to The service is being offered at the request of house president Roberta Metsola, after the massive espionage directed at the Catalan pro-independence movement became known. This espionage has already affected members of the European Parliament, in particular, all five of the Catalan pro-independence representatives in Brussels: Diana Riba and Jordi Solé had their mobile phones hacked after they became MEPs. As well, Toni Comín's phone was hacked by Pegasus before he took office, and several people close to Carles Puigdemont (including his wife) also had their devices infected. In the case of MEP Clara Ponsatí, a staff member working for her at the European Parliament itself was targeted by the spyware, according to the Citizen Lab. An email has been sent to all MEPs stating that the verification must be carried out "in the presence of the owner of the mobile phone" and that the analysis can take up to 30 minutes.

Specifically, the European Parliament email states that a service will be made available to elected representatives to check if their mobile phones have been attacked by Pegasus spyware, which can infect the device without the owner's knowledge and give the attacker access to documents, camera and microphone functions, and other capacities. Metsola and her secretary-general, Klaus Welle, have called for the service to be put into action after the European Parliament itself said it had "full" confidence that allegations of government espionage would be investigated in an "exhaustive" way.

CitizenLab CatalanGateMEPs pantalla
Screenshot of the five pro-independence MEPs (Comín, Riba, Solé, Ponsatí and Puigdemont) from The Citizen Lab's "CatalanGate" report / The Citizen Lab

The European Parliament's verification of the device will be carried out in the presence of its owner and can be carried out both in the offices of the computer services of the European Parliament in Brussels or Strasbourg and in the offices of the MEPs themselves. The duration of the initial analysis depends on the amount of data contained in the mobile and will take a minimum of 30 minutes. Depending on the outcome, "a more time-consuming detailed security analysis" may be required.

A 30 minute verification

This very week has seen the formal setting up of the new parliamentary committee in Brussels to look into this spyware which can only be purchased by governments, a committee created after the first revelations over its use to spy on political opponents, journalists and activists - among them, pro-independence Catalans - in the summer of 2021. For its part, the European Commission has called for Spain to investigate the CatalanGate case. European Commission president Ursula von der Leyen has already said that the scandal seemed "unacceptable". The University of Toronto cybersecurity study group the Citizen Lab announced on Monday that Pegasus espionage had affected more than 60 people involved in or closely linked to the Catalan independence movement, including two MEPs from the ERC party (Diana Riba and Jordi Solé), and the three European representatives of Junts - Carles Puigdemont, Toni Comín and Clara Ponsatí. The Citizen Lab findings are set out with graphic clarity in this presentation