Zack Whittaker reports:
Spyware maker NSO Group used real phone location data on thousands of unsuspecting people when it demonstrated its new COVID-19 contact-tracing system to governments and journalists, researchers have concluded.
NSO, a private intelligence company best known for developing and selling governments access to its Pegasus spyware, went on the charm offensive earlier this year to pitch its contact-tracing system, dubbed Fleming, aimed at helping governments track the spread of COVID-19. Fleming is designed to allow governments to feed location data from cell phone companies to visualize and track the spread of the virus. NSO gave several news outlets each a demo of Fleming, which NSO says helps governments make public health decisions “without compromising individual privacy.”
But in May, a security researcher told TechCrunch that he found an exposed database storing thousands of location data points used by NSO to demonstrate how Fleming works — the same demo seen by reporters weeks earlier.
Read more on TechCrunch.
Lying about data not being real when it is real would not be a cool thing to do, right? Selling individuals’ data to companies that would lie about using real data is not cool, either, right? Of course, NSO still seems to be insisting that it is not real. So what government agency is going to look into this and take any appropriate enforcement action? Step right up, folks.