The exposure of Pegasus, a spyware developed by the Israeli company NSO Group, marked a new era in cybersurveillance. Capable of remote, zero-click infiltration of mobile devices, Pegasus grants operators near-total control over a device for surveillance purposes. Although marketed as a tool for combating terrorism and crime, it has also been widely abused to target journalists, human rights activists, and leaders of political opposition.
This Article examines the legal and regulatory challenges posed by tools like Pegasus, focusing on their potential use by law enforcement agencies in democratic societies, particularly the United States. Building on comparative experiences from Israel and the European Union, the Article highlights how different jurisdictions have grappled with similar challenges, offering lessons for U.S. policymakers.
The Article presents three key arguments. First, these tools should be treated as a diverse “toolbox,” rather than a single unified tool. Different features require distinct legal frameworks and strict limitations tailored to specific legal contexts, as evidenced by a comparative analysis. Second, in the U.S. context, the act of infecting a device must be recognized as the initiation of a search under the Fourth Amendment, necessitating appropriate judicial oversight from the moment of infection. Third, while certain capabilities of these tools align with existing U.S. legal doctrines, new legislation is essential to address the broader implications of the Pegasus Era. Together, these findings highlight the need for proactive reforms to balance the enhanced capabilities of law enforcement with the protection of constitutional rights and individual privacy.

Continue Reading The Pegasus Era: Regulating A New Generation of Government Spyware