The Internet Freedom Foundation, an Indian non-governmental organisation that seeks to protect digital liberties, on Thursday issued a statement calling the reports of a security breach of messaging platform WhatsApp “scary”. Several prominent Indian lawyers, activists and journalists were targeted in the hack.

WhatsApp had on Tuesday filed a lawsuit against an Israeli firm whose spyware, Pegasus, was used to target users of the messaging platform. NSO Group, the Israeli cyber intelligence company, has disputed the allegations but said that the spyware has been sold only to government agencies.

WhatsApp said the security breach took place during a two-week period in May. Scroll.in has so far confirmed the identities of 14 of the targeted individuals. At least two dozen Indian journalists, academics, Dalit activists and lawyers may have been targeted, The Indian Express reported on Thursday.

The Internet Freedom Foundation said that the revelation that the exposed individuals included lawyers in the Bhima Koregaon violence case, as well as activists Bela Bhatia and Anand Teltumbde, “raises some extremely disturbing questions about likely illegal hacking by unknown government agencies – or other actors operating in India”. It added that the entities responsible for the hacking appear to have “flagrant disregard for the rule of law and contempt for our fundamental right to privacy”.

“There is an urgent need for official disclosure on whether and how this spyware was used in India to hack our citizens,” the foundation said. “The Government of India must issue an official public statement providing complete information. The Government must also clarify which law empowers it to install such spyware.” The foundation said that hacking of computer resources, including mobile phones, is a criminal offence under the Information Technology Act, 2000.

Calling for surveillance reform to protect citizens against illegal hacking, the foundation added that the government must “reject the use of spyware in their pursuit of social objectives of policing and security”.

The foundation said that in the days to come, it will reach out to victims of illegal surveillance in India, and try its best to make the legal system accessible to them. “We will also examine avenues for further engagement with all branches of government – legislative, executive and judicial – to advance our ongoing work on surveillance reform,” it added.

The government has expressed concern about the reports of security breach. Union Minister of Information Technology Ravi Shankar Prasad said WhatsApp has been asked to explain the breach and the measures taken to strengthen the privacy of Indian citizens. Earlier in the day, the Ministry of Communications and Information Technology asked WhatsApp to respond by November 4 about the security breach.

Prasad also targeted the Opposition, listing the surveillance scandals under the erstwhile United Progressive Alliance-led government. However, the Congress claimed that the Narendra Modi-led government had been “caught snooping”. “Modi govt caught snooping,” Congress spokesperson Randeep Singh Surjewala tweeted. “Appalling but not surprising. After all, BJP government - 1. Fought against our right to privacy. 2. Set up a multi crore surveillance structure until stopped by SC. SC must take immediate cognisance and issue notice to BJP government.”

Now, follow and debate the day’s most significant stories on Scroll Exchange.