An Investigation That Reopens an Unhealed Wound
Five years after the earthquake of the original “Pegasus Project,” a new wave of revelations, published on July 16, 2026 by Haaretz in partnership with an international consortium including Le Monde, Forbidden Stories, El Confidencial, Die Zeit, and The Guardian, is a reminder that the Israeli spyware affair was never truly settled. This time, the reporting rests on an insider witness: a former Moroccan intelligence officer, identified under the pseudonym “Safir,” whose account was corroborated by internal documents, leaked emails, and forensic data previously analyzed by Amnesty International’s Security Lab.
The picture that emerges goes well beyond the 2021 Franco-Moroccan diplomatic dispute. It outlines a structured system: a dedicated unit within the DGST (Morocco’s domestic intelligence service), led by its own chief, tasked with running digital interception operations against journalists, human rights defenders, Spanish officials, and French political figures alike.
Israel: Supplier and Quiet Participant
The most sensitive element of this new wave of disclosures concerns Israel’s own role, beyond NSO Group’s commercial liability. A document uncovered in Panama, where Pegasus was first sold in 2012, shows that NSO’s co-founder entered the country carrying an Israeli diplomatic passport, listing the Israeli embassy as his address. This detail, documented by Panamanian journalist Luis Esquivel and relayed by the consortium, revives a central question: to what extent did the Israeli state facilitate, oversee, or shield the commercial activities of its cyber-surveillance firms abroad? Israel’s Ministry of Defense, which issues export licenses for these technologies, ends up implicated — if not legally, then certainly politically — in how its clients ultimately used them.
France: Target and Would-Be Buyer
The most striking irony in this affair lies in its timeline. Even as Paris was seriously considering acquiring Pegasus for its own services, ministers and lawmakers sympathetic to Moroccan interests had already, according to the investigations by Le Monde and its partners, been targeted by that very same tool. The Élysée ultimately abandoned the purchase, but that reversal came faster than the disclosure of the results of the forensic analysis of Emmanuel Macron’s own phone — leaving lingering doubt about how much Paris actually knew, and since when.
The parliamentary hearings that followed the first 2021 revelations did little to clear things up. Former Defense Minister Florence Parly repeatedly gave evasive answers, claiming she could not recall the details of her meeting with then-Israeli Defense Minister Benny Gantz, who reportedly handed her a report certifying that no French political figure had been targeted. The gap between the gravity of the allegations and officials’ selective memory says a great deal about the discomfort this affair still causes at the top of the French state.
Spain: A Blind Spot Too Long Overlooked
While the French angle has drawn most of the media attention since 2021, the Spanish dimension of the affair looks just as troubling. Guardia Civil officials and Spanish cabinet ministers reportedly also figured among the targets, at a time when — according to the new revelations — some field officers did not take the same precautions as their counterparts in the Policía Nacional, who had already switched to dedicated phones for sensitive communications during trips to Morocco. This gap in internal vigilance shows how badly the threat posed by next-generation spyware — capable of infecting a device via a single missed call, with no interaction required from the target — was underestimated by administrations that should have known better.
Rabat: Between Systematic Denial and Realpolitik
The Moroccan government’s response has not changed in five years: categorical denial, condemnation of a “malicious media campaign,” threats of legal action against Amnesty International and Forbidden Stories. This blanket denial, repeated almost verbatim with each new wave of evidence, produces a paradoxical effect: the more documents accumulate, the less tenable Morocco’s position appears — without this genuinely disrupting the bilateral relationship with Paris, as shown by the French prime minister’s visit to Morocco just days before these latest revelations were published. That diplomatic continuity, despite the scandal, speaks to something essential about the real hierarchy of priorities: the strategic, economic, and security interests binding the two countries seem, in practice, to outweigh public outrage.
What This Affair Reveals About the Global Digital Order
Beyond the diplomatic drama, this investigation highlights a more unsettling structural reality: the line between commercial cyberweapons and sovereign state tools has largely dissolved. Private companies, nominally subject to ordinary commercial law, sell surveillance capabilities comparable to those of the world’s largest intelligence agencies, with almost no democratic oversight of how they’re ultimately used. Morocco is neither the only client nor the only country to have turned this technology toward political surveillance; it simply illustrates, with unusual clarity, how a mid-sized state can use the private cybersecurity market to acquire a capacity for influence far beyond its traditional diplomatic weight.
For Europe, the stakes now go beyond merely protecting its own leaders. What’s really at issue is the credibility of its digital sovereignty: as long as European intelligence services keep relying, for their own operational needs, on Israeli vendors whose technologies are simultaneously sold to services that target them, the line between partner and technological adversary will remain dangerously blurred.
✍️ Belgacem Merbah
Algerian patriot, free in his writing as in his convictions.
Comments
Post a Comment