The special investigation team assigned to investigate the Israel Police’s use of spyware, found the Police’s practices to be highly under-supervised and incompliant with the law and internal procedures and policies.
The investigation into the Police’s spyware-tapping activities was launched amid investigative journalism publications by the Israeli newspaper Calcalist, alleging that the Police had warrantlessly penetrated the smartphones of individuals with spyware. The investigation team’s preliminary report, published in February, found that all of the alleged warrantless spyware activities were traceable to lawfully issued warrants.
Following a more in-depth investigation, the final report found four instances of warrantless penetration attempts, all of which failed. However, the investigation team concluded that all four cases were “bona fide mistakes”, and that the Police have a practice of making sure that it obtains all necessary warrants.
The investigation team also inquired into the assertion that the Police collect excessive information when it penetrates devices for wiretapping purposes. This assertion turned out to be correct. The team discovered that the Police unlawfully collected data created and stored on the infected device before the date of the warrant. The team also discovered that the Police did not only collect information related to computer telecommunications, but additional information such as calendars, contacts, and notes. In doing so, the Police grossly exceeded their authority and violated the constitutional right to privacy.
Based on its findings, the team laid down a series of recommendations, including the following:
- The Police may continue to conduct wiretapping by infecting cellular devices with spyware, but only subject to implementing necessary technological safeguards, and in compliance with the procedures approved by the Attorney General.
- The Police’s legal counsel should provide ongoing legal support to the Police. The Police should update the legal counsel on any issue that requires their knowledge and involvement.
- The police must implement controls and supervision mechanisms that facilitate the periodic examination of the Police’s compliance with the law and its internal procedures.
- Applications for wiretapping warrants should concretely detail the specific types of information required for the investigation and elaborate on the intended method of wiretapping.
- The Wiretap Law should be amended to clearly set out the authority and the limitations on the Police’s use of spyware.
CLICK HERE to read the investigation team’s report (in Hebrew).