NPOs To Benefit From Apple Suit Alleging Spyware Attack
NPOs To Benefit From Apple Suit Alleging Spyware Attack

Embroiled in a lawsuit against an Israeli spyware company, Apple has made a $10 million grant to the Ford Foundation’s Dignity and Justice Fund (DJF) that in turn will award grants to civil society groups working to prevent cyberattacks and cybersurveillance.

Beyond the $10 million — the first funds to be deposited in the newly-created DJF — Apple has pledged to DJF any money it might collect at trial or through a settlement of the federal lawsuit it filed in November 2021 against alleged Israeli mercenary spyware company NSO Group Technologies Ltd., and its parent company, Q Cyber Technologies Ltd.   

“This is not new work for Ford. For the better part of a decade, we’ve invested over $40 million in the area of cyber surveillance and digital infrastructure and security,” said Vivek Trivedi, J.D., strategic communications officer for the Ford Foundation in New York City.

Ford has provided significant early funding to both Citizen Lab and Amnesty Tech — two of the leading organizations in this field, as well as many others around the world. This support has helped uncover many of the most insidious threats known today,” Trivedi said.

What is new is the creation of the DFJ this year and the first-time partnership between Apple and the Ford Foundation. The DJF is advised by the Ford Foundation but managed and fiscally sponsored by the nonprofit New Venture Fund in Washington, D.C. DJF was established as a pooled fund into which other corporations will be encouraged to donate to support the missions of civil society groups and fight global cyber-surveillance and cyberattacks on nonprofits, non-governmental organizations (NGOs), academics, activists, and others. 

Leaders at DJF expect to make the first grants late this year or in early 2023, initially funding approaches to help expose mercenary spyware and protect potential targets. The Ford Foundation’s DJF has not yet publicly released contact details on how prospective grantees can apply for funding. 

A team of technical advisers will assist the DJF’s advisory board members, who will make grant-funding recommendations to the New Venture Fund, which has the final say. The Ford Foundation will contribute support services but not funding to the DJF. 

Initial technical advisors on how the Apple grant should be distributed include:

  • Daniel Bedoya Arroyo, digital security service platform analyst at Access Now;
  • Ron Deibert, professor of political science and director of the Citizen Lab at the Munk School of Global Affairs & Public Policy, University of Toronto;
  • Paola Mosso, co-deputy director of The Engine Room;
  • Rasha Abdul Rahim, director of Amnesty Tech at Amnesty International; and,
  • Ivan Krstic, head of Apple Security Engineering and Architecture.

“The global spyware trade targets human rights defenders, journalists, and dissidents; it facilitates violence, reinforces authoritarianism, and supports political repression,” said Lori McGlinchey, director of Ford Foundation’s Technology and Society program, via a prepared statement.

Apple’s lawsuit, pending in U.S. District Court for the Northern District of California, alleges that NSO Group unleashed its “Pegasus” spyware on Apple iPhones and devices “to attack and surveil scores of individuals, including journalists, human rights activists, government officials and dissidents across more than 50 countries.”

NSO attorney Joseph N. Akrotirianakis in Los Angeles, Calif., has did not respond to a request for comment. 

The lawsuit cites Amnesty International, which has stated it discovered Pegasus spyware on the Apple iPhones of a French human rights lawyer, a French human rights activist, an Indian journalist, and a Rwandan activist. The complaint alleges computer fraud and other acts and seeks a permanent injunction to ban NSO Group from using any Apple software, services or devices.

The U.S. Commerce Department, according to Apple’s lawsuit, has evidence that NSO developed and supplied spyware to foreign governments that used the malicious tools to target government officials, journalists, activists and embassy workers and others. The Commerce Department in November 2021 added the NSO Group to an entity list of corporations that are banned from receiving exports from American companies.

Citizen Lab, the security-research organization at the University of Toronto, along with Amnesty International, are credited in the lawsuit with last year detecting a particular hacking exploit that it dubbed FORCEDENTRY and attributed to NSO Group, it is alleged in the lawsuit.