The smartphone as an undercover agent
In 2024, Daniel Freund, Member of the European Parliament, was the target of a spyware attack, allegedly carried out by the Hungarian foreign intelligence service. We therefore have filed criminal charges against Viktor Orbán and persons unknown. Such digital espionage activities constitute a massive violation of the privacy of those affected and also threaten democracy and freedom of the press
What happened?
In May 2024, Daniel Freund, a Member of the European Parliament, received an email that allegedly came from a Ukrainian student. The message contained a link that supposedly led to the team website of a student organization. However, this link had been manipulated – if Freund had followed it, spyware from the provider Candiru would have completely infiltrated his device.
Hungary has long been criticized for its surveillance measures, which violate human rights, and uses Candiru spyware. Daniel Freund is one of the most prominent critics of Hungary's right-wing populist Prime Minister Viktor Orbán in the European Parliament. For example, he played a decisive role in passing European sanctions against Hungary. Viktor Orbán has also explicitly attacked Daniel Freund verbally in the past.
What is spyware capable of?
If spyware is installed on a device, perpetrators can access all data stored on the infiltrated device and monitor communications through it. They are also capable of activating the smartphone's microphone and camera to monitor its surroundings in real time.
This gives the perpetrators deep insights – not only into the private lives of those targeted, but also into possible political activities, civic involvement, or journalistic work. In Daniel Freund's case, for example, this concerns conversations he has with Hungarian dissidents as part of his mandate.
The unknown perpetrators are therefore suspected of attempting to violate the confidentiality of the word (Section 201 of the German Criminal Code). As a general rule, digital espionage attacks deeply infringe on the privacy of those affected and violate the so-called fundamental right to IT privacy, which protects the confidentiality and integrity of digital systems.
According to the EU Parliament's IT experts, the Hungarian government could be behind the wiretapping of my communications. This comes as no surprise: Orbán despises democracy and the rule of law. If the suspicion is confirmed, it would be an outrageous attack on the European Parliament. In Europe, no one should have to fear being monitored for standing up for democratic values. This case shows how urgently we need effective measures against spyware – to protect all citizens
Who is at risk?
In Germany, foreign intelligence services use spyware primarily to target activists critical of the government, journalists, and – as in the case of Daniel Freund – increasingly also members of parliament. Beyond the individual fundamental rights of those affected, they also threaten civil society, press freedom, and democracy as a whole.
What do we want to achieve?
With our criminal charges, we want to ensure that the public prosecutors in Cologne and Krefeld investigate the attack. Moreover, the German state must do more to protect vulnerable individuals from spyware attacks. An important component of this is effective vulnerability management: this means that government agencies must inform developers about particularly dangerous security gaps in their software. At present, they deliberately leave some of these backdoors open so that they can use them themselves for surveillance using so-called “State Trojans.”
The SpywareShield initiative, led by the GFF, is committed to limiting the use of spyware, preventing its spread, and establishing robust vulnerability management.
