Meta is seeking to hold NSO Group in contempt of court, alleging that the Israel-based spyware manufacturer continued to target WhatsApp users with malicious phishing attacks despite a standing court order. The legal escalation, filed in the U.S. District Court for the Northern District of California, marks the latest development in a long-running battle over the use of the Pegasus spyware to compromise encrypted messaging platforms.
According to court filings, Meta alleges that NSO Group violated a 2020 preliminary injunction by maintaining access to infrastructure used to deliver spyware. The company contends that these new phishing attempts were designed to bypass WhatsApp’s security protocols and gain unauthorized access to user data. This litigation remains part of a broader legal challenge initiated by Meta in 2019, which accuses NSO Group of violating the Computer Fraud and Abuse Act (CFAA) by infecting approximately 1,400 devices globally, including those of journalists and human rights activists, as reported by the Reuters news agency.
Legal basis for the contempt motion
The core of Meta’s complaint centers on the assertion that NSO Group has failed to comply with the court’s previous mandates regarding the cessation of its activities against WhatsApp. A motion for civil contempt requires the moving party to demonstrate by clear and convincing evidence that the opposing party violated a specific and definite court order, according to standard U.S. federal court procedures. Meta claims it identified new, sophisticated phishing campaigns that utilize infrastructure previously linked to NSO operations, arguing that these actions constitute a direct disregard for the court’s authority.
In response, NSO Group has consistently maintained that its software is intended solely for legitimate law enforcement and intelligence purposes to combat terrorism and serious crime. The company has previously argued that it does not operate the spyware itself, but rather licenses the technology to government clients who are responsible for how the tools are deployed. This distinction remains a critical point of contention in the ongoing litigation, as Meta seeks to hold the manufacturer liable for the actions of its end-users.
Technical scope of the alleged attacks
The alleged phishing attacks involved the use of malicious links sent via WhatsApp, which, if clicked, could potentially trigger a remote installation of spyware on the target’s mobile device. These techniques reflect a shift in how surveillance firms attempt to exploit mobile vulnerabilities. As documented in various forensic methodology reports by organizations like Amnesty International, spyware developers have increasingly relied on “zero-click” or low-interaction exploits to bypass traditional security defenses found in iOS and Android ecosystems.
Meta’s security team, which actively monitors for malicious activity, claims to have successfully disrupted these attempts before they could result in widespread device compromises. The company states that it continues to update its infrastructure to detect and block such patterns. For users concerned about mobile security, Meta recommends enabling two-step verification, keeping device software updated to the latest patches, and avoiding interactions with suspicious links from unknown contacts, as outlined in their official WhatsApp security guidance.
Broader industry impact and regulatory scrutiny
The legal conflict between Meta and NSO Group has drawn significant attention from international regulators and human rights groups concerned with the proliferation of commercial spyware. In November 2021, the U.S. Department of Commerce added NSO Group to its “Entity List,” effectively restricting the company’s access to U.S. technology and components due to evidence that it provided spyware to foreign governments that used it to target government officials, journalists, and activists, as confirmed by the U.S. Department of Commerce.
This ongoing case highlights the difficulty of regulating private sector actors in the digital surveillance market. While Meta seeks to establish legal precedents that hold spyware vendors accountable for the deployment of their tools, NSO Group continues to contest these claims in court. The outcome of the contempt motion could set a significant precedent for how technology companies address unauthorized access to their platforms by third-party software developers.
Next steps in the litigation
The U.S. District Court for the Northern District of California is now tasked with reviewing the evidence submitted by Meta to determine if a finding of contempt is warranted. There is no immediate timeline for a ruling on this motion. Legal analysts note that the discovery process in this case has been protracted, involving years of motions regarding jurisdictional challenges and the protection of proprietary software code.
Interested parties can monitor updates via the official docket of the U.S. District Court for the Northern District of California for the case involving WhatsApp Inc. v. NSO Group Technologies Ltd. As the legal proceedings continue, the implications for encrypted communication and the digital privacy of global users remain a primary focus for both the tech industry and international human rights advocates. Please share your thoughts in the comments section below regarding the role of private companies in regulating state-linked surveillance technologies.