It’s a sad but true reality. The story of Artemis Seaford, a former executive on Meta’s security policy team, is yet another example of the vulnerability of digital privacy. In September of 2021, her phone was accessed and monitored by the Greek government with a sophisticated spyware known as “Predator”. This type of malware is believed to have been developed by a secretive cyber company called “Cytrox” based in North Macedonia.
It’s a sign of how far-reaching and powerful this digital monitoring can be that Seaford, a Greek-American dual citizen, was among the victims of the Greek government’s surveillance. According to a report from the New York Times, the country’s intelligence service was tracking Seaford for over a year without her knowledge. She only found out about the situation when her name appeared in a leaked list of spyware targets in the Greek news media in November of 2022.
To confirm her suspicions, Seaford went to Citizen Lab, a digital research unit with the University of Toronto, who found that her phone had indeed been infected with the “Predator” malware. So far, the exact purpose behind Seaford’s surveillance remains unclear. In response to the hacking, she has since filed a lawsuit against the unknown parties involved.
In a tweet posted after the New York Times’ report, Seaford noted that “the evidence suggests that my hacking with Predator was based on private information most likely obtained through state intelligence wiretapping.” She went on to encourage other victims of spyware abuse to come forward, saying “we deserve better. Ultimately, we need our governments and EU bodies to protect us.”
Unfortunately, Seaford isn’t the only one who has been targeted in this way. Much of last year saw the spark of an ongoing political scandal in Greece—known as “Greece’s Watergate”—over the country’s use of commercial spyware such as “Predator”. In response, Meta took action in December of 2021 and banned Cytrox from the platform in addition to four other surveillance firms found to have been conducting operations aimed at thousands of Meta users.
Commenting on the Seaford case, John Scott-Railton, a senior researcher with Citizen Lab, called the hacking “diabolical”, also noting that it reinforced “the mercenary spyware problem in the EU is out of control.” Although the Greek government have denied any involvement in the hacking of Seaford, the investigations into the use of their technology are still ongoing.
At a time when the public’s digital privacy is constantly being infiltrated, the hack of Artemis Seaford is a troubling reminder of the ease with which certain groups can seize our information. It’s important that we all stand together in holding our governments accountable for not only protecting, but respecting our data privacy.
Let’s hear your thoughts: Do you think enough is being done to protect digital privacy?