Aligning Company with UN Guiding Principles on Business and Human Rights Cements NSO Group as Global Cyber Technology and Defense Sector Leader

Company Announces Three New Senior Advisors

NSO Group (“NSO”) today announced a new Human Rights Policy and the introduction of a supporting governance framework that will bring the company into alignment with the UN Guiding Principles on Business and Human Rights (the “Guiding Principles”). NSO is the first company in the global cyber technology and defense sectors to seek alignment with the Guiding Principles, cementing the company’s existing industry-leading ethical business practices.

In addition, the company announced it will add three new senior advisors, including Governor Tom Ridge, the first U.S. Secretary of Homeland Security; Gèrard Araud, former French ambassador to the U.S.; and Juliette Kayyem, former Assistant Secretary at the U.S. Department of Homeland Security and a professor at Harvard University’s John F. Kennedy School of Government. These experts in national and international security, technology, international relations and law enforcement bring a depth of experience that will support NSO as it continues its work to assist governments in fighting serious crime and terrorism.

NSO, based in Israel, develops products that provide government intelligence and law enforcement agencies with the lawful interception capabilities necessary to prevent and investigate terrorism and serious crime. NSO products are also used for critical search and rescue missions following disasters such as earthquakes and mudslides.

The company’s new Human Rights Policy, approved by the Board of Directors and management, is founded on an unequivocal respect for human rights. The Policy will be underpinned by internal processes and operating procedures, including an External Whistleblowing Policy that will allow individuals to report concerns about potential misuse of NSO products.

Key aspects of the new NSO Human Rights Policy include:

  • The integration of human rights due diligence procedures to identify, prevent and mitigate the risks of adverse human rights impact;
  • A thorough evaluation throughout the company’s sales process of the potential for adverse human rights impacts arising from the misuse of NSO products, including the past human rights performance and governance standards of the country involved;
  • Contractual obligations requiring NSO’s customers to limit the use of the company’s products to the prevention and investigation of serious crimes, including terrorism, and to ensure that the products will not be used to violate human rights;
  • Specific attention to protect individuals or groups at elevated levels of risk of arbitrary digital surveillance and communication interception on grounds such as their race, color, sex, language, religion, political or other opinions, national or social origin, property, birth or other status, or their exercise or defense of human rights;
  • The provision of grievance mechanisms to enable reporting of suspected misuse of NSO products by the company’s agency customers;
  • A renewed commitment to investigate whenever the company becomes aware of alleged unlawful digital surveillance and communication interception of NSO products;
  • Public reporting on the effectiveness of the NSO Human Rights Policy, taking into consideration the regulatory, legal, contractual, security and commercial constraints that limit the company’s freedom to disclose specific information; and
  • Periodic review of the company’s human rights governance framework by compliance experts, coupled with a commitment to ongoing dialogue with all relevant stakeholders.

“NSO’s products provide governments with the tools to help stop the world’s worst terror attacks and most dangerous criminals. We are incredibly proud of our products’ record of helping intelligence and law enforcement prevent serious crimes and save lives, but also understand that misuse could represent human rights violations. This new policy publicly affirms our unequivocal respect for human rights and our commitment to mitigate the risk of misuse,” said Shalev Hulio, co-founder and CEO of NSO. “NSO has always taken governance and its ethical responsibilities seriously as demonstrated by our existing best-in-class customer vetting and business decision process. With this new Human Rights Policy and governance framework, we are proud to further enhance our compliance system to such a degree that we will become the first company in the cyber industry to be aligned with the Guiding Principles.”

“Terrorists and criminals continue to take advantage of encrypted messaging to ‘go dark,’ shielding their criminal activities from security and law enforcement agencies. Law enforcement and intelligence agencies face a daunting challenge in overcoming today’s advanced terror and criminal threats, and NSO’s technology can play a helpful role,” said Governor Ridge. “In today’s digital age, when our personal privacy is more vulnerable than ever before, a successful business must also be a responsible corporate citizen in all aspects of its work, which is why I am pleased to see that NSO has committed itself to following the UN Guiding Principles on Business and Human Rights.”

The NSO Human Rights Policy and governance framework will be overseen by a newly established Governance, Risk and Compliance Committee of the NSO Board. The Committee will review proposed sales of NSO products, providing recommendations and decisions after an in-depth, risk-based due diligence process including a full assessment of potential human rights impacts. The Committee will be empowered to reject sales or request investigations into potential misuse. No other company in the industry meets the same strict standards for governance.

Implementation of the new governance and compliance framework is already underway and will be completed under the leadership of the new NSO General Counsel, Shmuel Sunray, who will join from RAFAEL in November and brings over 25 years of experience in C-level legal executive positions for major companies, with significant expertise in legal, compliance and regulatory affairs. The company will also create a new role, the Head of Human Rights Compliance, who will report to the General Counsel. In-line with NSO’s commitment to transparency, we will publish further details regarding the implementation over the coming months. Foley Hoag LLP is providing advice to the Board

on the development of these policies and procedures.

The NSO Board has received opinions from two leading law firms (Paul, Weiss, Rifkind, Wharton & Garrison LLP and Paul Hastings LLP), each affirming that the design of its new framework is aligned with the Guiding Principles.

Details of NSO’s new governance framework and senior advisors are available on its website.

###

About NSO Group

NSO Group develops best-in-class technology to help government agencies detect and prevent terrorism and serious crime.
Our products help licensed government intelligence and law-enforcement agencies lawfully address the most dangerous issues in today’s world. NSO’s technology has helped prevent terrorism, break up criminal operations, find missing persons, and assist search and rescue teams.

Annual Transparency & Responsibility Report – Read The Report That Highlights The Safeguards Against Misuse of Our Technology, And Outlines Internal Governance and Compliance Processes