DUBAI RULER HACKED PHONES OF EX-WIFE AND HER DIVORCE LAWYER, JUDGE SAYS
SHEIKH COMMITTED ‘ABUSE OF TRUST AND POWER’ BY TARGETING PRINCESS HAYA AND BARONESS SHACKLETON OF BELGRAVIA
Sheikh Mohammed bin Rashid Al Maktoum is facing a possible criminal investigation after a judge found he ordered the hacking of mobile phones belonging to his ex-wife and her lawyer.
In a judgment published Wednesday, Sir Andrew Mcfarlane, the president of the Family Division, found the ruler of Dubai had committed a “total abuse of trust, and indeed an abuse of power” by targeting “unlawfully” with “sophisticated spyware” phones belonging to Princess Haya and Baroness Shackleton of Belgravia, her lawyer.
The latest twist in one of the most costly and bitter custody battles in English legal history will prove acutely embarrassing for the billionaire sheikh, who as vice president and prime minister of the United Arab Emirates is one of the U.K.’S closest Middle Eastern allies.
It could even jeopardize his friendship with the Queen, with whom he shares a passion for horse racing.
Princess Haya, 47, has been given permission to hand over Mcfarlane’s findings to the Metropolitan, Thames Valley and Surrey police forces, as well as the National Crime Agency.
It also emerged Cherie Blair, wife of former British prime minister Tony Blair, contacted Lady Shackleton, a Tory peer, last year to warn of the hacking of phones belonging to her and Princess Haya, who fled to England from her husband in Dubai in 2019.
Blair had been working as an “external adviser” on human rights for NSO Group, an Israeli intelligence company which created the Pegasus software which infects a phone before “harvesting” data. Blair was alerted by a “whistleblower” within the company that an unnamed state had carried out the attack.
Pegasus sells for “tens of millions of dollars” to nation states for use by intelligence and law enforcement agencies to prevent crimes and terrorism.
Mcfarlane concluded the sheikh gave the “express or implied authority” for the hacking, adding: “It is obvious that the father, above any other person in the world, is the probable originator of the hacking.”
He wrote the sheikh “is prepared to use the arm of the State to achieve what he regards as right.” He added: “He has harassed and intimidated the mother both before her departure to England and since. He is prepared to countenance those acting on his behalf doing so unlawfully in the U.K.”
Meanwhile, the sheikh, who owns Godolphin stables, complained through his lawyer he would struggle to visit the Queen at Windsor Castle and also Ascot Racecourse for horse trials if the judge imposed a “draconian” exclusion zone around his ex-wife’s Surrey mansion.
In a separate non-molestation judgment, Mcfarlane found the Sheikh had left his ex-wife feeling “mightily intimidated and frightened” after he tried to buy Parkwood Estate, a 77-acre property, which “abuts” Castlewood House, the home on the Surrey and Berkshire borders left to her by her late father, King Hussein of Jordan. The purchase, by a trust, was later dropped.
The judge imposed a ban on the sheikh buying properties around her home, a smaller “no entry” cordon of 328 feet, and a 1,000-foot no-fly zone to prevent access for aircraft and drones. The decision followed the mother complaining of feeling “stalked” and “hunted and haunted” by her ex-husband.
Mcfarlane’s findings of fact are based on the balance of probabilities, the civil law standard of proof which is a lower standard compared to criminal law where a jury must be convinced “beyond reasonable doubt.”
Nearly 1,000 pages of legal documents were released Wednesday after media organizations — including The Daily Telegraph — won a legal battle to be able to report the case, a move initially opposed by the sheikh. The judge, along with a court appointed guardian, approved publication because it was in the interests of the couple’s children, Jalila and Zayed, now 13 and nine.
Princess Haya fled Dubai with their children in April 2019, after an alleged affair with her bodyguard, Russell Flowers.
The 72-year-old sheikh, who spends much time in the U.K., divorced Princess Haya and began a custody battle through the English courts.
But, in March 2020, Mcfarlane, presiding, found the sheikh pursued a “campaign of harassment” against the princess, and used state apparatus to abduct two daughters from a separate marriage; Princess Shamsa in 2000 and Princess Latifa in 2018.
Although the sheikh has since dropped his attempt to obtain custody of Jalila and Zayed, the case has been continuing over welfare issues.
The first hint at a hacking scandal emerged last October when Lady Shackleton contributed to a House of Lords debate about Britain’s withdrawal from the EU. However, her contribution was as extraordinary as it was cryptic.
The divorce lawyer, who has represented Sir Paul Mccartney and the Prince of Wales, struck a solitary figure in the House because other peers were attending remotely due to lockdown.
“The reason I stand here tonight and am not being hooked up from home is because I am, as I have advised Black Rod, a victim of being hacked through my telephone,” she said. “My parliamentary email, my own email, my Whatsapp messages, my pictures and my texts are all visible to somebody else.” A few months earlier, an “incredibly anxious” Blair contacted her to say an NSO senior manager had found “their software may have been used to monitor the mobile phone of Baroness Shackleton and her client, Her Royal Highness Princess Haya.”
That same day, Martyn Day, from solicitors Leigh Day, emailed the baroness’s company, to say “someone in your firm is being targeted by UAE spyware.”
He had been contacted by Dr. William Marczak, a computer scientist at Citizen Lab, at the University of Toronto, who specializes in identifying if Pegasus is used to target journalists or activists.
He had studied a phone apparently hacked by Pegasus belonging to a man named as Mr X, a “UAE activist.”
Marczak spotted the IP of the baroness’s solicitors, Payne Hicks Beach, communicating with the “suspected command and control” Pegasus servers.
He told how hacked phones have an undetectable Trojan-style “temporary app” which secretly contacts Pegasus IP addresses before technically taking over the device.
Pegasus can secretly read texts, Whatsapp, email and Facebook messages, reveal its location, activate the microphone, listen to calls, access passwords, calendars, notes and files, as well as take screenshots and photographs.
Between July 17 and Aug. 3 at the mother’s Surrey home, there were six attempts to access a domain name connected to Pegasus, with a later apparent hacking resulting in 265 megabytes of data — equivalent to 500 photographs — being uploaded without permission, the judgment says.
Blair, whose company Omnia Strategy was hired by NSO, told the court NSO was “very concerned” and “had taken steps to ensure the phones could not be accessed again.” She never knew who was behind the “alleged surveillance,” but said she assumed it was Dubai “because no one else would have interest in targeting Princes Haya and Baroness Shackleton.”
Lord Pannick, QC, for the sheikh, listed a “pool of other possible perpetrators,” including Iran, Saudi Arabia and even Jordan, where the princess’s half-brother, King Abdullah II, is ruler.
Referring to phones belonging to the princess, the baroness and her lawyer colleague, Nick Manners, as well as two devices owned by a security team and personal assistant, the judge concludes “all six have either been infiltrated, or at least the subject of an attempted infiltration, by surveillance software. The software used was NSO’S Pegasus.”
He noted how “unusually in a fact finding process” the father “chose not to file any evidence” and “never conceded” he was behind the hacking, “despite the weight of evidence”.
The court heard an exclusion around the princess’s Surrey home would prevent the sheikh travelling to Windsor Great Park, including its Royal Chapel of All Saints, Guards Polo Club, a church and sports club favoured by the Royal family, and Cumberland Lodge, a 17th century former royal residence now run by a charitable foundation.
Wednesday night, the sheikh rejected the allegations, insisting the findings were based on an “incomplete picture.”
He said: “I have always denied the allegations made against me and I continue to do so. These matters concern supposed operations of State security.”
He added that as a “head of government” it was “inappropriate” to give evidence on “such sensitive matters.”
“Neither the Emirate of Dubai nor the UAE are party to these proceedings and they did not participate. The findings are therefore inevitably based on an incomplete picture,” he said.
“In addition, the findings were based on evidence that was not disclosed to me or my advisers. I therefore maintain that they were made in a manner which was unfair.”
NSO cancelled its contract with the UAE for breaching its rules on using Pegasus.
“Whenever a suspicion of a misuse arises, NSO investigates, NSO alerts, NSO terminates,” NSO, which only licenses its software to government intelligence and law enforcement agencies, said in a statement after the rulings were published.
It said it had shut down six systems of past customers, contracts worth more than US$300 million.
MY WHATSAPP MESSAGES, MY PICTURES AND MY TEXTS ARE ALL VISIBLE TO SOMEBODY ELSE.