When Novalpina Capital acquired surveillance specialist NSO Group early last year, the firm’s leaders probably didn’t expect to find themselves in the middle of a globe-spanning scandal involving the crown prince of a petro-state and the richest man in the world. But maybe they should have. OK, that exact scenario still sounds far-fetched, even after it was made reality this week by a new UN investigation suggesting that Saudi Crown Prince Mohammed bin Salman might have used NSO’s software to hack the cellphone of Jeff Bezos. But Novalpina had every reason to suspect controversy might come. 

After all, it’s been following NSO and the company’s prior private equity owners around like a dark cloud for years. 

Private equity’s role in a headline-grabbing tale of international espionage is raising questions about the ethical side of investing. That’s one of 10 things you need to know from the past week:
 

1. NSO woes

NSO Group was founded in Israel in 2010 with the goal of, as the company’s website puts it, creating “technology that helps government agencies prevent and investigate terrorism and crime.” Its most well-known product is a piece of spyware known as Pegasus, which exploits vulnerabilities in apps and operating systems to gain access to all of a cellphone’s communications and data. Private equity first crossed the company’s path in 2014, when Bay Area-based tech investor Francisco Partners acquired control of NSO, reportedly for around $125 million. Three years later, in 2017, it appeared the firm was in line for a profitable partial exit: Reports emerged indicating Blackstone was in talks to purchase 40% of NSO for $400 million. 

But a potential sale wasn’t the only reason NSO was in the news that year. By 2017, digital privacy proponents like the University of Toronto’s Citizen Lab had begun digging into Pegasus. Citizen Lab linked the malware to illegal espionage in Mexico and the UAE, saying it was used to infect the phones of journalists, lawyers and even the international team investigating the 2014 kidnapping and apparent murder of 43 student teachers in the Mexican city of Iguala. More recent reports suggest the malware has been deployed in 45 countries.