NSO Group is proud to have set the gold standard for good corporate governance in the cyber intelligence industry.
Our governance framework codifies NSO Group’s commitment to ethical business by building human-rights considerations and protections into all aspects of our work, from product design to the licensing of our products to vetted government customers.
We are dedicated to ensuring that our licensed government customers use our products only for the lawful and necessary purposes of preventing and investigating terrorism and serious crime. That is why our sales-approval process has always gone significantly beyond the regulatory protocol, taking every reasonable measure to ensure our technology is used as intended.
NSO Group’s commitment to and alignment with the U.N. Guiding Principles on Business and Human Rights places us among a small number of companies in the information and communications technology sectors which have adopted such standards.
We expect all our directors, employees and business partners to act with integrity. Our corporate governance is built on the principles of fairness, the rule of law, accountability, responsibility and transparency.
From the UN Working Group on Business and Human Rights report, June 2023: ", the Working Group was impressed by the company’s willingness to engage openly with the Working Group and other stakeholders. The Working Group learned that NSO Group Technologies had implemented a human rights policy to prevent, detect and address human rights impacts; implemented human rights due diligence; and established a product misuse investigations procedure through which it can terminate surveillance services."
NSO Group licenses its products only to government intelligence and law-enforcement agencies, for the sole purpose of preventing and investigating terrorism and serious crime. Our vetting process goes beyond the widely common legal and regulatory requirements to ensure the lawful use of our technology as designed.
Our Governance, Risk and Compliance Committee (GRCC) board reviews potential sales of NSO Group’s products, providing recommendations and decisions after an in-depth, risk-based due-diligence process which includes comprehensive assessment of potential impact on human-rights. This committee replaces the previous Business Ethics Committee. The GRCC is empowered to reject potential sales or request investigations into potential misuse.
As part of NSO Group’s commitment to the United Nations Guiding Principles (UNGP) on Business and Human Rights, human-rights protections are manifested in all aspects of our work.
The integration of human rights due-diligence procedures to identify, prevent and mitigate the risks of human rights violations.
A thorough evaluation, conducted throughout the sales process, of each prospective NSO Group client’s human-rights record, governance standards and potential for product misuse.
Contractual obligations limiting NSO Group clients’ use of company products to the prevention and investigation of major crimes, including terrorism, and ensuring that they are not used in violation of human rights.
Enhanced safeguards for the protection of individuals or groups at higher risk of arbitrary digital surveillance and communications interception.
Periodic review of the company’s human-rights governance framework by compliance experts - both in-house and external - coupled with a commitment to ongoing dialogue with all relevant stakeholders.
Find out more about our Code of Ethics and Conduct
Transparency is the central pillar of good governance, and we aspire to set the highest standards for transparency in our growing sector.
In line with the U.N. Guiding Principles on Business and Human Rights (UNGP), we are committed to promote transparency wherever possible and to publicly report on the effectiveness of our policies and procedures. We strictly adhere to legal, contractual and commercial constraints in our reporting, and we honor the obligation to protect the confidentiality of our clients’ critical public-safety efforts.
NSO Group is the first in our industry with material information that is as comprehensive and revealing as the data contained in our annual report. Our first Transparency and Responsibility Report illustrates for the first time, and in deep detail, how NSO Group strives to guarantee that our products are used as intended - safely, effectively and ethically, and it further describes what options are available to us if we find that one of our clients has acted in bad faith despite our extensive vetting process, or used one of our tools to monitor the electronic communications of someone who falls outside a prescribed investigative scope.
Our External Whistleblowing Policy allows those with concerns about potential misuse of NSO Group products to contact the company. If you wish to report a concern, please email us confidentially at: firstname.lastname@example.org.
NSO Group also has an internal whistleblower policy for employees, consultants, officers and directors of the company.