Appeals court clears path for El Salvadoran journos to sue spyware maker

A U.S. appeals court on Tuesday revived a lawsuit that El Salvadoran journalists had brought against leading spyware maker NSO Group.

The U.S. Court of Appeals for the Ninth Circuit concluded that a district court that dismissed the suit — on the grounds that the California court wasn’t the right forum — abused its discretion.

With the dismissal of Dada et al v. NSO Group vacated, the case returns to the Northern District of California to move forward.

“We’re pleased with today’s decision and look forward to seeking justice on behalf of El Faro journalists in U.S. court, where the case belongs,” said Carrie DeCell, senior staff attorney and legislative adviser at the Knight First Amendment Institute, which argued in the appeals court for the plaintiffs. “Spyware manufacturers that participate in the persecution of journalists shouldn’t be able to operate with impunity, and U.S. courts must ensure that they are held accountable for their actions where those actions violate U.S. law, as they did here.”

The lawsuit overcame a legal hurdle that has proven troublesome to those suing spyware makers, namely “forum non conveniens,” which allows a court to dismiss a case if it doesn’t believe it’s the proper venue.

Judges Jennifer Sung and Michael Simon wrote in an opinion explaining the decision that the plaintiffs, which include U.S. residents and citizens, were entitled to a strong presumption in their favor of their choice of forum based on their U.S. citizenship.

“It appears the district court gave little to no deference to Plaintiffs’ choice of forum, overlooked the allegations of the operative complaint, and shifted the burden of proof from Defendants to Plaintiffs,” the opinion reads.

Judge Bridget Bade dissented, arguing that the district judge’s discretion was proper because they weren’t residents of the district, among other arguments.

“To the extent that Plaintiffs allege that their iPhones were hacked through Apple’s iMessage or iCloud services, there is no allegation that Apple’s servers in California were exploited in so doing,” she wrote.