“At its best, the digital revolution will empower, connect, inform and save lives. At its worst, it will disempower, disconnect, misinform and cost lives.” While technology is obviously embraced by everyone, it is not a panacea to societal problems. Recently, the development of cyber technology known as Pegasus, a spyware tool, became a big concern around the world owing to its unprecedented level of intrusiveness, which threatens the essential of the right to privacy. Pegasus has the ability to interfere with the most aspects of our daily lives. According to a number of cybersecurity experts, Pegasus can stealthily penetrate a smartphone and gain access to everything on it, including its camera and microphone. Pegasus is designed to infiltrate devices running Android, Blackberry, iOS and Symbian operating systems and turn them into surveillance devices. It can read, send and receive messages that are supposed to be end-to-end encrypted, download store photos and can hear and record voice or video calls. As is widely known, Pegasus spyware was developed by an Israel technology firm known as ‘NSO Group’. This spyware is capable of remote zero-click surveillance of smartphones. Besides, Pegasus has been regarded as a world-leading cyber intelligence solution that enables law enforcement and intelligence agencies to remotely and covertly extract data from virtually any mobile devices. Since Pegasus hacks into the operating system, every activity within the phone can be monitored when the phone is switched on. It is as if someone is monitoring your phone activity over your shoulders. Consequently, the right to privacy in the digital age is at stake like never before. A question is whether the use of Pegasus doesn’t tamper with the fundamental right to privacy. Though this spyware was developed, as some say, to detect criminals and terrorists, it should be used in a manner that is not indiscriminate, illegal, or arbitrary. Otherwise its surveillance purpose will most probably violate the right to privacy. Undoubtedly, the use of Pegasus puts at stake the right to privacy. Of course, it goes without saying that use of Pegasus is at clash with the well-established human rights norms. Use of this spyware tool cannot constitute a permissible interference with the right to privacy. The current legal framework protects the fundamental right to privacy, allowing proportionate derogation only in national, not in private, interest. Arguably, the national security is alibi to the possible use of Pegasus spyware. However, it requires to adhere to international standards governing surveillance technology. From a human rights perspective, the 2011 UN Guiding Principles on Business and Human Rights are crystal clear: “The International Bill of Human Rights and the core ILO conventions provide the basic reference points for businesses in starting to understand what human rights are; how their own activities and business relationships may affect them; and how to ensure that they prevent or mitigate the risk of adverse impacts”. To States, they have binding obligations under international human rights law to protect human rights from abuse by third parties. This includes the obligation to regulate the conduct of companies who are domiciled there or are under their effective control in order to prevent them from causing or contributing to human rights abuses even if they occur in other countries. To companies, equally, the UN Guiding Principles on Business and Human Rights require that companies take proactive steps to ensure that they do not cause or contribute to human rights abuses within their global operations, and to respond to any human rights abuses when they do occur. In order to meet that responsibility, companies must carry out human rights due diligence to “identify, prevent, mitigate and account for how they address their human rights impacts.” The corporate responsibility to respect human rights exists independently of a state’s ability or willingness to fulfil its own human rights obligations and over and above compliance with national laws and regulations protecting human rights. States and companies in conjunction need to better regulate the sale, transfer and use of surveillance technologies and ensure strict oversight and authorization. A nation holds a primary responsibility, however. The right to privacy is an expression of human dignity and is linked to the protection of human autonomy and personal identity. As there’s no rule without an exception, any restriction on the right to privacy must satisfy the principle of proportionality and legitimacy. It is, however, essential to balance national security with constitutional rights, namely the right to privacy, the right to information, and press freedom. Interestingly, there are established procedures and protocols under the national laws through which lawful interception of electronic communication is carried out for national safety and security. The writer is a data protection and privacy expert.