Of course governments could hack individuals they see as a major threat or even a minor annoyance. How many countries would bother? How would that individual retaliate, except by asking his government (lead by a President who also hates him) to take action? Still, hacking a phone is better than an invitation to an embassy where a different type of hacking may occur. (If the hacking is truly untraceable, how do you know who hack the phone?)

https://www.thedailybeast.com/jeff-bezos-investigation-finds-the-saudis-obtained-his-private-information

Bezos Investigation Finds the Saudis Obtained His Private Data

… Bezos directed me to “spend whatever is needed” to learn who may have been complicit in the scheme, and why they did it.

That investigation is now complete. As has been reported elsewhere, my results have been turned over to federal officials. Since it is now out of my hands, I intend today’s writing to be my last public statement on the matter. Further, to respect officials pursuing this case, I won’t disclose details from our investigation. I am, however, comfortable confirming one key fact:

Our investigators and several experts concluded with high confidence that the Saudis had access to Bezos’ phone, and gained private information. As of today, it is unclear to what degree, if any, AMI was aware of the details.

… Experts with whom we consulted confirmed New York Times reports on the Saudi capability to “collect vast amounts of previously inaccessible data from smartphones in the air without leaving a trace—including phone calls, texts, emails”—and confirmed that hacking was a key part of the Saudis’ “extensive surveillance efforts that ultimately led to the killing of [Washington Post] journalist Jamal Khashoggi.”

… Saudi Arabia attacks people in many ways, obviously, including through their elaborate social media program that uses sophisticated technology and paid surrogates to create artificially trending hashtags.

Mark Zuckerberg supports the GDPR?

https://www.washingtonpost.com/opinions/mark-zuckerberg-the-internet-needs-new-rules-lets-start-in-these-four-areas/2019/03/29/9e6f0504-521a-11e9-a3f7-78b7525a8d5f_story.html?noredirect=on&utm_term=.29b062d4baa0

Opinion | Mark Zuckerberg: The Internet needs new rules. Let’s start in these four areas.

… I believe we need new regulation in four areas: harmful content, election integrity, privacy and data portability.

… Third, effective privacy and data protection needs a globally harmonized framework. People around the world have called for comprehensive privacy regulation in line with the European Union’s General Data Protection Regulation, and I agree. I believe it would be good for the Internet if more countries adopted regulation such as GDPR as a common framework.

New privacy regulation in the United States and around the world should build on the protections GDPR provides. It should protect your right to choose how your information is used — while enabling companies to use information for safety purposes and to provide services. It shouldn’t require data to be stored locally, which would make it more vulnerable to unwarranted access. And it should establish a way to hold companies such as Facebook accountable by imposing sanctions when we make mistakes.

I also believe a common global framework — rather than regulation that varies significantly by country and state — will ensure that the Internet does not get fractured, entrepreneurs can build products that serve everyone, and everyone gets the same protections.

As lawmakers adopt new privacy regulations, I hope they can help answer some of the questions GDPR leaves open. We need clear rules on when information can be used to serve the public interest and how it should apply to new technologies such as artificial intelligence.