Biden Restricts the Government Use of Commercial Spyware

In what the White House says is a precedent-setting move, President Biden has signed an executive order prohibiting use by the U.S. Government of “commercial spyware,” powerful cyber technology used by state actors to spy on journalists, dissidents and human rights activists. The White House defined the class of apps as “sophisticated and invasive cyber surveillance tools sold by vendors to access electronic devices remotely, extract their content, and manipulate their components, all without the knowledge or consent of the devices’ users,” explaining such technology “has proliferated in recent years with few controls and high risk of abuse.”

Commercial spyware has “been abused by both autocracies and democracies around the world,” The New York Times reports, noting the tools in question ”give governments the power to hack the mobile phones of private citizens, extracting data and tracking their movements.”

The “booming” worldwide market for such products includes the Israeli-made Pegasus, from the NSO Group, which has been used to surveil U.S. government officials overseas, NYT says, writing that “a senior administration official said that at least 50 U.S. government personnel in at least 10 countries had been hacked with spyware, a larger number than was previously known.”

The executive order prohibits federal agencies and departments from using commercial spyware or installing it on U.S. government networks. “Untrustworthy commercial vendors and tools can present significant risks to the security and integrity of U.S. government information and information systems,” the White House explains in its news release.

The order does not apply to tools created by American intelligence agencies for their own use, but focuses on products that are commercially distributed. Even then, there are exceptions for agencies such as the Drug Enforcement Administration, which has been known to deploy the Graphite tool, developed by the Israeli firm Paragon.

The executive order was signed on the eve of the second Summit for Democracy, a two-day event that President Biden is co-hosting with the leaders of Costa Rica, the Netherlands, South Korea and Zambia. It also comes on the heels of “new restrictions on former American intelligence operatives from taking lucrative jobs with foreign governments, including some that are developing advanced technologies to spy on their citizens,” NYT reports.

According to SiliconAngle, the order is “intended to grapple with the rapidly growing international marketplace of cyber intrusion tools that can break into someone’s phone — often with malware that doesn’t require a victim to click on a malicious link or attachment.”

No Comments Yet

You can be the first to comment!

Leave a comment

You must be logged in to post a comment.