Biden executive order limits government use of commercial spyware
Biden executive order limits government use of commercial spyware
Expand
Getty Images
President Joe Biden on Monday signed an executive order banning many federal government uses of commercial spyware, which has been increasingly used by other countries in recent years to surveil dissent , journalists and politicians.
The signing of the executive order came as administration officials told reporters that approximately 50 U.S. government personnel in at least 10 countries had been infected or targeted with such spyware, a number more important than previously known. Officials did not give details.
Commercial spyware is sold by a host of companies, the best known being NSO Group of Israel. The company sells a hacking tool known as Pegasus that can surreptitiously compromise iPhones and Android devices using "no-click" exploits, meaning they require no user interaction. By sending a text message or ringing the device, Pegasus can install spyware that steals contacts, messages, geographical locations, etc., even when the text or call is not answered. Other companies selling commercial spyware include Cytrox, Candiru, and Paragon.
While NSO describes Pegasus as a "lawful interception" tool sold only to legitimate law enforcement to investigate crime and terrorism. Mexico, India, Saudi Arabia, United Arab Emirates, Morocco and other countries have been caught deploying it against political dissidents, journalists and other citizens who are not accused of no crime. In November 2021, the Biden administration restricted the export, re-export, and transfer into the country of products from NSO and three other companies in Israel, Russia, and Singapore.
Monday's executive order goes further by prohibiting federal agencies, including those engaged in law enforcement, defense or intelligence activities, from "operational use" of commercial spyware.
"The proliferation of commercial spyware poses distinct and growing counterintelligence and security risks to the United States, including the safety and security of U.S. government personnel and their families," a statement read. fact sheet published by the White House. "U.S. government personnel overseas have been targeted with commercial spyware, and unreliable vendors and commercial tools can pose significant risks to the security and integrity of government information and information systems. American."
White House officials do not name the specific spyware that is prohibited, but the use of the term commercial spyware strongly implies that it includes tools sold by NSO, Cytrox, Candiru and others. Criteria for tools falling under the order include if:
they are abused by a foreign government in an attempt to gain access to a US citizen's device
a foreign actor deploys them against activists or dissidents for the purpose of intimidating or curbing dissent or opposition or suppressing expressions of free speech
they are provided to governments for which there are credible reports that they engage in systematic acts of political repression.
Officials declined to say whether US law enforcement and intelligence agencies currently use commercial spyware. Last year, the FBI confirmed a New York Times report that the bureau purchased NSO Group's Pegasus tool to test and evaluate products, but said they weren't being used...
President Joe Biden on Monday signed an executive order banning many federal government uses of commercial spyware, which has been increasingly used by other countries in recent years to surveil dissent , journalists and politicians.
The signing of the executive order came as administration officials told reporters that approximately 50 U.S. government personnel in at least 10 countries had been infected or targeted with such spyware, a number more important than previously known. Officials did not give details.
Commercial spyware is sold by a host of companies, the best known being NSO Group of Israel. The company sells a hacking tool known as Pegasus that can surreptitiously compromise iPhones and Android devices using "no-click" exploits, meaning they require no user interaction. By sending a text message or ringing the device, Pegasus can install spyware that steals contacts, messages, geographical locations, etc., even when the text or call is not answered. Other companies selling commercial spyware include Cytrox, Candiru, and Paragon.
While NSO describes Pegasus as a "lawful interception" tool sold only to legitimate law enforcement to investigate crime and terrorism. Mexico, India, Saudi Arabia, United Arab Emirates, Morocco and other countries have been caught deploying it against political dissidents, journalists and other citizens who are not accused of no crime. In November 2021, the Biden administration restricted the export, re-export, and transfer into the country of products from NSO and three other companies in Israel, Russia, and Singapore.
Monday's executive order goes further by prohibiting federal agencies, including those engaged in law enforcement, defense or intelligence activities, from "operational use" of commercial spyware.
"The proliferation of commercial spyware poses distinct and growing counterintelligence and security risks to the United States, including the safety and security of U.S. government personnel and their families," a statement read. fact sheet published by the White House. "U.S. government personnel overseas have been targeted with commercial spyware, and unreliable vendors and commercial tools can pose significant risks to the security and integrity of government information and information systems. American."
White House officials do not name the specific spyware that is prohibited, but the use of the term commercial spyware strongly implies that it includes tools sold by NSO, Cytrox, Candiru and others. Criteria for tools falling under the order include if:
they are abused by a foreign government in an attempt to gain access to a US citizen's device
a foreign actor deploys them against activists or dissidents for the purpose of intimidating or curbing dissent or opposition or suppressing expressions of free speech
they are provided to governments for which there are credible reports that they engage in systematic acts of political repression.
Officials declined to say whether US law enforcement and intelligence agencies currently use commercial spyware. Last year, the FBI confirmed a New York Times report that the bureau purchased NSO Group's Pegasus tool to test and evaluate products, but said they weren't being used...
Expand
Getty Images
