Executive Order Targets Spyware Misuse
President Biden signed an executive order on Monday to restrict the American government's use of powerful surveillance tools, known as commercial spyware. These tools have been abused worldwide by both autocracies and democracies to spy on political dissidents, journalists, and human rights activists.
Booming Global Market for Commercial Spyware
Commercial spyware, such as Pegasus from Israeli firm NSO Group, enables governments to hack private citizens' mobile phones and access data. The market for these surveillance tools is rapidly growing, with some U.S. government agencies studying or deploying the technology.
U.S. Government Personnel Targeted by Spyware
On Monday, a senior administration official revealed that at least 50 U.S. government personnel in 10 countries had been hacked with spyware, a higher number than previously known. Commercial spyware, including Pegasus, has been used against American government officials overseas.
Executive Order Details and Exceptions
The executive order prohibits federal departments and agencies from using commercial spyware that might be abused by foreign governments, target Americans overseas, or pose security risks if installed on U.S. government networks. It does not cover tools built by American intelligence agencies and allows for some exceptions.
Drug Enforcement Administration's Use of Spyware
The Drug Enforcement Administration (DEA) has used an Israeli-made tool called Graphite, developed by Paragon, in counternarcotics operations. American officials have indicated they have no plans to terminate the DEA's use of the tool but would reconsider if evidence of abuse by other governments emerges.
Congress Addresses Foreign Spyware Risks
In December, Congress passed a bill granting the director of national intelligence the power to prohibit the intelligence community from purchasing foreign spyware and required submitting a "watch list" identifying foreign spyware firms that pose risks to American intelligence agencies.
Conditions for U.S. Government Spyware Use
The executive order mandates that American government agencies must determine that commercial spyware tools do not "pose significant counterintelligence or security risks to the United States government or significant risks of improper use by a foreign government or foreign person" for use.
Summit for Democracy and U.S. Leadership
The executive order will be central to Mr. Biden's message to the White House-sponsored Summit for Democracy later this week. The order demonstrates the United States' commitment to advancing technology for democracy and countering the misuse of commercial spyware.
Former Intelligence Operatives Face Restrictions
The director of national intelligence has issued new restrictions on former American intelligence operatives from taking lucrative jobs with foreign governments, including those developing advanced technologies to spy on their citizens.
NSO Group's Pegasus Spyware and Controversies
NSO Group, the most prominent seller of spyware, has seen its Pegasus spyware deployed against political dissidents and journalists by various governments. In November 2021, the Biden administration placed NSO and another Israeli spyware company on a Commerce Department blacklist.
U.S. Agencies' Purchase and Deployment of Pegasus
Several American government agencies have purchased or deployed Pegasus, including the Central Intelligence Agency and the Federal Bureau of Investigation. The FBI purchased Pegasus and tested it for two years but ultimately decided not to deploy the tool.