The worldwide spyware industry has been operating in the shadows for years, with only human rights organisations and journalists exposing it. According to the industry, it is in the business of combating crime and terrorism. However, its members frequently sell to governments that conflate the terms “criminal” and “terrorist” with “critic” and “dissent.”
Over the weekend, Forbidden Stories, a Paris-based media foundation, teamed up with a global consortium of news organisations, including the Post, to expose how phoney the promises of combating crime and terror are. According to the consortium, Israel’s NSO Group has marketed their signature spyware, Pegasus, to clients who have used it against the basic pillars of democratic life: press freedom, telecommunications freedom, and freedom of expression.
Pegasus, like other tools, converts journalists’ phones, opposition lawmakers’ phones, and nonviolent activists’ phones into real-time spying devices. Hundreds of journalists and politicians from Hungary, India, Mexico, Morocco, and other countries are among the phone numbers named as spyware targets in a leaked list.
Hundreds of companies compete for a slice of the lucrative private surveillance pie all around the world. Some apps allow for intrusions into a person’s phone or tablet. Others create surveillance software, malicious facial recognition software, direct access to Internet traffic, and user data and communications.
They sell and service their products to government clients regardless of their status. We are on the verge of a worldwide surveillance technology disaster, with an avalanche of tools being shared across borders and governments failing to impose export or usage restrictions.
The international community needs to act to rein in the global spyware industry. The following should be included in the endeavour. To begin, states should impose a ban on the sale and transfer of spyware technology until a worldwide export policy can detect and restrict these tools.
Governments should negotiate a regime that, among other things, carefully defines the technologies in question; requires transparent human-rights assessments for the development and transfer of any such tools; includes a public registry of tools, companies, and clients; and allows public comment in the case of any export application. If a worldwide regime fails to be bold enough, democratic countries should agree to prohibit both domestic and international use of spyware.
The European Union just took a small step toward regulating surveillance technology trade, not only because of the threat to national security, but also because of the threat to human rights. However, the fact that Viktor Orban’s government in Hungary is listed as a client of NSO Group in the Pegasus Project demonstrates why simply regulating the trade in spyware systems is insufficient. After all, European officials are disingenuous in seeking restrictions on the trade in spyware systems when Europeans market the techniques of choice. It’s even more difficult to be credible when the European Union uses the latest spyware techniques to track dissent.
Israel’s double standard is particularly evident. NSO Group, as well as other spyware companies such as Candiru, which Microsoft accused of selling tools to get into Windows last week, are based in the country. It is critical that Israel reins in its spyware industry and joins democratic nations in combating the spread of technology that mimic commercial intelligence agencies. Second, export control isn’t the only instrument at your disposal for limiting spyware’s propagation.
For any use of spyware, governments adopting these technologies must establish transparent, rule-of-law-based criteria. Any government that does not adopt such rules ā or has a history of abuse ā should be placed on a global no-transfer list. Democracies and authoritarian governments are likely to split out soon. Third, spyware victims must be allowed to sue governments and firms participating in the monitoring sector.
Individuals are frequently victimised by agents working beyond their boundaries due to the prevalence of transnational repression, while domestic law frequently creates impediments to accountability. Those impediments must be removed. Finally, multi-stakeholder constraints must be imposed on the firms themselves. The UN Guiding Principles on Business and Human Rights, a global benchmark for corporate human rights practise, are said to be followed by the NSO Group. It, on the other hand, does not subject its policy to any independent review.
The international community should work toward a worldwide code of behaviour and halt the growth of spyware for repression, taking a leaf from the campaign to control the private mercenary sector. The current discoveries regarding NSO’s Pegasus software’s reach and dangers are the latest, and hopefully final, wake-up call for the private spyware sector to be reined in.
Track2Training 
You must be logged in to post a comment.