President Biden Forbids Spyware From Government Use

Uploaded on 2023-04-05 in NEWS-News Analysis, GOVERNMENT-National, FREE TO VIEW

US President Joe Biden has approved a new Executive Order (EO) that bans government use of any commercial spyware products that have been used by foreign states. 

Foreign governments have deployed commercial spyware against US institutions, personnel, information, and information systems, presenting significant security risks.

This EO comes into force after as at least 50 US government officials are suspected or confirmed to have been targeted by spyware designed to hack mobile phones - far more than previously known.

The misuse of spyware includes surveillance and communications interception on citizens, political dissidents, politicians, activists, and other individuals. The ruling applies to all tools that are used for spying purposes to suppress civil liberties or human rights. 

The EO notably includes commercial spyware tools produced by Israel's NSO Group, which has been identified in several campaigns against human rights activists and dissidents. “Technology is central to the future of our national security, economy, and democracy.  The EO refers to the US fundamental national security and foreign policy interests in: 

  • "Ensuring that technology is developed, deployed, and governed in accordance with universal human rights; the rule of law; and appropriate legal authorisation, safeguards, and oversight, such that it supports, and does not undermine, democracy, civil rights and civil liberties, and public safety."
  • "Mitigating, to the greatest extent possible, the risk emerging technologies may pose to United States Government institutions, personnel, information, and information systems,” says the EO.  “To advance these interests, the United States supports the development of an international technology ecosystem that protects the integrity of international standards development; enables and promotes the free flow of data and ideas .."

Governments around the world are known to collect large amounts of data for intelligence and law enforcement purposes, including communications from their own citizens. The proliferation of commercial spyware has made powerful tools newly available to smaller countries, but also created what researchers and human-rights activists warn are opportunities for abuse and repression. 

Commercial spyware of the sort produced by NSO and others is increasingly controversial. NSO and other commercial spyware firms claim their products are only sold to governments for legitimate law enforcement and other purposes, but reports suggest otherwise.

NSO Group is currently being sued by Apple and WhatsApp for deploying its spyware on hundreds of  customers’ devices without their knowledge. The firm has also been blacklisted by the Commerce Department.

WhiteHouse:     CNN:      Infosecurity Magazine:     Oodaloop:    CBS:     PBS:  

You Might Also Read: 

Pegasus Spyware Used To Target British Prime Minister:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

« TikTok Fined £12.7m For Breaching Child Protection Law
The Skills Gap Is Increasing Risk & Exposure To Attack »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

WEBINAR: How To Build And Implement An Effective Endpoint Detection And Response Strategy

WEBINAR: How To Build And Implement An Effective Endpoint Detection And Response Strategy

Join this webinar to learn how the cloud threat landscape is evolving and organizations are deploying more advanced and capable security controls at scale.

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

TrustedIA

TrustedIA

TrustedIA - safeguarding your business, it's critical assets, information, reputation and brand.

Original Software

Original Software

Original Software offers a test automation solution focused completely on the goal of effective software quality management.

Syhunt Security

Syhunt Security

Syhunt is a leading player in the web application security field, delivering its assessment tools to a range of organizations across the globe.

Nehemia Security

Nehemia Security

Nehemiah Security delivers a security risk management and analytics platform that empowers business leaders to make better, more actionable decisions.

Haventec

Haventec

Haventec’s internationally patented technologies reduce cyber risk and enable pervasive trust services with a decentralised approach to authentication.

CashShield

CashShield

CashShield is an end-to-end fraud management solution that blocks fraudulent activities such as account takeovers, fake accounts creation, fraudulent payments, loyalty fraud and more.

u-blox

u-blox

u-blox deliver leading wireless technology to reliably and securely locate and connect people and devices.

SIS Certifications (SIS CERT)

SIS Certifications (SIS CERT)

SIS Certifications is an ISO certification body serving more than 10,000 clients in over 15 countries worldwide.

Cloudrise

Cloudrise

Cloudrise are elevating cloud security, data protection, and privacy through assessment, technology enablement, and process automation.

Nu Quantum

Nu Quantum

Nu Quantum is developing quantum photonics hardware to power the quantum revolution in communications, sensing and computing.

Ironhack

Ironhack

Ironhack provide intensive training courses & bootcamps in Web Development, UX/UI Design, Data Analytics & Cybersecurity.

CyberGuard Technologies

CyberGuard Technologies

CyberGuard Technologies provides a suite of fully managed end-to-end security services from its 24/7 UK security operations centre.

Guidepost Solutions

Guidepost Solutions

Guidepost Solutions are a diverse, global team of investigators, experienced security and technology consultants, and compliance and monitoring experts.

Timus Networks

Timus Networks

Timus Networks enables today's work from anywhere organizations to secure their networks very easily and cost effectively.

Cylab - Carnegie Mellon University

Cylab - Carnegie Mellon University

Carnegie Mellon University CyLab is the University's security and privacy research institute.

Hush

Hush

Hush is a premium privacy service that gives people unprecedented visibility and control of their digital footprint. Hush assesses threats, and goes to work to eliminate digital risks on your behalf.