Biden signs executive order to clamp down on commercial spyware
President Joe Biden signed an executive order on Monday cracking down on the US government’s use of commercial spyware, citing the surveillance tool’s risks to national security and potential misuse by foreign actors.
“The proliferation of commercial spyware poses unique and growing counterintelligence and security risks to the United States,” the White House said in a statement.
“This executive order seeks to ensure that any use of commercial espionage by the US government is consistent with the core national security and foreign policy interests of the United States in protecting and promoting democratic processes and institutions, and respect for human rights,” he said.
‘Israeli espionage increased worldwide during Netanyahu’s previous tenure’
– Congressional assistance
Alexandra Seymour, associate fellow for the technology and national security program at the Center for a New American Security (CNAS), told Middle East Eye that the executive order reflected Washington’s recognition of the emerging threat from commercial espionage.
There is strong interest in technology that allows users to secretly hack into mobile phones, access their private data or turn them into tracking and recording devices to spy on their owners.
“The trade of this technology has not only boomed with authoritarian regimes but increasingly in democratic countries and key US allies,” Seymour said.
Israel is the top country of origin for spyware, according to an industry data set maintained by the Carnegie Endowment for International Peace in Washington.
The executive order comes as the Biden administration prepares to launch its second annual Democracy Summit where the United States will host an event on the misuse of technology, with Secretary of State Anthony Blinken and national security director Avril Haines to speak.
The Congress addressed calls to take a more active role on the issue from the Congress.
“This was deliberate timing ahead of the summit,” said a senior MEE congressional aide on condition of anonymity. “The administration understands that there is broad bipartisan concern about the unchecked growth of commercial spyware and risks to US citizens.”
The Intelligence Authorization Act of 2023 included a provision requiring former intelligence agency employees to report their work with commercial espionage companies.
‘We are seeing a ‘substitution effect’ when firms such as Intellexa step in after problems for the NSO group’
– Steven Feldstein, Carnegie Endowment for International Peace
Lawmakers expanded the parameters under which the president can ban Americans from providing support to security agencies that use surveillance technology against journalists, human rights defenders and opposition politicians.
Those efforts were spearheaded by Democratic Congressman Jim Himes, a ranking member of the House Intelligence Committee, who spearheaded a letter last September to the State and Commerce Departments calling for more action. make foreign commercial espionage goods.
Hime’s office did not respond to MEE’s request for comment by the time of publication.
The US plays a major role in the global espionage trade. Washington sold forensic technology to the Nigerian security services. During the Trump administration, the CIA even acquired Pegasus espionage for the Djibouti government.
The Biden administration’s executive order makes a de facto nod to Washingtons use of espionage by ordering the ban only when US national security is at risk.
‘Israel’s spyware nexus’
US allies are also major consumers and producers, particularly in the Middle East.
“When you look at the various vendors of espionage, it’s very clear that the Israeli industry leads the world,” said Steven Feldstein, an expert at the Carnegie Endowment for International Peace in Washington, DC.
Analysts and congressional aides active in espionage say the Biden administration’s executive order in Israel will be watched carefully. In 2021, the administration blacklisted NSO group – spyware maker Pegasus – and another Israeli firm Candiru.
“That singular decision essentially helped bankrupt the NSO group,” Feldstein told MEE.
Jordan: Activists’ phones hacked with Israeli Pegasus spyware, privacy groups say
Read more ”
Israeli diplomats lobbied against the ban, according to Axios.
Although Israel was not named in the provisions of the 2023 Information Authorization Act, congressional aides tell MEE that the Israeli embassy lobbied heavily against them as well.
“It is clear that there is a link between the interest of the Israeli government and the country that maintains a strong surveillance sector. They are concerned about US regulations,” Feldstein said.
Lawmakers on the House intelligence committee are already considering spyware provisions in the next Intelligence Authorization Act, sources tell MEE. They are energized by the new executive order, but also the return of Benjamin Netanyahu to power in Israel, aides say.
“Israeli espionage increased globally during Netanyahu’s previous tenure. Why would this time be any different,” said a congressional aide to MEE.
Israel has effectively used its spy industry to build diplomatic bridges throughout the Middle East. Saudi Arabia received spyware from the NSO group, Cellebrite, and Candiru. Morocco, caught up in a global spyware scandal, acquired NSO technology, as did the UAE.
‘Spyware is a growing market’
The new executive order sets out risk factors before federal agencies and departments can buy spyware, including whether a foreign actor has used the technology to spy on the US government or whether the company has provided “credible reports” on “systemic actions” for foreign governments. political repression”.
Another risk factor is whether a company’s spyware has been used against a “US person”.
The issue of spyware deployed against American citizens has come to the fore in an ongoing surveillance scandal in Greece after the New York Times revealed in March that a dual Greek US national had been hacked with Predator spyware , which marked the first time he became an American citizen. targeted in an EU country with the technology.
Greece, a NATO country and a key US ally in the Eastern Mediterranean, has been shocked by revelations that its intelligence agency has carried out a mass surveillance campaign against journalists, politicians and opposition figures.
Greek police raid offices of Israeli spyware firm
Read more ”
The case has drawn attention to Intellexa, a niche spyware firm run by a former Israeli general with offices in Greece, Cyprus and Malta. Greece also granted Intellexa licenses to export predatory espionage abroad, including to Madagascar, which has a history of political repression.
“The abuse of these powerful surveillance tools is not limited to authoritarian regimes,” a senior Biden administration official said Monday, announcing the executive order.
“Democratic governments have also grappled with revelations that actors within their own systems have used commercial espionage to target their own citizens without proper legal authorization, safeguards and oversight.”
Feldstein, from Carnegie, said the emergence of niche firms shows that the espionage industry is adapting to new pressures and looking for loopholes in countries with weak institutions to continue exporting their products.
“We are seeing a ‘substitution effect’ where firms like Intellexa come in after problems for the NSO group and a shift in the market with less sophisticated vendors and fly-by-night operators filling the void.”
“Spyware is a growing market,” he said.