Imagine a government with the power to spy on any critic, reporter or activist. A state with the capacity to extort or silence by tracking not just a person’s movements, but their conversations, contacts, photographs, notes and e-mails — the entire content of one’s digital life.
This might sound like something from dystopian fiction, but such targeted surveillance is a grim reality of the digital age. It is increasingly a tool of repressive governments to stifle debate, criticism and journalism.
Over and over, researchers and journalists have been uncovering evidence of governments, with the help of private companies, inserting malware through surreptitious means into the smartphones, laptops and other devices belonging to people they are seeking to suppress: people who play essential roles in democratic life, facilitating the public’s right to information.
It does not end there — sometimes surveillance ends with the targets in detention, under physical assault or even murdered.
Just last month WhatsApp sued an Israeli surveillance company, the NSO Group, in a US court. The case alleges that the messaging platform was compromised by NSO technology, specifically to insert its signature product — spyware known as Pegasus — onto at least 1,400 devices, which enabled government surveillance.
The NSO Group has rejected the allegation.
With Pegasus in their hands, governments have access to the seemingly endless amount of personal data in people’s pockets.
The University of Toronto’s CitzenLab has found that the Pegasus spyware is used in 45 countries.
The global surveillance industry — in which the NSO Group is just one of many dozens, if not hundreds, of companies — appears to be out of control, unaccountable and unconstrained in providing governments with relatively low-cost access to the sorts of spying tools that only the most advanced state intelligence services were previously able to use.
The industry and its defenders say this is a price to pay for confronting terrorism.
Some liberty must be sacrificed to protect people from another attack such as was seen on Sept. 11, 2001, they say.
As one well-placed person claimed to me, such surveillance is “mandatory,” and what is more, it is “complicated, to protect privacy and human rights.”
All I can say is: Give me a break.
The companies hardly seem to be trying — and, more importantly, neither are the governments that could do something about it.
Governments have been happy to have these companies help them carry out this dirty work.
This is not a question of governments using tools for lawful purposes and incidentally or inadvertently sweeping up some illegitimate targets. This is using spyware technology to target vulnerable yet vital people whom healthy democracies need to protect.
On the surface, it seems that constraining the global spyware industry could be impossible. The companies operate in an environment that brings together the shadowy worlds of intelligence and counter-terrorism, which are notoriously difficult for outsiders to penetrate or regulate.
Many say that constraining exports of such software would be folly, since Chinese surveillance companies would step in where Western companies bow out.
These are obstacles, but they are not arguments to avoid what has to be done to protect human rights. The push toward genuine reform must begin now, it must be global and it should involve the following steps.
First, governments must control the export of spyware. There are already existing frameworks to restrict the export of technology that has military as well as commercial use. The most relevant, the Wassenaar Arrangement, should be updated to go beyond “dual-use” technology, and cover spyware that is used to attack human rights.
In turn, all governments would have to commit to implement globally agreed export controls.
For now, there is only one effective response in the face of such rampant abuse: Stop all sales and transfers of the technology.
In a report I presented to the UN in June, I called for an immediate moratorium on the transfer of spyware until viable international controls are in place. It is time for a genuine campaign to end unaccountable surveillance.
Second, companies must implement effective controls on their own technologies. The NSO Group, to its credit, has committed to observing the UN guidelines for businesses and human rights, but effective control means more than self-regulating policies. It means disclosure of clients and uses of technology, strict rules against misuse to violate human rights, regular monitoring and kill switches where rights are violated.
It also requires commitments from the companies not to transfer their technology to persistent human rights offenders nor to countries that lack rule-of-law controls on surveillance — and a refusal to support the use of the spyware for illegitimate purposes. These controls should be backed up by government sanctions for misuse.
Third, it is exceedingly difficult for the victims of spyware to hold governments, or the complicit companies, accountable for abuse and misuse.
Governments should make such legal actions possible, changing their laws to enable claims against companies or governments that are responsible for illegal surveillance — a kind of universal jurisdiction for lawsuits to control the spread of this pernicious technology.
There are few better examples of the dark side of the digital age than the private surveillance industry and its tools of repression. It is well past time to bring it under control.
David Kaye is a law professor at the University of California, Irvine, and the UN special rapporteur on freedom of expression.
China has long sought shortcuts to developing semiconductor technologies and local supply chains by poaching engineers and experts from Taiwan and other nations. It is also suspected of stealing trade secrets from Taiwanese and US firms to fulfill its ambition of becoming a major player in the global semiconductor industry in the next decade. However, it takes more than just money and talent to build a semiconductor supply chain like the one which Taiwan and the US started to cultivate more than 30 years ago. Amid rising trade and technology tensions between the world’s two biggest economies, Beijing has become
With a new White House document in May — the “Strategic Approach to the People’s Republic of China” — the administration of US President Donald Trump has firmly set its hyper-competitive line to tackle geoeconomic and geostrategic rivalry, followed by several reinforcing speeches by Trump and other Cabinet-level officials. By identifying China as a near-equal rival, the strategy resonates well with the bipartisan consensus on China in today’s severely divided US. In the face of China’s rapidly growing aggression, the move is long overdue, yet relevant for the maintenance of the international “status quo.” The strategy seems to herald a new
To say that this year has been eventful for China and the rest of the world would be something of an understatement. First, the US-China trade dispute, already simmering for two years, reached a boiling point as Washington tightened the noose around China’s economy. Second, China unleashed the COVID-19 pandemic on the world, wreaking havoc on an unimaginable scale and turning the People’s Republic of China into a common target of international scorn. Faced with a mounting crisis at home, Chinese President Xi Jinping (習近平) rashly decided to ratchet up military tensions with neighboring countries in a misguided attempt to divert the
Toward the end of former president Ma Ying-jeou’s (馬英九) final term in office, there was much talk about his legacy. Ma himself would likely prefer history books to enshrine his achievements in reducing cross-strait tensions. He might see his meeting with Chinese President Xi Jinping (習近平) in Singapore in 2015 as the high point. However, given his statements in the past few months, he might be remembered more for contributing to the breakup of the Chinese Nationalist Party (KMT). We are still talking about Ma and his legacy because it is inextricably tied to the so-called “1992 consensus” as the bedrock of his
RSS