Imagine a government with the power to spy on any critic, reporter or activist. A state with the capacity to extort or silence by tracking not just a person’s movements, but their conversations, contacts, photographs, notes and e-mails — the entire content of one’s digital life.
This might sound like something from dystopian fiction, but such targeted surveillance is a grim reality of the digital age. It is increasingly a tool of repressive governments to stifle debate, criticism and journalism.
Over and over, researchers and journalists have been uncovering evidence of governments, with the help of private companies, inserting malware through surreptitious means into the smartphones, laptops and other devices belonging to people they are seeking to suppress: people who play essential roles in democratic life, facilitating the public’s right to information.
It does not end there — sometimes surveillance ends with the targets in detention, under physical assault or even murdered.
Just last month WhatsApp sued an Israeli surveillance company, the NSO Group, in a US court. The case alleges that the messaging platform was compromised by NSO technology, specifically to insert its signature product — spyware known as Pegasus — onto at least 1,400 devices, which enabled government surveillance.
The NSO Group has rejected the allegation.
With Pegasus in their hands, governments have access to the seemingly endless amount of personal data in people’s pockets.
The University of Toronto’s CitzenLab has found that the Pegasus spyware is used in 45 countries.
The global surveillance industry — in which the NSO Group is just one of many dozens, if not hundreds, of companies — appears to be out of control, unaccountable and unconstrained in providing governments with relatively low-cost access to the sorts of spying tools that only the most advanced state intelligence services were previously able to use.
The industry and its defenders say this is a price to pay for confronting terrorism.
Some liberty must be sacrificed to protect people from another attack such as was seen on Sept. 11, 2001, they say.
As one well-placed person claimed to me, such surveillance is “mandatory,” and what is more, it is “complicated, to protect privacy and human rights.”
All I can say is: Give me a break.
The companies hardly seem to be trying — and, more importantly, neither are the governments that could do something about it.
Governments have been happy to have these companies help them carry out this dirty work.
This is not a question of governments using tools for lawful purposes and incidentally or inadvertently sweeping up some illegitimate targets. This is using spyware technology to target vulnerable yet vital people whom healthy democracies need to protect.
On the surface, it seems that constraining the global spyware industry could be impossible. The companies operate in an environment that brings together the shadowy worlds of intelligence and counter-terrorism, which are notoriously difficult for outsiders to penetrate or regulate.
Many say that constraining exports of such software would be folly, since Chinese surveillance companies would step in where Western companies bow out.
These are obstacles, but they are not arguments to avoid what has to be done to protect human rights. The push toward genuine reform must begin now, it must be global and it should involve the following steps.