By Vijeth Shivappa
From many years, the global spyware industry has been operating in the dark, brought to the light only by human rights organizations like Amnesty International and journalists. This industry claims it is fighting crime and terrorism by helping governments agencies across the globe. But these companies sell these spywares to government agencies who uses it not only against “criminals” and “terror organizations” but also to snoop on their critics and opposition. We are on the abyss of a global surveillance & technology led catastrophe, with a tsunami of spywares shared around world and authorities failing to restrict their export or use.
Firms around the world are contending for a slice of this profitable private observation pie. Some enable intrusions into one’s phone or tablet. Others develop software for surveillance, for malicious intentions of facial recognition, for direct access to Internet traffic, and user data and communications. They sell and service their spywares for government customers without any concern to those government’s way of oppression and without appropriate and careful due diligence.
Pegasus like many commercially available Spywares, including Candiru, which Microsoft last week accused of selling tools to hack into Windows, makes the smartphones of the target individuals like opposition politicians, non-violent activists and the media into a spying device. A investigative reporting exercise revealed a 50,000 list of phone numbers identified as targets of this spyware that includes hundreds of journalists and politicians from India, France, Mexico, Morocco, Hungary, Venezuela to Cuba and some other countries. The list also included activists, businessmen and the legal fraternity.
The global industry bodies should take action to regulate the global spyware industry. Different governments must carry out a freeze on the sale and transfer of spyware software until a global export system can recognize and put these software tools under global moderation. Meanwhile, governments must negotiate a system which cautiously outlines the technologies at question. It also needs clear human-rights evaluation for the development and transfer of any such technologies. A public archive of spywares, establishments, and their clients must be made available.
It is very important for the countries to regulate its spyware industry and become a collective force against the proliferation of technologies that operate like commercial surveillance services. A strict export control is a must to regulate the proliferation of spyware. Governments using these technologies must put in place a crystal clear, law-of-the-land adherence for any use of spyware. Any government which fails to develop such requirements — or which has a sign of abuse — must be on a strict global embargo list. Democracies and authoritarian states will perhaps separate their paths quickly.
Taking a clue from its own attempt to restrict the private mercenary industry, the global community must work towards a global code of conduct and stop the propagation of spyware for suppression. The tenacity of global oppression is such that individuals often are harmed by actors operating beyond their borders, but domestic law often presents obstacles to liability. Those obstacles should be removed. The victims of spyware must be given the right to sue governments and companies involved in the surveillance industry.
The recent investigative revelations about the adverse impact of NSO’s Pegasus software are very fresh, a hot news globally & a matter of concern for many. What you are reading, hearing & seeing all over the media is just the tip of the iceberg. ‘there’s more to this than meets the eye’. I hope this would bell a final, wake-up call to regulate the spyware industry.
– The author is a senior executive at Hitachi Vantara and a member of the Technical Council of SNIA, a Global IT industry body. All views expressed are personal