US President Joe Biden on Monday signed an executive order that for the first time prohibits the government from using commercial spyware.
It blocks departments and agencies across the federal government from operationally using commercial spyware tools “that pose significant counter-intelligence or security risks to the US government or significant risks of improper use by a foreign government”.
“The proliferation of commercial spyware poses distinct and growing counter-intelligence and security risks to the United States, including to the safety and security of US personnel,” a senior Biden administration official said on Monday.
The White House said the move was aimed at protecting national security as a “growing number of foreign governments around the world have deployed this technology to facilitate repression and enable human rights abuse".
“We believe this executive order will also help spur reform in a largely unregulated and insufficiently controlled industry,” the official added.
The move comes as foreign-owned apps come under increasing scrutiny in the US. Most notably, politicians are pushing for an outright ban on TikTok, a move the Biden administration supports, over fears US data can be accessed by the Chinese government.
Between 2011 and 2023, at least 74 governments signed contracts with commercial firms to obtain spyware or digital forensics technology, according to data collected by Washington-based think tank Carnegie Endowment's for International Peace’s global inventory of commercial spyware and digital forensics.
The order also seeks to fill a gap in US departments and agency guidance on whether they could use these spyware tools, as some vendors were “aggressively” marketing to many of Washington's law enforcement, defence and intelligence components, the White House said.
“This is partly us getting ahead of a challenge for seeing the fact that there was no concrete, consistent standards across the US government,” the official added. "And also, as a result, allowing us to lead by example with other partners around the world."
The executive order also includes “concrete, remedial steps” that can be taken in a circumstance in which a company may argue that their cyber tools have not been misused.
The White House touted the new prohibitions as “a cornerstone deliverable” of this week's second Summit for Democracy, which Mr Biden will co-host with the leaders of Costa Rica, the Netherlands, South Korea and Zambia.
Washington's close ally Israel is the leading exporter of spyware and digital forensics tools documented in Carnegie's global inventory.
“Misuse of the powerful surveillance tools have not been limited to authoritarian regimes. Democratic governments also have confronted revelations that actors within their own systems have used commercial spyware to target their own citizens without proper legal authorisation, safeguards and oversight,” the administration official added on Monday.
The executive order applies to Washington's federal government departments and agencies, including those engaged in law enforcement, defence, or intelligence activities, and encompasses spyware tools furnished by foreign or domestic commercial entities.
