Biden’s spyware executive order gets mostly good reviews
How experts and lawmakers are sizing up a spyware executive order
The Biden administration on Monday debuted its long-awaited commercial spyware executive order, which lawmakers and experts greeted as a good — if incomplete and imperfect — answer to a technology that has been used to eavesdrop on government officials, journalists and dissidents.
It prohibits U.S. agencies from “operationally” using commercial spyware when they find that it poses a national security or counterintelligence risk to the United States. It also bars U.S. government use of spyware when there’s a major risk that foreign governments use such tools to violate human rights or target Americans. (“Operational use” under the order means accessing a computer remotely without permission for purposes such as tracking locations or stealing information.)
The White House paired the release of the executive order with the news that 50 U.S. government personnel appear to be or have been confirmed to be hacked by commercial malware, as Ellen Nakashima and I reported. A senior administration official told us that they were “astounded” by that number.
The White House is stressing that foreign governments have used spyware maliciously.
“The proliferation of commercial spyware poses distinct and growing counterintelligence and security risks to the United States, including to the safety and security of U.S. Government personnel and their families,” a White House fact sheet reads. “A growing number of foreign governments around the world, moreover, have deployed this technology to facilitate repression and enable human rights abuses, including to intimidate political opponents and curb dissent, limit freedom of expression, and monitor and target activists and journalists.”
But democratic governments have also used such spyware. Spyware made by the…