Biden Restricts Use of Commercial Hacking Tools By U.S. Agencies

President Biden restricted the use of commercial hacking tools throughout the federal government as officials believed high-powered spyware had compromised devices belonging to at least 50 U.S. personnel working overseas, The Wall Street Journal reported.

Mr. Biden signed an executive order that imposes rules limiting the acquisition and deployment of hacking tools from vendors who’s products have been linked to human-rights abuses or are deemed to pose counterintelligence or national security risks to the U.S. It also limits the purchasing of tools if they are sold to foreign governments considered to have poor records on human rights, The Wall Street Journal also reported.

The “Executive Order on Prohibition on Use by the United States Government of Commercial Spyware that Poses Risks to National Security” was signed by President Biden on March 27, 2023. Here are some key points from the Executive Order:

…Technology is central to the future of our national security, economy, and democracy. The United States has fundamental national security and foreign policy interests in (1) ensuring that technology is developed, deployed, and governed in accordance with universal human rights; the rule of law; and appropriate legal authorization, safeguards, and oversight, such that it supports, and does not undermine, democracy, civil rights and civil liberties, and public safety; and (2) mitigating, to the greatest extent possible, the risk emerging technologies may pose to the United States Government institutions, personnel, information, and information systems.

To advance these interests, the United States supports the development of an international technology ecosystem that protects the integrity of international standards development; enables and promotes the free flow of data and ideas with trust; protects our security, privacy, and human rights, and enhances our economic competitiveness.

The growing exploitation of Americans’ sensitive data and improper use of surveillance technology, including commercial spyware, threatens the development of this ecosystem. Foreign governments and persons have deployed commercial spyware against United States Government institutions, personnel, information, and information systems, presenting significant counterintelligence and security risks to the United States Government.

…Therefore, I hereby establish as the policy of the United States Government that it shall not make operational use of commercial spyware that poses significant counterintelligence or security risks to the United States Government or significant risks of improper use by a foreign government or foreign person…

The New York Times reported that the tools in question, known as commercial spyware, give governments the power to hack the mobile phones of private citizens, extracting data and tracking their movements. The global market for their use is booming, and some U.S. government agencies have studied or deployed the technology.

According to The New York Times, the executive order prohibits federal government departments and agencies from using commercial spyware that might be abused by foreign governments, could target Americans overseas, or could pose security risks if installed on U.S. government networks. The order covers only spyware developed and sold by commercial entities, not tools built by American intelligence agencies.

I think it is very clear that people don’t want to be spied upon through their phones. It makes sense for President Biden to prohibit the use of government spyware that poses risks.