Call now! (ID:316610)+1-855-211-0932
HomeSunset Host CoThe U.S. State Department announced the adoption of a new policy that enforces visa limitations on individuals associated with the illicit utilization of commercial spyware for monitoring civil society members.

The U.S. State Department announced the adoption of a new policy that enforces visa limitations on individuals associated with the illicit utilization of commercial spyware for monitoring civil society members.

In July 2021, the United States government announced a significant step in its efforts to curb the proliferation of illegal spyware surveillance tools by imposing visa restrictions on individuals believed to be involved in such activities. This move marked a notable escalation in the U.S. government’s response to the misuse of surveillance technology for nefarious purposes, including human rights abuses and violations of privacy.


The imposition of visa restrictions targeted individuals who were directly responsible for developing, manufacturing, distributing, or using spyware for malicious purposes. These restrictions aimed to prevent these individuals from entering the United States and highlighted the U.S. government’s commitment to holding accountable those involved in perpetrating or enabling human rights abuses through the misuse of technology.


The decision to impose visa restrictions came amidst growing concerns over the misuse of spyware by authoritarian regimes and other malicious actors to surveil and target journalists, activists, dissidents, and other vulnerable groups. Spyware tools, often marketed as legitimate surveillance solutions, have been increasingly abused to facilitate harassment, intimidation, and even physical harm against individuals perceived as threats to repressive regimes.


By imposing visa restrictions on individuals involved in illegal spyware surveillance, the U.S. government sent a clear message that it would not tolerate the abuse of technology to violate human rights or undermine privacy. This action was part of broader efforts by the U.S. to address the misuse of surveillance technology through diplomatic and legal means, including sanctions, export controls, and support for international initiatives aimed at promoting responsible behavior in cyberspace.


The imposition of visa restrictions underscored the importance of international cooperation in addressing the challenges posed by the proliferation of surveillance technology and highlighted the role of the United States in leading efforts to protect human rights and promote accountability in the digital age.


The U.S. State Department has announced the implementation of a novel policy aimed at addressing the misuse of commercial spyware to monitor members of civil society. Under this new policy, visa restrictions will be imposed on individuals with ties to the illicit use of commercial spyware for surveillance purposes.


Secretary of State Antony Blinken underscored the significance of this policy, emphasizing that the misuse of commercial spyware poses a threat to fundamental rights such as privacy, freedom of expression, peaceful assembly, and association. He noted that such misuse has been associated with severe human rights abuses, including arbitrary detentions, forced disappearances, and extrajudicial killings in the most egregious cases.


These latest measures reflect the ongoing commitment of the U.S. government to combat the proliferation of surveillance tools and promote accountability for those involved in their misuse. The policy specifically targets individuals who have utilized commercial spyware to unlawfully surveil, harass, suppress, or intimidate others, as well as those who stand to gain financially from such activities.


In addition to targeting individuals, the policy also extends to companies involved in the development and sale of spyware to governments and other entities. However, the enforcement of these new restrictions for individuals holding passports that do not require a visa for entry into the U.S. remains unclear.


Nevertheless, it has been observed that executives potentially affected by the ban would lose eligibility for the visa waiver program and would be required to apply for a visa to travel to the U.S., as reported by CyberScoop.


This development follows recent revelations by Access Now and the Citizen Lab regarding the targeting of 35 journalists, lawyers, and human rights activists in Jordan with NSO Group’s Pegasus spyware. In response, the U.S. government sanctioned NSO Group and Candiru, another spyware vendor, in November 2021 for their role in developing and supplying cyber weapons used to maliciously target various individuals.


President Joe Biden also took action by signing an executive order in early 2023 prohibiting federal government agencies from using commercial spyware that could pose national security risks. Furthermore, in July 2023, the U.S. placed Intellexa and Cytrox on a trade blocklist as part of its efforts to address the proliferation of dangerous surveillance tools.


According to an intelligence assessment by the U.K.’s Government Communications Headquarters (GCHQ) in April 2023, at least 80 countries have purchased commercial cyber intrusion software over the past decade. Google’s Threat Analysis Group (TAG) highlighted the role of numerous smaller vendors, such as Cy4Gate, Negg Group, and Variston, in facilitating the proliferation of such tools used by governments against individuals.


For instance, Cy4Gate, an Italian company that acquired RCS Lab in March 2022, is known for its Android and iOS spyware called Epeius. Negg Group, also based in Italy, develops mobile spyware known as VBiss, delivered via one-click exploit chains, and has been associated with another Android malware known as Skygofree.


“If there ever was a time when governments held exclusive access to the most advanced capabilities, that era has unquestionably passed,” stated TAG, noting its monitoring of nearly 40 companies possessing varying degrees of sophistication. “The private sector now contributes significantly to the deployment of the most advanced tools we encounter.”


This trend is exemplified by the fact that out of the 25 zero-day vulnerabilities exploited in the wild in 2023, 20 were weaponized by private sector offensive actors (PSOAs). Additionally, since 2014, commercial vendors have actively exploited 35 out of 72 zero-day vulnerabilities discovered in Google products.


“The evolution of surveillance technology often commences with the identification of a vulnerability and culminates in a government client gathering data from spyware installed on the device of a high-risk user,” TAG further elaborated, highlighting the roles fulfilled by exploit developers, exploit brokers, and the vendors themselves. These vendors offer spyware as a product complete with initial delivery mechanisms and exploits.