UK hosts multinational anti-spyware initiative

“As the threat from malicious use of cyber tools grows, working with like-minded partners is essential to tackle an issue which does not respect borders,” said UK Deputy Prime Minister, Oliver Dowden, ahead of the UK - France Cyber Proliferation conference in London. “I am proud that the UK is building on its existing capabilities and taking action as a world-leader on cyber threats and innovation.”

The UK government press release said those like-minded partners include 35 countries but the resulting statement of intent only lists 27. Two of those are the African Union and the Gulf Cooperation Council, which have 61 members between them. Unsurprisingly, the most prominent absentees include the West’s main antagonists: China, Russia, Iran, etc. And it seems the whole of Latin America was either excluded or didn’t feel like getting involved.

Also absent is major US ally Israel, possibly because it’s the home to the most notorious spyware maker NSO Group. “It’s powerful to see such a broad community come together to discuss how we can make the commercial intrusion sector work better for security and society,” said NCSC Director of Operations Paul Chichester.

“We need a thriving global cyber security sector to maintain the integrity of our digital society, and by working together to improve oversight and transparency in how this capability is being developed, sold and used, we can reduce the impact of the threat to us all.”

NSO is also absent among the companies associated with this pact, which includes US Big Tech firms Google, Meta, and Microsoft. The declaration itself is the usual verbose mumbo jumbo, which seems to amount to a pledge to do more about spyware proliferation. In practice it has the appearance of a NATO-style alliance, designed to counter perceived nefarious activity from China et al.

Only yesterday Reuters reported on Dutch intelligence agencies accusing the Chinese state of political cyber espionage. “It is important to ensure that espionage activities of this nature committed by China become public knowledge since this will help to increase international resilience to this type of cyber espionage,” said Dutch Defence Minister Kajsa Ollongren.

Earlier this week, perhaps not coincidentally, the US announced ‘a new policy today that will allow the imposition of visa restrictions on individuals involved in the misuse of commercial spyware.’ The announcement claims to be concerned about the preservation of civil liberties but, more likely, it’s just seeking to maintain the control and use of such technology for itself. Seperately, the US revealed details of a successful Chinese hacking campaign against it.

Lastly, also coinciding with this anti-spyware initiative is a new report from Google that expresses concern about the negative effect the commercial surveillance industry might have on individual freedoms. ‘If governments ever claimed to have a monopoly on the most advanced cyber capabilities, that era is over,’ it laments.

Spyware is a major threat to civil liberties, especially at a time when everyone is so reliant on their phones and even one of the world’s richest men can have his hacked. So it’s good that a cabal of US allies have decided more needs done about it. But the nature of the group suggests this is a geopolitical alliance against state espionage, however much they try to dress it up as concern for the individual.