For the last year, Citizen Lab has written five separate reports that document extensive abuse of, and lack of controls around the use of spyware manufactured by the Israeli cyber warfare company, NSO Group.
These reports are part of a larger interest we have at the Citizen Lab in the lack of controls around the spyware market, from weak or nonexistent export controls of countries in which spyware companies are headquartered, to opaqueness around the market for cyber security, to an absence of due diligence on the part of companies themselves to know their clients.
A growing number of our reports has shown how the products and services of this largely unregulated market end up facilitating abuses in which journalists, human rights defenders, and others end up being targeted by powerful software ostensibly limited to governments to fight terrorists and investigate crime.
In a previous publication, my colleague Sarah McKune and I outlined a checklist of measures that could be taken to reign in the abuse of commercial spyware. As part of that more comprehensive approach, we have suggested that the industry should be encouraged to adopt “voluntary yet genuine accountability frameworks and human rights-oriented policies and practices.”
To that end, we are today sending a letter to the Blackstone Group, an American private equity, asset management, and financial services firm in the process of considering acquiring a large stake in the NSO Group.
Should Blackstone Group’s acquisition of NSO Group proceed, we hope our letter will encourage them to exercise stronger due diligence over NSO Group’s sales, and help ensure that the company itself better manages the end-uses of its products.
Read the letter here: https://citizenlab.ca/2017/07/open-letter-to-blackstone-possible-nso-acquisition/
PDF here: https://citizenlab.ca/wp-content/uploads/2017/07/Blackstone_open_letter_NSO_group_citizen_lab.pdf