The UK and France, alongside major tech companies like Google, Microsoft, and Meta, issued a joint statement acknowledging the urgent need for decisive action against the malicious exploitation of cyberespionage tools. At a conference convened by the UK and France with representatives from 35 nations, concerns were raised regarding the proliferation of spyware used to listen to phone calls, steal photos and remotely operate cameras and microphones.
The declaration emphasised the burgeoning spyware market's potential threat to both national security and individual rights, highlighting the risk posed by an expanding array of state and non-state actors gaining access to powerful surveillance technologies. To address these concerns, signatories pledged to employ these tools lawfully and responsibly, advocating for precision in their use, enhanced oversight mechanisms, and increased transparency in dealings with commercial spyware vendors. The statement cautioned that failure to impose stricter controls would embolden malicious actors to engage in espionage activities.
Furthermore, the declaration drew attention to the role of spyware in facilitating hacking-for-hire campaigns. While spyware firms often tout their products as essential tools for national security, evidence has revealed widespread misuse, including targeting civil society members, political dissidents, and journalists over the past decade.
The industry faced heightened scrutiny following revelations of the NSO Group's Pegasus spyware infiltrating the devices of numerous individuals globally, including human rights advocates. Recently, Google researchers identified numerous smaller firms, besides the well-known NSO, that enable the proliferation of spy technology for malicious purposes and urge action against the spyware industry.