Digital surveillance and state-sponsored malware are added to the Wassenaar Arrangement on controlling exports
Privacy groups are celebrating after an agreement on controlling the export of surveillance malware was formed in Vienna, Austria.
A proposal from the UK government for the Wassenaar Arrangement, a multilateral export control regime, recommended adding a category on “Advanced Persistent Threat Software and related equipment (offensive cyber tools)”, otherwise known as state-sponsored malware.
A French proposal suggested adding a category on “IP network surveillance systems”. Both were accepted into the Wassenaar Arrangement, although it is not legally binding. Participating countries will be able to decide on whether they want to incorporate the additional controls.
‘A big day’ in fight against surveillance malware
Privacy International was cautious about the impact of the decision in Vienna, but was convinced this would make an impact on companies such as Britain’s Gamma International, which produces the FinFisher spying tool, and Italy’s Hacking Team, which offers competing technology.
Both have faced criticism after their code was uncovered in nations with poor human rights records.
“For the first time, intrusion technology such as those that Finfisher and Hacking Team sell will be explicitly and directly controlled for what that are – surveillance technologies,” Eric King, head researcher at Privacy International, told TechWeekEurope.
“When implemented at a national level, licences will be required before the technology can be exported allowing exporting governments to prevent repressive regimes from purchasing technology from immoral surveillance vendors.
“This is a big day for those who have been campaigning for export controls on surveillance technology, but a lot more needs to be done to ensure these controls are implemented correctly and that other kinds of surveillance technologies are brought under similar controls.”
What do you know about Internet security? Find out with our quiz!