UK and France to launch consultation on misuse of commercial cyber intrusion tools
The UK and France will begin a consultation as part of the Pall Mall Process to address the misuse of commercial cyber intrusion tools, involving input from states, industry, and civil society experts.
The United Kingdom and France are set to initiate a consultation on addressing the proliferation and irresponsible use of commercial cyber intrusion tools, according to a UK government announcement.
The consultation is part of the Pall Mall Process, a joint UK-French effort focused on addressing the misuse of commercial hacking tools like spyware. The Pall Mall Process was announced last year when the UK and France, alongside major tech companies like Google, Microsoft, and Meta, issued a joint statement acknowledging the urgent need for decisive action against the malicious exploitation of cyberespionage tools. At a conference convened by the UK and France with representatives from 35 nations, concerns were raised regarding the proliferation of spyware used to listen to phone calls, steal photos and remotely operate cameras and microphones.
The following launch of this process came after President Joe Biden issued an executive order prohibiting federal agencies from utilizing commercial spyware that might threaten US security or had been exploited by foreign entities. The executive order aimed to tackle the increasing instances of spyware abuse internationally, as well as reports of its improper use against US officials, government infrastructure, and ordinary citizens. In 2021, the Biden administration had also taken steps against spyware vendor NSO Group, founded by two former Israeli military officers, by adding the company to its Entity List.
As part of this consultation, both governments invite stakeholders to provide insights on best practices concerning commercial cyber intrusion capabilities (CCICs) across three key groups:
- States: Acting as both regulators and potential consumers within the CCIC market.
- Industry organizations: Engaged in or connected to the CCIC market, along with their broader value chain.
- Civil society, experts, and threat researchers: Possessing relevant expertise on the risks posed by the CCIC market and the strategies to address them.
Previously, experts had already raised concerns about the Pall Mall Process and its goals, highlighting questions such as whether the initiative will be geographically diverse and include a broad range of countries. Will stakeholders be involved, and will companies providing some of the intrusive tools, in particular, be invited for discussions? What does success look like for this process, and for whom?
To participate in this consultation, please follow this link.
About author
DW Team
The GIP Digital Watch Observatory team, consisting of over 30 digital policy experts from around the world, excels in the fields of research and analysis on digital policy issues. The team is backed by the creative prowess of Creative Lab Diplo and the technical expertise of the Diplo tech team.