AI-powered
podcast player
Listen to all your favourite podcasts with AI-powered features
6min chapter
Mythical beasts, real threats.
Caveat
Navigating the Spyware Landscape
This chapter examines the complexities of the spyware industry, highlighting the documented harms associated with its use and the lack of transparency in the market. It also traces the evolution of spyware technologies, emphasizing the need for regulatory oversight while distinguishing between spyware and stalkerware.
00:00
Transcript
Episode notes
Speaker 3
I think that we have sort of seen from great reporting from Citizen Lab and Amnesty International, as well as plenty of others, the harms and abuses that have come out of the spyware industry. We've also seen from the the EU, I believe it was last summer, maybe two summers ago, it's hard to keep track of time. The Pegasus Committee investigation that was taken underneath of the European Parliament. This project sort of came about by thinking about what spyware is and why it is being misused. we sort of dove into this dual-use technology in the report and talked about both its harms for human rights but also its benefits for national security. Something that we've noticed in the spyware industry in particular is there's just a lack of transparency into what is happening. We framed this approach as mapping the global spyware market because we really wanted to dive into the supply chain of what makes a spyware vendor. And a lot of the time the policy and research conversations have been at the at the vendor level and we wanted to dive in more towards okay who are supplying these capabilities? Who's investing in these capabilities? How do these vendors stand up and seem to dodge at sport controls and sanctions and the like? So that's where the project got its meat and bones from.
Speaker 4
Everything that Jen said, but honestly, the reality is we were very intrigued by the weird names and the mythical names of the vendors and the spywares. Well,
Speaker 2
Natasha, to that point, I mean, I think for me, when I think of spyware, I think I tend to think of the two extremes. There's the giant organizations, or maybe giant is the right word, the notorious organizations like NSO Group, like InteleXa, who make the headlines. But then I also think of the small apps that folks use to keep track on a spouse who they may feel is being unfaithful to them or an abusive spouse trying to keep tabs on someone, extreme ends of the spectrum. But one of the things that was really eyeopening to me, your report was just the breadth of companies that are out there in this business.
Speaker 4
Yeah, that's honestly how we started thinking about this. And then you've hit on a very strong chord of this report. When you say, the big players like the NSO and then try to demarcate with the stock and where, our report does spend a good chunk of time and energy into trying to define what a spyware is. So our specific report does not include stock and where, which is what the second, the other half of the spectrum is what you were mentioning. But we are reported primarily focuses on spyware, which is essentially the type of capability, which does not require any interaction with the app or any interaction with the capability. And also the purpose is intrusion and surveillance. Now, when you talk about stock, where the purposes are different, but then with this pilot, it's the same. And then obviously, as the breadth, as you mentioned, there are big players and also small players. We also wanted to just make sure that we are able to talk about the entire market, which is why when you talk about, oh, there are so many companies. Yes, there are around 435 entities that we are seeing. The entities in our case include the vendors, their branches, their subsidiaries, and also the individuals. So something that was very intriguing to us was, not just the companies, but also the individuals involved in this entire market. Jen,
Speaker 2
I'm curious, you know, I think we think about the current players here in this market, but there's quite a history here. I mean, this goes back is it fair to say these sorts of things reach back decades? Yeah.
Speaker 3
Our report actually highlights the ecosystem from 1992 to 2023. Our oldest vendor observed is RCS Labs based in Italy. We stopped the dataset in the collection in 2023 because we didn't want to make an assumption that all of these vendors would be operational through 2024. I think that we have seen some disruption of activity. Sanctions Part 2 on the InteleXa Consortium that came out from the US Treasury Department just this week. So we are trying to encapsulate not only that 30 years of history, but really stay apprised of in what years are we seeing activity in both spike up and drop off. And that's something that's really cool that our project, particularly the interactive graphic does, is it'll give you a year by year sort of snapshot of where this market is and how many actors or entities are involved, whether it be individuals, partners, holding companies, or the vendors themselves. So you can really customize this tool to, if you're a researcher or a policymaker, to be whatever you want it to be, you can sort by jurisdiction, you can sort by a different vendor, you can look at it where the investors are primarily based, you can see what the market looked like in 2020 versus 2023, depending on what your individual interests are and what you're trying to achieve. And the reason we built that much nuance into this is because there's a transparency issue in this market. And we wanted to just shed as much light as we could find in the open source and serve as sort of a one-stop shop data point for policymakers and researchers alike.
Get the Snipd
podcast app
Unlock the knowledge in podcasts with the podcast player of the future.
AI-powered
Discover
highlights
Listen to the best highlights from the podcasts you love and dive into the full episode
Save any
moment
Hear something you like? Tap your headphones to save it with AI-generated key takeaways
Share
& Export
Send highlights to Twitter, WhatsApp or export them to Notion, Readwise & more
AI-powered
podcast player
Listen to all your favourite podcasts with AI-powered features
Discover
highlights
Listen to the best highlights from the podcasts you love and dive into the full episode
More snips
#800: Ev Williams — The Art of Pivoting (e.g., Odeo to Twitter), Strategic Quitting, The Dangers of Premature Scaling, Must-Read Books, and More
Financial Insights and the Role of AI in Education
02:05
#459 – DeepSeek, China, OpenAI, NVIDIA, xAI, TSMC, Stargate, and AI Megaclusters
The Bitter Lesson of Deep Learning
02:00
Ravi Gupta - AI or Die - [Invest Like the Best, EP.411]
Prioritize Customer Time Over Internal Matters
00:58