IGF 2022 WS #501 Spyware Industry, human rights, and the Internet ecosystem

Thursday, 1st December, 2022 (12:00 UTC) - Thursday, 1st December, 2022 (13:00 UTC)
Large Briefing Room

Organizer 1: Civil Society, Latin American and Caribbean Group (GRULAC)
Organizer 2: Civil Society, Latin American and Caribbean Group (GRULAC)
Organizer 3: Civil Society, Latin American and Caribbean Group (GRULAC)
Organizer 4: Civil Society, Latin American and Caribbean Group (GRULAC)

Speaker 1: David Kaye, Civil Society, Western European and Others Group (WEOG)
Speaker 2: André Ramiro, Civil Society, Latin American and Caribbean Group (GRULAC)
Speaker 3: Jeanette Hofman, Technical Community, Eastern European Group


Round Table - Circle - 60 Min

Policy Question(s)

What are the principles concerning user’s rights - such as privacy and data protection, freedom of expression and physical integrity - that States should respond to when evaluating the necessity and proportionality for the use of spywares within law enforcement activities? Is it possible to regulate ‘governmental hacking’ and the spyware industry, including development, importation and exportation aspects? If so, how to achieve this result? What is the role of civil society, academia, the private and public sectors in the governance of such spyware industries?

Connection with previous Messages: Our proposal builds on several messages from IGF 2021, specially those from Economic and and Social Inclusion, and Human Rights, on one hand, and Trust, Security, and Stability, on the other hand. On the former group of messages, our proposal seeks to advance the debate on the protection and enforcement of human rights, qualifying a possible regulation approach towards industry that have repeatedly violated human rights worldwide through partnerships between private and state actors, instead of protecting those rights. Therefore, one of the questions we raise encompass the possibility of moratorium or ban of the spyware industry. We also would like to advance the conversation about the legally binding agreements on technology and human rights, as our subject is defined by the violation of those rights by the development and employment of intrusive technologies. On the other side, the employment of those cyberweapons are undermining trust, security and stability of the internet. There are several cases of these weapons being used by state to damage infrastructures of adversaries, steal sensitive information and persecute journalists, activists, minorities, and political opponents. But these same weapons occasionally are stolen by third-parties and used in malicious ways as happened with the WannaCry Ransomware, which was developed through an exploit developed by the NSA and leaked under their watch, affecting circa 150 countries and causing hundreds millions dollars in damages. Instead of reducing vulnerabilities and improving the internet security and resilience, the spyware industry is making the world less safe, and stable, and sabotaging years of coordinated efforts to build trust on internet. We believe that is vital to tackle this subject in a critical way in order to push forward the messages of Human Rights and the Trust, Security and Stability of the Internet Governance Forum 2021.


9. Industry, Innovation and Infrastructure
16. Peace, Justice and Strong Institutions

Targets: Peace, Justice and strong institutions // Reduced inequalities // Industry, innovation and infrastructure // As argued, the spyware development sector is becoming a pervasive industry, sponsored by states. A primary ripple effect of such dynamics is the stockpiling of vulnerabilities and hacking tools by the public sector. The media and non-governmental entities are reporting frequently how such tools and information are leaking from government hands and being used by malicious actors worldwide. In parallel, government representatives override the necessary security and impact assessment protocols and break security systems, bringing a second ripple effect of distributing vulnerabilities that permits mass surveillance and damage critical infrastructures important to entire populations. The Industry, Innovation and Infrastructure SDG should serve as a starting point to analyze the spyware industry. The industry of exploitations of vulnerabilities is posing a variety of challenges in terms of due process and prosecution. Law enforcement agencies not only in authoritarian, but also in democratic regimes build cases under evidence collected via spywares, non-consented data extraction and remote access to personal devices. Mostly, they don’t comply with transparency and accountability rules necessary to guarantee full defense and a fair trial. The status quo of spyware phenomena is far from complying with the integrity and legitimacy of evidence. At the same time, surveillance activities towards civil society provoke deep chilling effects that diminish freedom of expression and, as result, brings very notable harm to Peace, Justice and Strong Institutions. Notably in countries in development, such as in Latin America, Middle East, and Africa, inequalities are restlessly addressed by non-governmental organizations and investigative media. As we have been seeing, those are precisely the regions where targets of the use of spywares by state agencies have been most reported. Those techniques, without prior regulation and broad multi stakeholder debate, deepen historical injustices. That’s why addressing the subject is extremely important regarding actions to Reduce Inequalities.


The spyware industry has received some attention in past years, especially the Israeli company NSO Group, due to their cyberweapon Pegasus, capable of remotely accessing mobile devices with a 0-click technique. However, this industry goes beyond this sole actor and encompasses several companies, rogue hackers groups and states worldwide. The latter, as a result, can act as sponsors or even developers of exploitation techniques, opening a broad margin to misuse against civil society and resulting in security breaches. For example, NSO Group’s official version stated that the Pegasus were sold to combat terrorism and organized crime, nevertheless, despite this narrative, what we’ve seen is the political persecution of journalists and human rights defenders by authoritarian states and the use of such cyberweapons as a diplomatic asset of countries such as Israel. Only after revelations of hacking against citizens of Global North, some action began to take place, such as the blacklisting of NSO Group by the US government last year. However, the industry is still working, spreading, and threatening human rights and Internet security ecosystems worldwide. In the proposed workshop, we invite security specialists, activists, and public sector representatives to discuss the threats to human rights and fundamental freedoms made possible by the industry of spywares, but also to ask how we can go further and address possible regulation models or moratorium measures.

Expected Outcomes

We hope to interview each participant in the days before and after the event to explore in depth their points of view about the subject matter and in the following days publishing it in our organisation blog. In parallel, in the early days after the panel, a policy paper with the aggregation of the panel’s discussions and points of conflicts and convergence will be published. Elaborated by the workshop's organization team, the policy paper aims to rapidly offer a ground to stimulate the continuity of the theoretical and policy discussions and practical actions. To achieve that goal, the policy paper will contain a synthesis of the discussion and the main recommendations suggested on the session directed to specific sectors or to the general public. The document will also aggregate images of the clouds formed prior and during the session as well as the polls raised during the session and their results. Following the policy paper publication, a event will be organized by the team to assess the pervasiveness of subject in Latin America and Caribbean and build a consensus on methods to tackle the challenges the region faces in this area.

Hybrid Format: - How will you facilitate interaction between onsite and online speakers and attendees? We will gather groups of questions through similarity and give time to speakers to answer, but also give space to attendees give share their thoughts and advance the discussion - How will you design the session to ensure the best possible experience for online and onsite participants? We will share tools that onsite and online participants can join together, and take part in the activity. - Please note any complementary online tools/platforms you plan to use to increase participation and interaction during the session. We will use some tools to gather inputs and contributions from attendees, such as word clouds and short polls.

Online Participation


Usage of IGF Official Tool.