In a much welcomed follow-on action to its most aggressive move yet to combat the proliferation of commercial spyware, the U.S. government this week sanctioned five individuals and one entity associated with the Intellexa consortium. This is the second time the U.S. government has used this authority to target commercial spyware companies and the people associated with them. In March of this year, the Office of Foreign Assets Control at the Department of Commerce sanctioned two individuals and five entities associated with the Intellexa consortium. Access Now celebrates and urges additional action to further rein in the unchecked surveillance tech industry.
The Intellexa consortium is infamous for its invasive spyware Predator, which has been used to target civil society members and politicians globally. From Egypt to Greece, Predator spyware has impacted the lives of journalists, activists, and political dissidents, violating their fundamental freedoms and decimating their sense of safety and privacy.
By continuing to slap sanctions on spyware companies and executives, the U.S. extends its historic campaign against nefarious commercial spyware actors who threaten and violate human rights defenders, journalists, and democratic activists around the world. We applaud these sanctions and urge the Biden Administration to continue with the momentum by issuing further visa sanctions and entity listings. We also urge U.S. lawmakers to move to institutionalize these measures.
Last year, the Commerce Department placed Intellexa S.A. in Greece, Intellexa Limited in Ireland, Cytrox AD in North Macedonia, and Cytrox Holdings Crt in Hungary on its Entity List, prohibiting U.S. companies from providing services to Intellexa. These continued sanctions by the Treasury Department’s Office of Foreign Assets Control now block the U.S. property of every individual and entity listed, and bars them from all transactions with the U.S. financial market.
While the U.S. is showing that it is serious about combating the proliferation of commercial spyware, the abuse of spyware is a global issue requiring concerted international effort. We urge signatories of the Joint Statement on Efforts to Counter the Proliferation and Misuse of Commercial Spyware to take the pen on paper and turn it into real action. Moreover, the Intellexa alliance prides itself on being an “EU-based and regulated company,” yet little has been done to curb the threat of abusive commercial spyware to fundamental rights and freedoms. With this new legislative term, the EU has an opportunity to rein in the industry and hold perpetrators accountable. The first and long overdue step is to suspend all marketing and export licenses issued to Intellexa Alliance and its EU entities as well as similar spyware companies until further independent, impartial, and transparent investigations are conducted and their results made public.
As next steps, Access Now recommends that the Biden administration:
- Investigate and levy OFAC sanctions against more individuals and entities tied to spyware companies where there is evidence of enabling human rights abuses;
- Continue to add spyware companies to the Department of Commerce Entity List;
- Levy additional Magnitsky sanctions against notorious spyware companies, such as NSO Group, as called for in this civil society letter;
- Apply the State Department’s existing visa restrictions policy to executives, partners, and investors of spyware companies added to the Entity List, sanctioned by the Treasury Department, or flagged in accordance with the March 2023 executive order; and
- Support U.S. congressional efforts to codify the Biden administration’s executive order into law and empower the U.S. State Department to publicly name individuals sanctioned under Section 212 (a)(3)(C) authority.