Ireland is considering new legislation to give its law enforcement agencies more surveillance powers, Spyware.

Irish Government announced this week The introduction of the Communications (Interception and Lawful Access) Bill, which would regulate the use of the term of art for so-called lawful interception, surveillance technology, including Spyware Made by such companies Intellexa, NSO GroupAnd Paragon Solutions.

“There is an urgent need for a new legal framework for lawful interception that can be used to tackle serious crime and security threats,” said Jim O’Callaghan, Ireland’s Minister for Justice, Home Affairs and Immigration.

“The new law will also include stronger legal safeguards to provide continued assurance that the use of such powers is necessary and proportionate,” O’Callaghan said.

The main driver of this new law is that Ireland’s existing 1993 legislation governing the use of interception devices predates most modern means of communication, such as messages and calls made through end-to-end encrypted apps. Communications encrypted in this way are usually only accessible when authorities hack a target’s device, either using government-grade spyware or locally. Using forensic technology Like the Celebrity device.

The announcement specifically noted that the new law would “cover all forms of communication, whether encrypted or not” and could be used to obtain both the content and relatedness of the communication. metadata.

The Irish government also promised that these surveillance powers would “come with the necessary privacy, encryption and digital security safeguards” including the need for judicial authorization and use “in specific cases and only where the circumstances meet the test of being necessary and proportionate to address issues related to serious crime or threats to the security of the state.”

There was a lack of concrete announcements on how these new powers would actually work, with legislation still to be written. But there is a specific section that calls for “a new legal basis for the use of covert surveillance software as an alternative means of lawful interception to gain access to electronic devices” — an apparent reference to computer and mobile spyware — citing the need for serious crime investigations.

The State of Spyware in Europe

Ireland’s bid to allow law enforcement agencies to use spyware comes as government spyware continues to proliferate, including across Europe, with recent abuses that have highlighted how spyware has been used to violate human rights.

While most spyware scandals a decade ago were largely confined to countries in the Middle East and South America, where human rights standards vary widely, several cases of spyware abuse have occurred in Europe in recent years, including Greece, Hungary, ItalyAnd Poland.

Nevertheless, spyware has been used in Europe for more than two decades.

In 2004, in what would become the first documented government spyware sale, Italian cybercrime unit Polizia signed its first contract with the Postal Hacking Team, a small cybersecurity startup in Milan at the time, whose name would become synonymous with a data breach that led to the company’s shutdown.

Later in 2007, Jörg Zirkethe, head of Germany’s federal criminal police office, the Bundeskriminalamt (or BKA). told a local magazine That his company was using computer spyware. Then WikiLeaks in 2008 published The existence of Digitask, a company that was selling spyware to German authorities to capture Skype calls.

By 2011, hackers at the German Chaos Computer Club A sample of spyware has been found On a businessman’s computer going through Munich airport customs, they blamed German police. Hackers call the malware Bundestrojaner, which is German for “federal Trojan.”

At the time, these were stories that received little public attention. Years later, when security researchers began documenting the misuse of European-made spyware in Egypt, Ethiopia, Mexico, Morocco, the United Arab Emirates, and many other countries, spyware went mainstream and is now a relatively normal technology.

Although some countries such as Italy have laws to regulate the use of spyware, the European Union has since Attempts have been made to determine common standards For the use of this type of technology in response to scandals on the continent.