Google and the U.S. take aim at the spyware industry

The State Department went first, yesterday announcing a visa ban on both individuals who misuse commercial spyware to unlawfully surveil and suppress people like journalists, activists, and members of marginalized groups, and those who sell them the spyware.

“The misuse of commercial spyware threatens privacy and freedoms of expression, peaceful assembly, and association,” Secretary of State Antony Blinken said in a statement. “Such targeting has been linked to arbitrary detentions, forced disappearances, and extrajudicial killings in the most egregious of cases. Additionally, the misuse of these tools presents a security and counterintelligence threat to U.S. personnel.”

This isn’t the Biden administration’s first attack on the industry; it’s already blacklisted Israel’s notorious NSO Group and banned U.S. government agencies from being customers (with exceptions for “extraordinary circumstances”) of spyware vendors known to have supplied abusive users. But, as an unnamed U.S. official told the Financial Times, this ought to sting because “travel to the United States is an important element for those that are involved in the sector and that are involved in technology broadly.”

With A+ timing, Google Threat Analysis Group (TAG) this morning released a report covering the commercial surveillance sector, in which it called out specific vendors—hey there, Variston, Negg, and other players that have mostly avoided the limelight, along with the better-known NSO and Intellexa—and detailed how they do their dirty work.

It goes without saying that the TAG team are particularly irked by exploits affecting Google products, but the report has a broader focus and provides a good view into how the spyware supply chain works, with (some) vulnerability researchers feeding their findings to exploit brokers, who serve spyware vendors and governments. It’s actually a pretty easy read for the most part, and it certainly brings home the impact of the problem.

The report also makes some timely recommendations for the U.S. government, including “setting heightened transparency requirements for the domestic surveillance industry, and setting an example to other governments by reviewing and disclosing its own historical use of these tools.” Good luck with that!

One other interesting thing to note from the Google report: It highlights incidents in which people have been targeted by commercial spyware, in particular NSO’s Pegasus and Intellexa’s Predator, and calls out countries like Mexico, the UAE, and Egypt for their part in these incidents. Time will tell if the U.S. manages to identify the individuals from those countries who were responsible so that it can hit them with visa bans.

More news below, and do also read this entertaining Verge piece on how TikTok creators are responding (creatively, of course) to Universal withdrawing its music from the platform.

David Meyer

Want to send thoughts or suggestions to Data Sheet? Drop a line here.

NEWSWORTHY

Chinese chip progress. The Financial Times reports that Chinese chipmakers are overcoming U.S. efforts to stymie their development, with national giant SMIC set to start producing 5-nanometer, Huawei-designed phone chips later this year. Despite its inability to get the latest chipmaking equipment, SMIC is apparently using its existing U.S. and Dutch gear to do this. Whether it can catch up with more cutting-edge 3nm designs is another matter.

Hello, Neumann. He’s back! Or at least, he wants to be. According to NYT DealBook, Adam Neumann is trying to buy WeWork, the now-bankrupt workspace company he cofounded, via his newer real-estate venture, Flow Global. The deal would be financed by Dan Loeb’s Third Point. However, Flow says WeWork has been refusing to talk.

Bluesky opens up. Bluesky, one of the big contenders to pick up where X-predecessor Twitter left off, is no longer invite-only. The Washington Post explains the importance of this and another major move Bluesky is making today—“a new feature that will let users and organizations begin to develop their own content moderation services, which other users can then subscribe to.”

SIGNIFICANT FIGURES

4%

—The drop in Tesla’s already-battered share price after software giant SAP announced it would no longer buy Tesla vehicles owing to delivery delays and price fluctuations, and Piper Sandler’s trimming of 2024 delivery estimates.

IN CASE YOU MISSED IT

People are wearing Apple Vision Pro headsets while driving Teslas. Fuzzy distracted-driving laws suggest they can get away with it, by Sasha Rogelberg

Sam Altman says ChatGPT ‘should now be much less lazy!’ Users complained it was refusing and ignoring too many prompts, by Sunny Nagpaul

Tesla’s place in the ‘Magnificent Seven’ at risk after Elon Musk’s EV company drops out of the top 10 global megacaps as peers hit record highs, by Christiaan Hetzner

YouTube creators raked in $70 billion in the past 3 years. The video giant just revealed its plan to grow even bigger, by Alexandra Sternlicht

Stripe’s popping off in the secondary markets right now, by Allie Garfinkle

Amazon will soon top Walmart in overall sales, but it still lags the brick-and-mortar retailer in one crucial area, by Jason Del Rey

Tech valuations are at a 10-year low–but optimism should be at a 5-year high despite mass layoffs. Here’s why, by Ryan Hinkle (Commentary)

BEFORE YOU GO

AI reads charred scrolls. Egyptian, Swiss, and American researchers have won the “Vesuvius Challenge”—set up last year by former GitHub CEO Nat Friedman—by successfully using AI to decipher dozens of columns of text from charred scrolls that were buried two millennia ago in Mount Vesuvius’s big eruption.

The Herculaneum scrolls represent one of archaeology’s most notorious problems—some were dug up in the 18^th century, but many of them are basically ash and would fall to pieces if unrolled. Enter the magic of machine learning, which it seems is now capable of virtually unrolling and reading the scrolls. Friedman has now announced new Vesuvius Challenge prizes, in hopes that someone can decipher 85% of one of the scrolls by the end of 2024.