404 Accountability not found: Spyware accountability through software liability

Cybersecurity United Kingdom United States and Canada

Report September 30, 2025 • 6:00 am ET

404 Accountability not found: Spyware accountability through software liability

Executive summary
Introduction
Obstacles to accountability
Overcoming accountability obstacles
Shifting responsibility with products liability for software
Conclusion
Acknowledgements
About the authors

Executive summary

The global spyware market enables human rights harms and amplifies national security risks. Despite mounting awareness of spyware abuses and repeated efforts to pursue accountability through litigation, existing legal avenues to accountability have proven inadequate at delivering justice or compensation for affected individuals.

This report identifies four obstacles that frustrate accountability efforts: limited awareness among targeted individuals of their compromise, the intentional obscurity of spyware vendors that engage in name changes and jurisdictional arbitrage, difficulties establishing proper legal jurisdiction, and risks of exposing valuable threat intelligence during litigation proceedings.

Technology companies operating messaging platforms and mobile operating systems possess unique capabilities that position them as essential actors in accountability efforts. These capabilities include unmatched technical insights for detecting and attributing spyware infections, established relationships with users that facilitate threat notifications, exclusive ability to patch vulnerabilities and secure products against exploitation, and resources to develop opt-in enhanced security features for high-risk users.

This report proposes a legislative safe harbor framework that would incentivize technology companies to engage in spyware accountability by shielding compliant firms from litigation related to software insecurity, including potential products liability claims. Under this framework, companies would qualify for protection by meeting standards of behavior including comprehensive threat notification and detection programs, responsible information sharing with researchers and advocacy organizations, provision of enhanced security features, and rapid remediation of identified vulnerabilities. This approach recognizes both the heightened threat environment companies face when defending against state-sponsored actors and the rapidly evolving nature of spyware capabilities that requires flexible regulatory responses.

By aligning incentives to reward proactive security measures rather than penalizing failures, this safe harbor structure could incentivize prevention and protection for spyware while complementing existing accountability approaches. The framework acknowledges that perfect security against well-resourced, nation-backed actors is not technically feasible or economically reasonable, but encourages meaningful investment in best practices that have proven effective in mitigating spyware harms.

Introduction

Spyware is a type of malicious software that facilitates unauthorized remote access to an internet-enabled target device for purposes of surveillance or data extraction.¹ More than 80 countries are reported to have procured spyware and used it against individuals.² In some cases, states have used spyware for intelligence and law enforcement purposes. In many cases, targets include journalists, political opposition, lawyers, academics, ethnic or religious minorities, businesses, and activists.³ Spyware vendors are entities that develop, support, and sell spyware to end users.⁴ Often, resellers, brokers, and intermediaries play a role in connecting vendors to customers, including government customers.⁵ While vendors may have varying degrees of control over the use of their spyware tools after purchase, at least some vendors are responsible for the installation, delivery, and continued operation of spyware capabilities.⁶

Despite repeated efforts, court action has offered limited recourse to affected individuals pursuing accountability from spyware harms. Through the pursuit of court action, individuals often seek compensation for the harms of spyware that they have suffered and to prevent similar harms to others. Alarmingly, according to a tracker of spyware-related litigation maintained by Citizen Lab no case in the United States or the United Kingdom brought by victims has achieved final resolution against a spyware vendor.⁷ By contrast, technology companies have seen slightly greater success in lawsuits against spyware vendors, seeking justice for the harms of spyware suffered by their businesses and seeking to prevent further harm from spyware companies to themselves and their customers. WhatsApp’s case against NSO Group achieved an eye-popping $167 million judgement from a jury in the Northern District of California, but as of September 2025, litigation in the matter is ongoing.⁸ Cases against spyware vendors take years—WhatsApp’s decision in May is the result of a suit originally filed in October 2019.⁹ Meanwhile, spyware vendors continue to emerge and evolve, perpetuating abuses against individuals and developing new exploits against messaging apps, mobile operating systems, and other popular consumer products.¹⁰

Efforts to constrain spyware’s impact include multilateral efforts to counter the proliferation of offensive cyber capabilities, visa bans on individuals involved in the development and sale of spyware, and investigations into previous spyware use.¹¹ Recognizing the importance of international coordination and deconfliction to the success of any spyware accountability effort, the scope of this report’s includes avenues towards spyware accountability through liability in both the United States and the United Kingdom. The two countries share somewhat compatible legal systems and host a significant number of the technology companies relevant to this spyware accountability framework. The two jurisdictions already host important legal cases related to spyware accountability.

Individuals affected by spyware have brought lawsuits in the United Kingdom and the United States against both spyware vendors and states using spyware, which has created a notable fork in jurisprudence between the two jurisdictions. In the United States, foreign states retain sovereign immunity in civil suits except under a specific set of circumstances outlined in the Foreign Sovereign Immunities Act.¹² In a case involving Ethiopia’s use of the FinSpy spyware tool, the US District Court for the District of Columbia ruled that sovereign immunity prevented a suit brought by a US citizen residing in Maryland against the government of Ethiopia.¹³ In the WhatsApp case against NSO Group, the US Court of Appeals for the Ninth Circuit held, and the Supreme Court declined to overturn, that sovereign immunity does not extend to NSO Group, even though the spyware vendor claimed to be acting as an agent of a foreign state.¹⁴ Meanwhile, in the United Kingdom, courts have allowed cases against foreign states involving the use of spyware by Bahrain, Saudi Arabia, and the United Arab Emirates to proceed.¹⁵ Taking into account the different approaches to cases against foreign states between the United States and the United Kingdom, the authors explore a policy solution that would be feasible in both countries, focusing on accountability for spyware vendors rather than state customers and perpetrators.

This piece examines obstacles to accountability, discussing why legal actions against spyware vendors have achieved limited results in compensating victims, imposing costs on spyware vendors, and creating deterrent effects. Spyware vendors engage in practices that frustrate paths to accountability, such as shifting identities, opaque corporate structures, and movement between jurisdictions. Individual victims of spyware, especially when targeted by powerful and well-resourced states, face steep costs in pursing legal recourse against spyware vendors and procedural challenges in showing causation and fault. In addition to the cost of litigation, individuals can suffer physical, financial, or other retaliation against themselves or their affiliates, including family, friends, colleagues, and healthcare providers.¹⁶ On the other hand, technology companies can be disincentivized from litigation, as lawsuits against vendors are slow, difficult, expensive, and in some cases, could require exposure of detection techniques or sensitive design information and practices. This exposure could pose wider risks to the security and integrity of software products, while ultimately insufficiently discouraging vendors from engaging in the development and sale of spyware.¹⁷

The authors posit that technology companies have an essential role in the pursuit of accountability for spyware harms and abuse. Technology companies can provide technical insights, facilitate interactions with affected individuals, secure software, and provide opt-in enhanced security features to protect the most vulnerable users of messaging platforms and mobile devices. These capabilities can assist advocacy groups, civil society organizations, and individuals targeted by spyware in achieving accountability. To incentivize the use of those capabilities, this piece suggests a policy mechanism, a safe harbor, which would reward technology companies that engage in best practices for spyware accountability by shielding them from certain litigation related to spyware’s harms, even when those harms are enabled by security flaws in their products. This safe harbor structure assists with existing challenges within the legal system that frustrate accountability efforts by encouraging technology companies to utilize their existing strengths. This approach would complement and strengthen additional approaches to accountability, while acknowledging the difficulties those approaches must overcome to achieve justice.

Obstacles to accountability

Spyware use harms individuals by targeting their communications, and technology companies, by hijacking their infrastructure and breaching their products. Accountability encompasses incentive structures that discourage harmful behaviors and encourage best practices, as well as mechanisms that deliver justice to affected individuals in the form of compensation for experienced harms.¹⁸ This section will outline four challenges for litigation-based paths to accountability: lack of awareness of targeted individuals, the obscurity of spyware vendors, difficulties establishing jurisdiction, and risks of exposing technical information.

Awareness of targeted individuals

Awareness of spyware use is an essential prerequisite to accountability. Spyware is designed to be undetectable to victims and often can only be detected with advanced forensic analysis. Without knowledge or suspicion of spyware use, individuals whose devices are compromised may be unable to pursue justice or take countermeasures to protect themselves, their contacts, or their communications. In some cases, activists, dissidents, and journalists may be aware of the cybersecurity risks they face due to the nature of their work or their identities. Individuals may be unaware of organizations and resources that could provide support, or fear repercussions for themselves and their contacts if caught contacting or engaging with advocacy organizations or other targeted individuals.

To date, policymakers have focused on responding to incidents where individuals or groups became aware of targeting, particularly when the use of a spyware capability can be attributed to specific actors or spyware vendors. For example, the Pegasus Project, an international investigative journalism initiative that drew attention to spyware vendor NSO Group’s Pegasus spyware tool prompted the creation of a European Parliament committee to examine use of Pegasus and the inclusion of NSO Group on the US Department of Commerce’s Entity List.¹⁹

Awareness of the impacts and harms of spyware has increased over the last few years due to the important actions of civil society investigative work. In high-profile cases such as the campaign against human rights activists, journalists, and lawyers in Mexico, victims and their affected family members have collaborated with research and advocacy groups, including Citizen Lab, Amnesty International, and Access Now, to attribute suspicious text messages to attempts to install NSO Group’s Pegasus on their devices.²⁰ In recent cases, including the use of Paragon’s Graphite against European journalists and either NSO Group or Candiru’s tools against prominent members of civil society in Catalonia, threat notifications from Apple and WhatsApp have prompted forensic investigations from Citizen Lab, which confirmed the presence of spyware.²¹ Without suspicion and subsequent confirmation of spyware use, individuals cannot pursue legal action against spyware vendors.

Obscurity of the spyware market

Another obstacle to accountability for spyware vendors is the obscurity of the spyware market. Prior research including the Atlantic Council’s Mythical Beasts report, which maps the spyware ecosystem and imposes transparency on the market, outlines tactics used by spyware vendors to obfuscate their identities.²² Without attribution of a spyware infection to a specific vendor, litigation cannot achieve accountability from specific vendors for specific harms.²³

As outlined in Mythical Beasts, spyware vendors often change names, in some cases multiple times, to hide their identities and potentially to mitigate the business impacts of negative reporting. For example, the vendor Candiru Ltd changed its names four times in rapid succession from 2016 to 2020 and now operates as Saito Tech Ltd.²⁴ Figure 1 highlights various entities within the spyware market that have changed names. Without consistent naming conventions and legal records, civil society organizations, targeted individuals, and corporations are often unable to pin down responsible entities and individuals, which enables them to act with impunity.

Spyware vendors also engage in corporate restructuring, including opening branches, procuring subsidiaries, developing strategic partnerships, or creating supplier relationships, which can make it difficult to attribute spyware incidents to specific entities.²⁵ In depositions from the WhatsApp case against NSO Group, an individual working for Q Cyber Technologies, part of NSO Group, noted that there was no practical difference between employees of NSO Group and Q Cyber, despite legal distinctions between the companies.²⁶

Spyware vendors engage in strategic jurisdiction hopping, often in conjunction with corporate restructuring tactics, to evade accountability and allow for the promotion and sale of their products in other countries, enabling them to take advantage of more permissible legal environments.²⁷ Figure 2 highlights the cross-jurisdictional connections present across a sample of the spyware market.

Figure 1: Name changes for entities studied in Mythical Beasts project (1992-2023).²⁸

Figure 2: Entities in the Mythical Beasts dataset that cross jurisdictional boundaries.²⁹

Difficulties establishing jurisdiction

Suits against spyware vendors also face the obstacles of finding an appropriate venue. In a lawsuit against a spyware vendor, relevant physical locations can be both varied and difficult to determine. It is a considerable challenge to verify the corporate nationality or countries of activity of the spyware vendor, the location of the targeted devices, the citizenship and residence of the targeted individual, the locations of the company and computing infrastructure providing the technology product targeted by the spyware, and the legal status of the purchaser of the spyware tool. The distributed, decentralized nature of the harms in these cases can make it difficult to determine which courts are the correct avenues for claims against spyware vendors and, therefore, have jurisdiction to hear a case.

In practice, several high-profile lawsuits have not overcome the jurisdiction hurdle. The widow of assassinated Washington Post journalist Jamal Khashoggi’s suit against NSO Group was dismissed by the US Court of Appeals for the Fourth Circuit due to a lack of personal jurisdiction over the defendant in Virginia in May 2025, despite the argument that spyware was used against the widow while she was in Virginia.³⁰ A case in California, brought by El Salvadoran journalists against NSO Group, was also dismissed but will be reconsidered after an appeals court found in July 2025 that the dismissal did not fully evaluate the relevant forum choice considerations.³¹ The WhatsApp case overcame jurisdictional barriers in part because the case involved US citizens and residents, and in part because the court relied upon WhatsApp’s evidence that “Pegasus code was sent through plaintiff’s California-based servers forty-three times during the relevant time period.”³²

Spyware vendors have also invoked sovereign immunity as a defense, claiming that their role as agents of foreign governments shields them from legal action in US courts. The Supreme Court denied NSO Group’s petition to hear their sovereign immunity defense, allowing the Ninth Circuit’s decision to stand— that NSO is not entitled to sovereign immunity—in agreement with an amicus brief from the Justice and State Departments.³³ In the United Kingdom courts have gone further, determining that even foreign states are not immune from litigation and allowing cases against Saudi Arabia for the use of NSO Group’s spyware and Bahrain for the use of Gamma Group’s spyware.³⁴

Clearing the bar of establishing jurisdiction is one obstacle that has plagued recent spyware cases in the United States. As jurisdiction must be established before a court can hear the merits of a case, lurking behind jurisdictional concerns may be a number of other legal difficulties.

Exposure of attribution information

Another obstacle to successful litigation against spyware vendors is the risk of exposing methods of detection and other valuable research sources to spyware vendors. For the purpose of this work, it is sufficient to understand that researchers can “fingerprint” spyware based on technical traces or patterns of behavior of spyware vendors, enabling attribution of spyware infections to specific vendors or spyware tools.³⁵ However, public disclosure of that information can risk alerting spyware vendors to the details upon which researchers rely to detect spyware infections and infrastructure, allowing for the adoption of new tactics, and thus enabling vendors to keep their tools one step ahead of targeted individuals.³⁶ In September 2024, Apple dropped an ongoing lawsuit against NSO Group, citing its preference to avoid the risk of exposing threat intelligence and detection capabilities during litigation.³⁷ This illustrates a tradeoff between the benefits of public disclosure of indicators and the risks of alerting spyware vendors to detected techniques.³⁸

Researchers and technology companies can choose to divulge details to inform and protect the public, exposing information like domain names, email addresses, and process names that spyware vendors use.³⁹ This disclosure often prompts spyware vendors to shift to new infrastructure configurations in order to avoid detection and attribution.⁴⁰ Maintaining the secrecy of certain technical indicators of spyware infections can also enable the attribution of future attacks, as a Citizen Lab report on FORCEDENTRY indicates.⁴¹

Spyware vendors have proven that they can bounce back from the public exposure of their infrastructure and continue to operate, as was the case with the Intellexa Consortium. In at least three instances beginning in 2023, Intellexa Consortium’s infrastructure was exposed by civil society researchers at Amnesty International, Recorded Future’s Insikt Group, and Sekoia, resulting in an internal takedown of their infrastructure, which impacted the consortium’s ability to deploy or maintain infections, and was compounded by US Department of Treasury sanctions on members of the Intellexa Consortium in 2024.⁴² Despite these efforts by civil society, the private sector, and the US government, the Intellexa Consortium adapted and rebuilt its exposed infrastructure at an alarming speed.⁴³ According to Recorded Future, the Intellexa Consortium continues to operate in 2025.⁴⁴

Overcoming accountability obstacles

While litigation and other accountability action that technology companies such as Apple (iMessage, iPhone), Google (Android), and Meta (WhatsApp) pursue are not immune from the aforementioned obstacles, these companies have unique capabilities with which to push back against the risks and harms of spyware and to overcome those obstacles. Technology companies’ litigation and preventative action do not necessarily involve direct victim compensation or justice for previous harms, but can act as an important preventative measure for future harms of spyware, complementing other approaches to accountability. Four essential capabilities of technology companies will be discussed in this section: unmatched technical insights and awareness, preexisting user relationships, the ability to directly secure products from spyware, and the ability to offer opt-in security features.

Technical insights and awareness

As developers, maintainers, and sellers of technology products, technology companies are best situated to identify and make sense of technical signals of spyware abuse. As the manufacturers of devices, companies like Apple shape the use of their products through both the development of operating systems and choices about third-party access to devices, including what applications are available on app stores.⁴⁵ Apple cites its closed ecosystem as a security benefit, highlighting controls that prevent developers from accessing sensitive user data without permission.⁴⁶ Advanced spyware tools, such as zero-click exploits, overcome the security controls that operating system and messaging platform developers promote.⁴⁷

Technology companies also have visibility across campaigns through the infrastructure they operate to deliver services. According to a 2021 Apple complaint, the technology firm determined that NSO Group obtained more than one hundred Apple IDs and stored an encrypted Pegasus payload on iCloud servers as part of executing the spyware.⁴⁸ Companies whose products are not directly targeted by spyware might also have useful information and the ability to intervene, as illustrated by  Amazon Web Services (AWS) shutting down NSO Group’s access to the firm’s cloud content delivery network service in 2021.⁴⁹ Companies can utilize these technical insights directly, eliminating infrastructure access or as evidence in litigation against spyware vendors, or share them with members of civil society and targeted individuals who are pursuing accountability.

Ease of notification

Technology companies with consumer-facing products already have relationships with affected victims, making the task of threat notification easier than alternative approaches. Instead of relying on emails or text messages from third-party sources, which to individuals could resemble either spam or further attempts to infect their devices with spyware, companies like Apple, Meta, and Google have multiple options to privately and proactively communicate with affected individuals in a way that is distinguishable from a third-party source. As developers, technology companies have the unique ability to push notifications directly to users via banners, settings, or account menus, or dedicated security pages within an app, operating system, or messaging platform. The reinforcement of notifications across email, text, and push notifications or via banners on user’s settings pages, as well as more specialized features like security check-up pages, all allow users to distinguish threat notifications from spam or third-party harassment.

In the past, technology companies including Meta, Apple, and Google have used several of these methods to notify individuals of the likely use of spyware against their devices or communications.⁵⁰ The further use of this capability could improve awareness of exposure to the risks of spyware, prompting follow-on accountability actions.

Hardening products against spyware

Technology companies can take another important step toward combatting spyware: directly securing their products. Spyware tools exploit vulnerabilities or misconfigurations in software which, while technically challenging to avoid, detect, or remedy, depend almost entirely on the development decisions and practices of technology companies. Chained-together vulnerabilities, which comprise a zero-click exploit, can only be conclusively stamped out with a patch issued by the organization responsible for the product or device. In the case of FORCEDENTRY, a NSO Group exploit targeting Apple’s image library, Citizen Lab discovered an artifact on an infected phone, which the researchers then forwarded to Apple for analysis and remediation.⁵¹ In response, Apple promptly issued a patch and notified customers via a security update.⁵² In that case and several others, Apple’s security team deserves praise for both their efforts to remediate the underlying vulnerability and the speed of their response. Unfortunately, if a company responsible for an operating system or messaging platform chose not to behave as Apple did in this case, targeted individuals and researchers would have minimal leverage to incentivize other behavior.

Offering additional security features

Consumers choose the platforms, apps and operating systems they use, but with a few notable exceptions, they do not possess the ability to adjust design and root functionality of their devices to protect themselves from spyware. However, technology companies can offer opt-in security features, which may prevent the use of certain device features, but ultimately provide stronger security. Since 2022, Apple has offered Lockdown Mode, which restricts certain functionality on Apple devices in exchange for heightened protections from spyware.⁵³ As part of its bug bounty program, Apple has also doubled payouts to researchers identifying vulnerabilities that affect devices in Lockdown Mode.⁵⁴ Google offers a free Advanced Protection Program for Google Accounts, which requires the use of a passkey or security key, provides additional warnings for downloads, and enables other optional security settings.⁵⁵ Advocacy organizations and researchers, including Citizen Lab and Amnesty International, have endorsed these optional features. Only the companies that provide these products and services can offer hardened versions, which remain licensed versions of their offerings, highlighting the critical role these companies play in shaping the security ecosystem.

Shifting responsibility with products liability for software

Efforts to achieve spyware accountability have focused on justice delivered through the courts and litigation. An adjacent policy debate around the challenge of redistributing responsibility for software insecurity has resulted in proposals to apply the legal scheme of common law products liability to software. This section provides an overview of the legal basis for proposals aimed at shifting incentives in the private sector for software insecurity, and explores the advantages and disadvantages of such a structure for spyware accountability. The authors also offer a proposal for a legislative safe harbor structure, which if implemented, could reshape incentives for technology companies to assist in the pursuit of accountability for spyware. The structure would have several essential features, as outlined in the table below.

Figure 3: Essential characteristics of proposed safe harbor structure

Software liability 101

The core premise of software liability proposals is straightforward: the costs of software failures are poorly distributed, with customers bearing the costs of security failures while vendors face little incentive to invest in security. Advocates argue that the market for software security is misaligned, with too little cost attached to the sale of insecure software products and services, while opponents argue that the result of this proposal would be to impose too heavy of a burden on software companies.⁵⁶ However, the legal concepts underpinning these proposals are anything but straightforward and assessing such proposals can require fluency with both case law and complex legal theories. This section is not intended as a comprehensive overview of all proposals related to applying products liability to software; for a more detailed exploration of such proposals, refer to the Cyber Statecraft Initiative’s Design Questions in the Software Liability Debate report and the Lawfare Institute’s series on this topic, which features research by Atlantic Council fellow Chinmayi Sharma.⁵⁷

Products liability is a subset of tort law. For the purposes of this brief, it is sufficient to understand that litigation involving torts does not require government intervention to enforce but grants victims the right to sue and receive compensation for harms suffered.⁵⁸ Two main obstacles explain the lack of successful products liability cases against software vendors for insecure software at present. Defining software as a product, and thus eligible for a products liability framework, is difficult because software is legally treated as text or an intangible product governed by copyright and licensing regimes.⁵⁹ The economic loss rule prevents litigation for solely economic harms under tort law, which would be a barrier to any litigation that does not involve physical damage.⁶⁰ Proposals for products liability regimes designed to address insecure software often refer both to standards of care and safe harbors.⁶¹ The critical point is that, in the context of these proposals, standards of care define acceptable and reasonable conduct by software developers and manufacturers, while safe harbors provide protection from litigation to entities that comply with certain, specified practices.⁶²

Several legislative proposals have emerged over the last few years to create a statutory federal products liability regime for software in the United States. The Cyberspace Solarium Commission proposal for applying liability to software suggests creating a standard of care for software products that requires companies to patch vulnerabilities within ninety days of discovery or reporting.⁶³ Companies that fail to comply with that standard of care would be liable for economic harms greater than $75,000, physical damage, and harm to physical safety or security, with end users able to sue for damages, court costs, and attorney fees capped at 15 percent of the company’s annual revenue the year prior.⁶⁴

The Biden administration’s proposal for a software liability regime emerged from its National Cybersecurity Strategy (NCS), which argued that “Responsibility must be placed on the stakeholders most capable of taking action to prevent bad outcomes, not on the end users that often bear the consequences of insecure software.”⁶⁵ The NCS proposal suggested an “adaptable safe harbor framework to shield from liability companies that securely develop and maintain their software products and services,” involving the National Institute of Standard and Technology to inform the codification of secure software development standards.⁶⁶ A proposal from Jim Dempsey, as part of Lawfare’s Secure by Design paper series, suggests a three-part regime for insecure software liability.⁶⁷ The Dempsey proposal also includes a safe harbor, which would shield developers from liability if they comply with a set of best practices for software security.⁶⁸ Industry groups and trade associations, including the Business Software Alliance in its 2025 Global Software Agenda, have also argued that a safe harbor premised on secure development standards would drive more companies to adopt those standards, strengthening the security of the overall software ecosystem.⁶⁹

A path forward for spyware liability

The use of spyware capabilities against individual mobile devices represents an extreme form of a common security failure, which is the exploitation of insecure software by a malicious actor. In the spyware market, highly motivated and well-resourced threat actors continue to procure vulnerabilities and target individuals with sophisticated capabilities. Even the strictest secure development standards cannot eliminate all vulnerabilities, and under some proposed frameworks of liability, only unpatched vulnerabilities would enable customers to collect damages from companies. However, the spyware ecosystem has several characteristics that complicate the ability of the above proposals to resolve the harms of spyware or realign incentives in the spyware ecosystem.

As discussed previously, obstacles to spyware accountability through litigation—i.e., a lack of awareness of targeted individuals, the intentional obscurity of spyware vendors, difficulties establishing jurisdiction, and the risks of exposing research—complicate the ability of individuals affected by spyware to successfully bring lawsuits addressing the harms of spyware. Rather than expecting a general proposal for applying products liability to resolve the harms of spyware, this report proposes a targeted application of concepts from those proposals to the specifics of the spyware ecosystem. This legislative safe harbor framework could be a component of a broader policy regime designed to shift incentives and responsibility for insecure software, or function as a standalone structure designed to incentivize technology companies to pursue and support spyware accountability.

Three considerations should shape the development of a safe harbor framework, which would shield technology companies from litigation resulting from the application of products liability to software, or related litigation designed to hold software companies to account for the insecurity of their products.

1. Any policy intervention should recognize the heightened threat environment that technology companies face when defending against state-sponsored or affiliated spyware vendors.

Unlike financially motivated cybersecurity incidents, which might principally target well-resourced institutions, spyware often targets journalists, activists, dissidents, and human rights defenders, whose communications and activities are already subject to state scrutiny and repression. As discussed, technology companies possess capabilities to push back against spyware vendors. However, perfect security against well-resourced, nation-backed actors is neither technically feasible nor economically reasonable to expect from private companies that do not have total control over how users operate and use their platforms and systems. Companies can also face backlash from governments as they implement security practices that have the effect of restricting governments, particularly law enforcement agencies, from accessing information of interest or notify individuals of government use of spyware.

2. The rapidly evolving nature of both spyware capabilities and defensive technologies also requires a framework that can adjust to new threats and incorporate emerging best practices.

Adaptability should be built into the framework’s structure rather than requiring legislative amendments for each technological development. Without such flexibility, especially related to the nature of information that can be shared about spyware threats, defenders could quickly find themselves out of step with effective practices for mitigating the harms of spyware. Legislation and regulatory frameworks should not be expected to fully predict the evolution and transformation of an ecosystem as complex as the spyware market, but the historical pace of change within the market suggests that policymakers should anticipate new and different threats to continue to emerge.

3. The nature of the spyware ecosystem requires careful international engagement, as the challenges of spyware are not contained within the borders of the United States.

The involvement of other countries in responding to or perpetuating spyware is a critical consideration for any domestic policy proposal, as other countries could undermine or take advantage of carelessly designed policies. For example, requiring additional reporting or notification to governments globally about the identities of spyware victims or of technical indicators of compromise of spyware could tip off spyware customers to the detection of their spyware use. Policy interventions that create additional requirements and mechanisms for governments to shape the behavior of technology companies could also be abused to compel companies and organizations responsible for the security of messaging platforms and operating systems to disclose further information about customers or end users. As international efforts continue to address the harms of spyware, including the UK and France-led Pall Mall Process, which applies diplomatic levers to constrain the growth of spyware, US engagement in international forums and collaboration with aligned governments will be essential to the effectiveness of any framework designed to deliver spyware accountability.

A Safe Harbor for spyware

In response to the above considerations, this report proposes a spyware-focused safe harbor framework that would incentivize technology companies to engage in best practices for spyware accountability by shielding them from litigation related to spyware’s harms. This would include any future litigation resulting from the application of a products liability standard to software insecurity. The details of the proposed safe harbor are included below and are referenced in the summary table at the beginning of this section.

1. Standards or duties of care that would make a technology company eligible for the safe harbor’s shield should include comprehensive threat notification and detection, information sharing, enhanced security features, and rapid remediation of identified flaws.

Threat notification represents a particularly critical component of this framework. Technology companies that proactively notify users of suspected spyware targeting, provide clear guidance on protective measures, and facilitate connections with relevant support organizations should be shielded from claims related to the initial compromise, and will play a critical role in addressing the challenges of victims’ awareness of spyware infections.

Information sharing with researchers, advocacy organizations, and other technology companies is another crucial area for safe harbor protections. Companies that responsibly share threat intelligence with organizations like Citizen Lab, Amnesty International, and other established research entities should receive liability protections, provided they follow established guidelines for protecting sensitive information and user privacy. This sharing is vital to addressing the challenges presented at the start of the paper, including aiding with visibility of spyware incidents, including enabling investigative research by civil society organizations, and decreasing the obscurity of the spyware market, while respecting companies’ legitimate concerns with exposing sensitive security information to the public.

The framework should also reward companies that offer opt-in enhanced security features, such as Apple’s Lockdown Mode or Google’s Advanced Protection Program. These features require significant development effort and financial resources, including when tied to bug bounty programs. By providing safe harbor protections for companies that invest in developing and maintaining these specialized security offerings, the framework would encourage broader adoption of such protective measures across the industry.

Finally, rapid remediation of vulnerabilities or exploit chains is a step that only technology companies can take to respond to ongoing spyware campaigns. By patching devices and updating messaging platforms, technology companies curb infections and protect users from harm. While developing patches and mitigating flaws should not be rushed—as developers and technology companies must completely evaluate software changes to ensure they completely fix flaws without disrupting functionality—companies should be rewarded for the rapid mobilization of effort that quick patching requires.

2. Eligible harms should include harms resulting from the infection or targeting of devices or software by spyware vendors.

Harms that would trigger application of the safe harbor shield should be limited to those caused by spyware capabilities. Qualifying incidents would involve targeted capabilities, such as the use of zero-day exploits and individual persistent device access, but not general cybersecurity incidents, which are shaped by a wide variety of incentives. As the discussion of applying products liability to software broadly indicates, a host of legal barriers and considerations would shape the implementation of such a regime. To minimize disruption to broader cybersecurity incentives, this safe harbor shield should apply narrowly to harms specific to the spyware ecosystem. However, this would not make this proposal’s tailored proposal incompatible with a broader software liability structure based on products liability, and the implementation of such a safe harbor would not require policymakers to intervene in or decide other debates related to those proposals and broader software security challenges.

3. Eligible technologies and products should include messaging platforms, mobile operating systems, and the companies responsible for the security of those systems or involved in their development and operation.

The safe harbor should apply to technology sectors that are targets of sophisticated spyware tools, particularly messaging platforms like WhatsApp and iMessage, as well as mobile operating systems including iOS and Android. Companies eligible for protection should include primary developers and operators of these platforms, plus entities involved in their security infrastructure such as cloud service providers hosting messaging services or companies providing security services. This scope recognizes that spyware campaigns often exploit vulnerabilities across interconnected systems and that effective defense requires coordination among stakeholders.

4. Compliance with standards should be determined by a government entity outside of the judicial system, which would certify compliance to court entities for the purposes of litigation.

Certification of compliance with standards could be carried out by an independent regulatory agency, such as the FTC, but would occur separately from judicial assessment and adjudication of claims where the safe harbor would be relevant, maintaining important neutrality from policy departments and the legal system while still providing a critical verification role. This would prevent judicial bodies from having to make esoteric technical decisions, while allowing industry and advocacy organizations to offer expertise to guide the definitions and development of best practice standards. The certification of compliance occurring outside of the judicial system could enable such standards to evolve on a regular basis, which would ensure that practices are kept up to date instead of emerging fitfully through a patchwork of case law.

At the federal level, such a framework would require careful coordination across the public and private sector, along with the participation of agencies such as the Cybersecurity and Infrastructure Security Agency, which could act as a host body to advise on the technical standards that companies would need to meet. Implementation of such a framework would require extensive consultation and testing to define effective standards for threat notification programs, information sharing protocols, and enhanced security measures. The cybersecurity community, advocacy organizations, targeted individuals, and technology companies must collaborate to ensure that any resulting standards meaningfully support accountability efforts while remaining technically feasible and economically sustainable.

Conclusion

Spyware and the spyware ecosystem pose significant challenges that will not be resolved with any single policy intervention. The current lack of comprehensive justice or deterrence from litigation-based approaches demonstrates the need for a complementary strategy that leverages the abilities of technology companies to protect individuals from spyware while also supporting other efforts to pursue accountability.

The safe harbor framework proposed in this report offers a targeted approach to realigning incentives within the technology ecosystem. Rather than expecting general products liability proposals to address the specific challenges of spyware abuse, this framework recognizes the distinct characteristics of state-sponsored surveillance tools and the specialized role of technology companies in defending against them. By rewarding companies that invest in threat detection, user notification, information sharing, and enhanced security features, the framework could drive industry-wide improvements in protection for the journalists, activists, and human rights defenders most vulnerable to spyware targeting.

The framework’s success would also depend on careful international coordination. As spyware vendors and their customers operate across jurisdictions, domestic policy interventions risk being undermined by international actors or creating opportunities for abuse by governments seeking additional leverage over technology companies. US engagement in multilateral efforts like the UK and France-led Pall Mall process will be essential to ensuring that accountability measures reinforce rather than conflict with international coordination efforts. US government support of a safe harbor proposal would demonstrate a renewed commitment to constraining spyware’s harms. Such a commitment would give the United States more leverage with which to push back on countries that attempt to limit the ability of technology companies to respond to spyware’s threats and engage in spyware-related abuses, ultimately preserving the ability of American technology companies to defend mobile communications and devices from national security threats.

The proposed safe harbor represents a complementary approach that acknowledges the limitations of existing accountability mechanisms while taking advantage of the demonstrated effectiveness of technology company interventions in recent spyware incidents. Developing and implementing this framework will take time, resources, and sustained commitment from policymakers, industry, and civil society. This is especially relevant in a current political climate where public-private collaboration is headed in the direction of minimizing the compliance burden upon industry, while also pushing companies to secure their products and infrastructure from the outset.

However, given the persistent threat that spyware poses to vulnerable individuals worldwide and the demonstrated inadequacy of existing accountability mechanisms, targeted policy interventions that strengthen the incentives for protective behaviors represent a critical component of a comprehensive accountability strategy. These interventions could be a useful test case for effective public-private collaboration designed to induce companies to take greater responsibility for helping to secure users over the long term. As part of broader international coordination efforts to address spyware proliferation and abuse, a well-designed safe harbor framework could provide meaningful protection for those most at risk while advancing the broader goal of accountability within the spyware ecosystem.

Acknowledgements

This report would not have been possible without the support of the Spyware Accountability Initiative and the pro bono research assistance provided by Christopher Hart and his team at Foley Hoag LLP, Langie Cadesca, Katherine Jung, and Gilleun Kang. Thank you to Nikita Shah and Trey Herr, as well as other colleagues at the Cyber Statecraft Initiative for their support, guidance, and reviews of this research. Thank you to Lisandra Novo and Chinmayi Sharma for their review of a draft of this work. All errors are the authors’ own.

About the Authors

Staff

Sara Ann Brackett

Assistant Director

Cyber Statecraft Initiative

Cybersecurity

Staff

Jen Roberts

Associate Director

Cyber Statecraft Initiative

Cybersecurity French

Explore the Program

The Atlantic Council’s Cyber Statecraft Initiative, part of the Atlantic Council Technology Programs, works at the nexus of geopolitics and cybersecurity to craft strategies to help shape the conduct of statecraft and to better inform and secure users of technology.

learn more

Image: Illustration via Postmodern Studio/Canva and GDJ/Pixabay

Share

Table of Contents

Executive summary

Introduction

Obstacles to accountability

Awareness of targeted individuals

Obscurity of the spyware market

Figure 1: Name changes for entities studied in Mythical Beasts project (1992-2023).28Roberts et al., Mythical Beasts and Where to Find Them.

Figure 2: Entities in the Mythical Beasts dataset that cross jurisdictional boundaries.29Roberts et al., Mythical Beasts and Where to Find Them.

Difficulties establishing jurisdiction

Exposure of attribution information

Overcoming accountability obstacles

Technical insights and awareness

Ease of notification

Hardening products against spyware

Offering additional security features

Shifting responsibility with products liability for software

Figure 3: Essential characteristics of proposed safe harbor structure

Software liability 101

A path forward for spyware liability

1. Any policy intervention should recognize the heightened threat environment that technology companies face when defending against state-sponsored or affiliated spyware vendors.

2. The rapidly evolving nature of both spyware capabilities and defensive technologies also requires a framework that can adjust to new threats and incorporate emerging best practices.

3. The nature of the spyware ecosystem requires careful international engagement, as the challenges of spyware are not contained within the borders of the United States.

A Safe Harbor for spyware

1. Standards or duties of care that would make a technology company eligible for the safe harbor’s shield should include comprehensive threat notification and detection, information sharing, enhanced security features, and rapid remediation of identified flaws.

2. Eligible harms should include harms resulting from the infection or targeting of devices or software by spyware vendors.

3. Eligible technologies and products should include messaging platforms, mobile operating systems, and the companies responsible for the security of those systems or involved in their development and operation.

4. Compliance with standards should be determined by a government entity outside of the judicial system, which would certify compliance to court entities for the purposes of litigation.

Conclusion

Acknowledgements

About the Authors

Sara Ann Brackett

Jen Roberts

Explore the Program

Oops...

It looks like we're having a technical issue.

Figure 1: Name changes for entities studied in Mythical Beasts project (1992-2023).²⁸

Figure 2: Entities in the Mythical Beasts dataset that cross jurisdictional boundaries.²⁹