Apple plans new feature to protect journalists and human rights workers from spyware
It’s one of the biggest steps yet by a major tech firm to combat the lucrative spyware industry, whose tools can break into devices without the victim clicking on anything. It also comes as the Biden administration continues to try to curb the use of spyware.
The new feature, called Lockdown Mode, will let anyone, with a flick of a button, effectively cordon off parts of their iPhone and other devices from avenues of attack, including email attachments and unsolicited FaceTime calls.
The announcement is a recognition that spyware is a global problem that pits the top engineering talent at surveillance firms like NSO Group and tech giants against each other. Spyware makers will likely try to find ways of circumventing Lockdown Mode. To account for that, Apple said it will pay security researchers who report vulnerabilities in the new feature up to $2 million.
From Morocco to Mexico to Singapore, digital forensic experts have uncovered spyware targeting multiple tech platforms — and built by a range of sellers — that was being used to track the movements of human rights workers, embassy workers and other targets. One such target was said to be the wife of a slain Mexican journalist who was investigating drug cartels, according a 2019 investigation by the Citizen Lab, a digital rights research center at the University of Toronto.
“There’s now undeniable evidence … that the mercenary spyware industry is facilitating the spread of authoritarian practices and contributing to massive human rights abuses,” Citizen Lab Director Ron Deibert told journalists this week ahead of the Lockdown Mode announcement.
Apple also said Wednesday that it was giving $10 million to the Dignity and Justice Fund, a grantmaker advised by the Ford Foundation, that will support efforts to investigate and build awareness of spyware. (Deibert is on the advisory board of that grantmaking fund.)
The Biden administration has tried to crack down on the proliferation of spyware by adding NSO Group and Candiru, another Israeli vendor, to a Commerce Department list that restricts US business with the firms.
An NSO Group spokesperson said in a response at the time that once the firm learned of the incident, it “decided to immediately terminate relevant customers’ access to the system, due to the severity of the allegations.” The spokesperson also said it had not received “any indication that NSO’s tools were used in this case.”