However, the company has defended its decision to hire him and even admitted that it knew about his background when it hired him back in 2019.
“We find it deeply regrettable that the news of the past few days regarding Daniel Gericke has created concerns among our users and given some cause to question our commitment to our core values,” the company said in a blog post Thursday. “To be completely clear, as much as we value Daniel’s expertise and how it has helped us to protect customers, we do not condone Project Raven. The surveillance it represents is completely antithetical to our mission.”
But how comforting can these assurances really be when it’s clear that the privacy industry is apparently populated by the same people who run the surveillance industry?
This year, controversies involving the surveillance industry have continued to crop up, one piling on top of another, fueling calls for national and global regulations that can tackle the abuses.
Most notably, outrage was renewed over the abuses of the NSO Group, a notorious Israeli spyware firm that has been known to sell its powerful, device-compromising malware to repressive regimes throughout the world. In July, a number of non-profits and news outlets began publishing stories connected to the “Pegasus Project,” an investigation into the extent to which the company’s malware has been distributed globally. The investigation revealed a trove of some 50,000 “potential targets” of Pegasus which, according to researchers, included the phones of dignitaries and diplomats such as French leader Emmanuel Macron, as well as devices belonging to other presidents, former prime ministers, and the king of Morocco, among others. Even more problematically, just last week Apple announced patches for security flaws that had been seeing Pegasus-related exploitation. The patches applied to some 1.65 billion Apple products, the likes of which had been vulnerable since March.
Despite all this, there may be some hope on the horizon with some indication that regulatory bodies are finally yielding to calls for action.
As example, consider the case of SpyFone—a “stalkerware” firm that critics say has aided “stalkers and domestic abusers” in their quest to surveil victims. The company was recently banned from operation by the Federal Trade Commission—a first of its kind decision that could signal a coming crackdown on the spyware industry overall. FTC Commissioner Rohit Chopra also suggested that law enforcement agencies might consider whether criminal charges were warranted.
However, privacy advocates have suggested that simply banning the occasional company from operation or the occasional prosecution is not going to be enough. Amnesty International, which helped expose NSO abuses, has called for a global moratorium on the sale of spyware products until a “human rights-compliant regulatory framework” can be developed and implemented. Other activists have similarly suggested that all sales should be halted until governments can “investigate and regulate this industry”—the likes of which is poorly understood by lawmakers and everyday people alike.