Source URL: https://www.wired.com/story/ice-paragon-contract-white-house-review/
Source: Wired
Title: ICE’s $2 Million Contract With a Spyware Vendor Is Under White House Review
Feedly Summary: Immigration and Customs Enforcement’s contract with Paragon Solutions faces scrutiny over whether it complies with the Biden administration’s executive order on spyware, WIRED has learned.
AI Summary and Description: Yes
Summary: The text discusses the pause and compliance review of a $2 million contract between the U.S. Immigration and Customs Enforcement (ICE) and Israeli spyware vendor Paragon Solutions. This marks a pivotal moment in the Biden administration’s scrutiny of spyware usage by government agencies, stemming from an executive order aimed at restricting and regulating the deployment of such technologies in a humane manner.
Detailed Description: The information highlights significant aspects of national security and compliance concerning the use of commercial spyware by government entities, which has widespread implications for privacy, security, and governance frameworks.
– A $2 million contract with Paragon Solutions has been put on hold pending a compliance review by the Biden administration.
– The review is based on Executive Order 14093, aimed at regulating the government’s use of commercial spyware.
– The contract covers a proprietary solution that may include Paragon’s powerful spyware tool, Graphite, which extracts data mainly from cloud backups.
– The Department of Homeland Security (DHS) is leading the review process to determine compliance with the executive order.
– The executive order mandates a robust review process that examines vendor and tool security, counterintelligence risks, and potential improper uses.
– No commercial spyware can be operationally used until a formal review is submitted to the White House or receives consent from the national security advisor.
– The contract’s eventual outcome will depend on whether it meets the requirements set forth in the executive order.
This situation underscores the importance of compliance reviews in the rapidly evolving domain of information security, especially as it pertains to government contracts with commercial entities in the surveillance realm. Security and compliance professionals should note the implications of this executive order on the broader landscape of procurement and usage of sensitive technologies, especially commercial spyware, which is intertwined with privacy concerns and the ethical conduct of governmental operations.