The Trump administration takes one more step to create a surveillance state, initially targeted against foreign-born persons. It is prudent to expect that an enhancement to ICE’s surveillance capabilities will be directed against international students and green card holders as much as against unauthorized persons.

On August 30, the administration signed a purchase order on behalf of ICE to acquire a user license for spyware designed by one of the top spyware companies, Paragon Solutions. The Biden administration made an initial commitment in late 2024, but held up the purchase due to concerns that it would be used unconstitutionally against residents of the United States. And there was also that foreign powers might gain access to the spyware’s use in the U.S. (Go here and here).

To go ahead with the purchase order, the administration had to close out a review of the pending purchase per the Executive Order 14093 (Prohibition on Use by the United States Government of Commercial Spyware That Poses Risks to National Security), effective March 27, 2023.

Nadine Farid Johnson is the policy director at the Knight First Amendment Institute at Columbia University. She posted on August 22 a critique of spyware, which includes concern that individuals have very weak legal recourse to their being victimized by spyware

“Being targeted by spyware affects victims, their families, their employers, and their communities. Unchecked, the use of this technology eliminates vital bulwarks against government power and abuse, degrading civic institutions and thwarting accountability.

Spyware introduces insecurity into digital ecosystems and encourages the exploitation of security vulnerabilities. For example, Pegasus, a suite of software from NSO Group, allows governments and other clients to hack individuals’ cell phones imperceptibly. The company’s program supplies clients with full access to infected devices, including the ability to view and download content, take photos, and record audio. Pegasus can be installed through a “zero-click” exploit, meaning a purchaser can deploy the software remotely and without relying on the targeted user to download it by clicking a link. In continually seeking to overcome security patches, spyware companies like NSO Group—which has admitted to employing a team to study Android devices and applications such as WhatsApp to identify vulnerabilities—undermine cyber defenses and trust.”