Northwest Arkansas Democrat-Gazette
Guardians of the internet galaxy
The internet watchdog Citizen Lab is remarkably effective in calling to account governments and private sector firms that use information technology to imperil others.
Its digital sleuths at the University of Toronto are best known for exposing the abusive hacking of journalists, dissidents and activists with hyper-intrusive spyware from Israel’s NSO Group known as Pegasus.
Citizen Lab also exposes insecure software, such as the app that China created for athletes, journalists and others attending the Winter Olympics.
The Associated Press recently spoke to its director, political scientist Ron Deibert.
You founded Citizen Lab in 2001. How did that happen?
I was doing work on how intelligence agencies use satellite reconnaissance tech for arms control verification. I saw the mixture of tools being used to gather electronic evidence and wondered why something like that could not be done in the public interest. This was all in the back of my mind when the Ford Foundation reached out about a potential project. So I pitched the lab as “counterintelligence for global civil society.” It was hubris at the time. I had no case to make such a claim. But here we are many years later, fulfilling that role.
What do you consider Citizen Lab’s greatest contributions? And is it growing?
We’ve developed a reputation for research that is highly credible, methodical and unbiased. We go where the evidence leads us and are beholden to no one. Our staff of about 25 full-time researchers and a half dozen or so fellows or affiliates are very talented, highly ethical people. Most staffers could be earning 5-6 times more in the private sector. But we can’t grow much. We are a professor’s lab and I need to do due diligence properly.
Disinformation and cybercrime are rampant. Online safety is eroding. It seems we need a Citizen Lab in every country. What are the current challenges?
A lot of people agree the world is heading into a pretty dark period, a kind of descent into authoritarianism coupled with the maladies around social media and Big Tech. We have no end of work. We want to see more Citizen Labs built – they don’t have to be named that! I’d like to see 5-6 each in the U.S. and Europe.
You can’t see governments collectively agreeing to ban abusive spyware. So what can be done about it?
First, investigative journalism will continue to be vital to expose abuses. In the private sector we need tech platforms to better protect their users. Apple and WhatsApp, which have both sued NSO Group, have sent strong signals that they are not going to put up with it. We need governments to act, too, as the Commerce Department did in blacklisting NSO. They can do it with export controls and laws that let individuals sue these companies — and maybe even foreign governments who hire them.