The United States has passed new legislation that requires the U.S. State Department to disclose how it controls the sale of cyber tools and services abroad, according to Reuters.
Under the new legislation, the U.S. State Department needs to report to Congress within 90 days on how it regulates the spread of cyber tools and what actions it has taken against any companies that violated its policies.
The new reporting directives were a part of the State Department’s 2020 budget bill that President Donald Trump signed into law on Dec. 20.
Why It Matters
The new legislation is following a Reuters investigation that disclosed how American intelligence contractors secretly helped an Arab monarchy to spy on rival leaders and journalists critical of the monarchy.
The Reuters investigation found that a group of former NSA hackers joined Project Raven to help the United Arab Emirates engage in surveillance of other governments, militants, and human rights activists.
Members of the U.S. Congress also found that the State Department granted permission to three companies to assist the Emirati government in surveillance, reported Reuters.
“Just as we regulate the export of missiles and guns to foreign countries, we need to properly supervise the sale of cyber capabilities,” said Dutch Ruppersberger of Maryland, the congressman who drafted the legislation.