Tech companies should be shielded from spyware lawsuits, report says therecord.media/spyware-s…

Congress should shield tech companies from lawsuits relating to spyware that exploits their platforms or abuses their security infrastructure, a Washington think tank proposes in a new report.

A safe-harbor law would encourage firms to invest in detecting spyware and alerting victims when their devices have been attacked, according to the report from the Atlantic Council.

Apple, Meta and Google have sophisticated threat hunting teams in place and have made spyware findings known to victims and the public. The proposed legislation, the report says, essentially would incentivize the tech industry to continue aggressively rooting out the surveillance tools.

Companies should be eligible for safe harbor if they set up threat notification and detection programs, share information about spyware targeting with researchers and advocacy groups, quickly patch vulnerabilities and provide enhanced security features, the Atlantic Council says.