Lena Riecke is a PhD candidate at Leiden University’s Institute of Security and Global Affairs. Her research is situated at the intersection of law, intelligence studies, and cybersecurity and focuses on the governance of cyber surveillance technologies, viz., spyware. She holds a BA in Law from the University of Cambridge as well as a LLM in Public International Law from Leiden University.
Double-crossed by Dual-use: Unmasking the Term ‘Dual-use’ in the Discourse on Spyware Export Control
Cyber surveillance technologies (CSTs) have been heralded as tools essential for law-enforcement, counterterrorism, and intelligence efforts in the Twenty-First Century. However, examples abound of the use of CSTs by states, in violation of fundamental human rights, to target politicians, journalists, activists, and other public figures. Against this backdrop, the EU Dual-use Regulation (EU) 2021/821 –setting out the EU export control regime on ‘dual-use’ goods and technologies– was amended in 2021 to include further controls on CSTs, inter alia, defining them as ‘dual-use’ items. What narrative is created by situating spyware within the ‘dual-use’ export control framework? This article contends that ‘dual-use’ is commonly employed as a technical articulator of the risks posed by CSTs and as an indicator of the rationale for their regulation, which conceals the term’s malleability to different export control agendas. In fact, the duality of the term allows for it to be instrumentalized to steer spyware export controls towards security and profit over human rights. Failure to recognize this puts efforts to progress towards stronger human rights protection in CST export control at a risk of being double-crossed by ‘dual-use’. Hence, the time is ripe to unmask how the term is tilted in favour of particular export control agendas.