Overtourism issues aside, Barcelona is facing another problem: spyware startups.
TechCrunch reports that Barcelona’s business-friendly policies toward startups has led to an influx of so-called “offensive cybersecurity” companies that develop zero-day attacks and targeted spyware software.
Not surprisingly, the CTO of one such startup, Palm Beach Networks, was a former researcher at NSO Group.
The Spanish do love their spyware!
As unfortunate as this is, I do think that a technological solution is really the only solution when it comes tackling spyware (Obviously unhackable is impossible but the bar can be raised). Even if EU (just as an example) were to ban the development and use of spyware, other countries would continue to develop and use such tools against EU citizens.
The question is how to implement the technological solution. Who is accountable and responsible for creating and deploying those solutions?
People don’t want to work for free, the general population needs protection against those vectors, the government normally can’t be unbiased in the technological implementations, companies have their own interest, so how do we get problems eradicated in a good way in these cases?
The current approach (at least internationally speaking) relates to sanctions and arms control export treaties. Targeted spyware is considered a dual-use technology regulated under the Wassenaar Arrangement, which requires export licenses for international use. Despite this, it doesn’t really prevent illegal usage of these spyware domestically or abroad 
Europe is finally inovative again!